100% (1)
Pages:
4 pages/≈1100 words
Sources:
3
Style:
APA
Subject:
Technology
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 21.6
Topic:

Technology Auditing

Essay Instructions:
readings and other readings you find interesting, please compose a short (4-5 pages without counting the cover and references) paper on the topic: "How to conduct the best IT and Information Secuirty Audits? How the Maturity Model of COBIT can help an IS Audit?" Below are some questions for you to think about to help you get started: - Clarify the differences between information systems auditing and information secuirity auditing. - Explain the criteria for setting up priorities and scope for auditing - What is COBIT? You can refer to Cobit 4 which is available for free but remember that the latest version is Cobit 5. - How can COBIT help in the IT auditing process? - What is the maturity model used in COBIT? Remember, you do not have to explicitly answer these questions in your assignment. You should think about these questions and then integrate your thoughts into a well-organized paper that answers to the primary question. Case assignment expectations: Your assignment will be graded following these expectations: - Precision: the main questions asked are answered. - Clarity: Your answers are clear and show your good understanding of the topic. - Breadth and depth: The scope covered in your paper is directly related to the questions of the assignment and the learning objectives of the module. - Critical thinking: It is important to read the “required readings” posted in the background material plus others you find relevant. Your paper should include important concepts from these readings and incorporate YOUR reactions and examples that illustrate your reflective judgment and good understanding of the concepts.
Essay Sample Content Preview:

Technology Auditing
Name:
Institution:
To carry out any kind of auditing in Information Technology, is crucial to first understand the ins and the outs of the audit process. This includes having the baseline information of the concepts of controlling a computer in general (Hayes, 2003). It will also require the auditing team to fully understand the impacts that the information systems on the audit environment. As such the main points to run throughout any audit are, understanding the risks and the controls that exist and how to work with them. Information Technology audits revolve around two of the main subjects that form the back backbone of the auditing process (Hayes, 2003). These include; information security and there is the information systems.
When conducting the audits it is crucial to tell the difference between the two. Information systems is a combination of the hardware and the specific softwares that are used to collect filter generate and the distribution of data, all of which are connected to a network (Hayes, 2003). These systems are put up in the bid to help the people by providing the support needed in management, decision making processes and general operations (Bayuk, 2009). Information systems are more of the functionality that they bring to the table than their actual designs and help in controlling the business processes performance. It can be argued that, information systems are like work system, where humans and the machines work together to come up with a certain product. As such this systems work both the data systems and the activity systems to achieve their ultimate functionality. The information systems can vary with a very wide angle, at the office level automation to global level information systems (Bayuk, 2009).
Otherwise, information security is processes and the practices of trying to defend and protect the data that the information systems are handling from unauthorized access. The access can be classified into different classes, such as; modifying, using, disrupting the data, recording it or otherwise destroying the information. It is also important to note that the data being referred to is not in any way limited to the electronic form only but also extends to the physical data as well (Hayes, 2003). These systems are responsible for keeping safe the data that is stored from malicious attacks. It is also the duty of these systems to ensure that the data is not lost in the case of any issues or disturbances that may arise any day. Such issues may be in the form of a fire, floods, and theft of the physical hardware or where the servers experience malfunctions. Today the trend has been storing the data on an online server just in case there are any of the disturbances in play. Other than the actual loss of the data, in some cases such as where the data in question is sensitive, the loss will significantly clamp the privacy of the institution, and with it brings serious consequences (Bayuk, 2009).
Sometimes back there was the fear of computer and machine in general taking away most of the jobs that the humans were doing (Heschl, 2004). At the time sampling techniques were used when auditing computers. Auditors used to collect the manual reports and use calculators to compute their audit results. Information system audit today involves evaluating the information systems to be in a position to assess if they are protecting the integrity of the data stored, or if the systems are working effectively during data transfers. Usually, these audits are perfumed in conjunction with other audits, such as, internal and financial audits. Information security on the other hand is audits that are carried out to determine the security of the information (Heschl, 2004).
The audit process is accomplished through a couple of steps,...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Sign In
Not register? Register Now!