Home     Enquiry        Knowledge Center   Scenario Need Audit IT Audit Objectives © 2003 HSL InfoSec Pvt. Ltd.   Information Systems (IS) Auditing is the discipline that provides people who wish to rely on a particular information system with an authoritative and objective opinion on the extent to which they can safely rely on that system. An IT auditor therefore needs to be knowledgeable about information systems and audit practices. Scenario         A characteristic of today's organizations is the abundance of information and information systems. Valuation of an organization is based on its intellectual property (in essence, information) and its support technologies. The rapidly changing work environment expects high benefits from information technologies. Company managements demand that information systems measurably demonstrate: Enhancement in quality of output Higher functionality and ease of use Shorter delivery period Ever-improving service levels         Though companies derive great benefits from an effective and updated information system, they do not fully conceive the risks associated with new technologies. Managing the risks to provide cost-effective solutions with the promised quality, reliability and security assumes highest importance. Need         Very often, companies selling IT products or services have to prove that their output matches global hygiene standards. The standards imply an assurance related to the conformity of a development project, delivered to the requirements set. Or, the company may need authorized authentication in terms of quality of the information system or any of its parts.         This authoritative perspective requires specialized skills in inspection, review and audit functions, which may go beyond a company's core competence. It is not feasible either to expect employees to develop the adequate level of competence. Oursourcing the task to an external specialist like HSL InfoSec is a viable option. HSL InfoSec's Certified Information System Auditors can monitor a company's information systems, identify key areas of concern, and suggest improvements. Audit         Auditing is an increasingly critical component of enterprise IT programs. Ensuring compliance with the complex regulations requires a thorough revamp of processes. Furthermore, this increased complexity often clashes with organizations' need to further streamline operations in response to economic pressures.         Information Technology System Audit is conducted to improve stability, effectiveness and efficiency of an Information System. It also plays a supporting role in objective analysis and evaluation of various accompanying risks and limits. Therefore, the definition of Information technology System Audit varies and each country has its own standards and qualifications. IT Audit objectives         The objectives of an information technology system audit can be at any stage of an information system life cycle. This could be Suggestion, Analysis, Designing and Operation. Audit patterns, depending on the sector being audited, can be chosen from IS audit, Applications audit, ERP audit, Access audit, Network audit, Operations audit, Business Process Re-engineering audit and Follow-up audit. Information System audit is increasingly becoming the focal point of the Independent audit, Compliance audit and Operational audits.         Click here to know more about standards, guidelines and procedures for IS auditing, framed by the US-based Information Systems Audit and Control Association.