1. Audit Planning Flashcards
(34 cards)
a systematic examination and evaluation of an organization’s IT
infrastructure, policies, and practices.
information system (IS) audit
Goals of An IS Audit: “to ensure that the organization’s ISs are…”
secure, efficient, and aligned with business objectives
By conducting IS audits, organizations can…
identify vulnerabilities, mitigate risks, and improve their
IT governance
a formal document that outlines the purpose, authority, scope, and objectives of an audit department
Audit Charter
True or False: The audit charter doesn’t cover the entire scope of audit activities.
False
An audit charter must be approved by _________________.
senior management
True or False: Frequent changes in the audit charter can create confusion and lack of clarity about the audit function’s role and responsibilities.
True
True or False: procedural aspects should be included in the Audit Charter.
False
True or False: Frequent changes to an Audit Charter can reduce the audit team’s effectiveness.
True
Why is it advisable to not include details that require frequent adjustment? (such as planning, resource allocation, and other details, such as audit fees and expenses)
Because the charter requires the approval of the board/senior management.
True or False: An audit charter should be reviewed at a maximum annually to ensure that it is aligned with business objectives.
False, it should be reviewed at least every year.
An audit charter includes the following: (hint; there are five points)
- The mission, purpose, and objective of the audit function
- The scope of the audit function
- The responsibilities of management
- The responsibilities of internal auditors
- The authorized personnel of the internal audit work
The initial stage of the audit process. It helps to establish the overall audit strategy and the technique to complete the audit.
Audit planning
Audit planning makes the audit process more _________
and ____________oriented.
structured and objective
An inventory of all the functions/processes/units in the organization.
Audit universe
In a qualitative risk assessment, risk is assessed using qualitative
parameters such as ______, _______, and _____.
high, medium, and low.
In a _____________ risk assessment, risk is assessed using numerical
parameters and is quantified
quantitative
These are factors that have an impact on risk
Risk factors
True or False: if a Risk factor is present, then the risk is decreased.
False, Risk factors raise risk
A diagram that shows the structure of an organization and the responsibilities and authorities of various positions and job roles.
An organization chart
An audit plan helps to identify and determine the following: (five points)
- objectives
- scope
- periodicity
- team members
- method
A well-thought-out audit plan helps the auditor do the following: (four points)
- Focus on high-risk areas
- Identify the required resources for the audit
- Estimate a budget for the audit
- Work to a defined structure, which ultimately benefits the auditor as well as the auditee units
The approved audit plan should be communicated promptly to the following groups: (three groups)
- Senior management
- Business functions and other stakeholders
- The internal audit team
a specific audit project conducted as part of the overall annual audit plan.
An individual audit assignment
