1st Edition
IT Auditing The Practitioner's Guide to Reliable Information Automation
More than ever, technology is indispensable to business operations and recordkeeping, so people skilled in computer automation—IT auditors—have become an essential part of the financial audit team.
This book is a comprehensive guide to the IT audit discipline, and to the impact of abstraction on businesses. Developments including Robotic Process Automation (RPA) and artificial intelligence (AI) mean that businesses are moving from a physical world to an abstracted digital world, increasing reliance on systems, their design, their implementation and on those that oversee and maintain these systems—often parties outside the businesses’ control. Though the implications of these shifts go far beyond IT auditing, this book focuses on what IT auditors need to know in this new environment, such as:
• How to understand abstracted services and appropriate internal business controls
• How to evaluate situations where physicality has been replaced by abstracted services
• How to understand and adapt to the impact of abstracted services on objectives, operations, decision-making, and risk management, including changing risk profiles and introducing new risks.
In the wake of the CPA Evolution project, this book will be an essential resource for readers seeking Certified Public Accountant (CPA) certification, as well as for business leaders and risk management professionals who need to understand the benefits and challenges of ever-increasing automation and its concurrent abstraction of physical reality.
Chapter 1: Introduction to IT Auditing. Chapter 2: IT Audit’s Big Questions. Chapter 3: IT Risks and Internal Controls. Chapter 4: Auditing IT Governance. Chapter 5: Auditing IT Management. Chapter 6: Auditing IT Infrastructure. Chapter 7: Auditing Cloud Services. Chapter 8: Enterprise Business Systems (EBS). Chapter 9: Auditing Data. Chapter 10: Auditing IT Resource Acquisition. Chapter 11: Auditing Basic IT Practices. Chapter 12: Auditing IT Service Management. Chapter 13: Auditing IT Assurance, Compliance, and Improvement. Chapter 14: Auditing Cybersecurity. Chapter 15: Conducting IT Audits. Chapter 16: Preparing System and Organization Controls (SOC) Reports. Chapter 17: Modeling – An Essential Audit Skill. Chapter 18: Technology Trends and Their Potential Impact on IT Auditing. Chapter 19: Professional Guidance. Chapter 20: Epilogue – The Unfinishable Chapter
Biography
Jerry Savin is Founder, President, and CEO of Cambridge Technology Consulting Group, Inc., which specializes in Automated Business Software, including assessment, selection, implementation, and troubleshooting, Data Architecture, IT Auditing and Compliance, and Judicial Expert Witness Testimony. Jerry has taught at UCLA Extension for 30+ years, the UCR Graduate School of Business for 10 years, and California State University Northridge for 9 years teaching course in Information Systems, IT Auditing and general IS classes.
