Info know-how (IT) auditing collects and evaluates information pertaining to an IT infrastructure. An IT audit could increase a monetary audit, however it’s particularly designed to check the IT infrastructure’s accuracy, effectivity, and safety. Although round for the reason that 1960s, IT audits have turn out to be particularly vital within the 21st century, when a lot of a business’s exercise is carried out or assisted electronically.
The primary IT audits had been necessitated by way of electronics in accounting programs. Early computer systems did little greater than that-compute-and the mix of their expense with their terribly slender focus of purposes meant that they had been adopted slowly. Although Normal Electric used a computerized accounting system in 1954, pc use was a extremely specialised talent, and early enter strategies (equivalent to punch playing cards or paper tape) had been tedious to error-check.
With the development of specialised workplace computer systems within the 1960s and the shift towards creating computer systems for individuals who didn’t work on them for a residing, bigger companies started to combine computer systems into a few of their accounting procedures, particularly information storage (equivalent to to maintain monitor of stock or reservations) and dealing with massive quantities of sophisticated data. The primary IT audits had been subsequently digital information processing (EDP) audits, doublechecking the accuracy of the software program programs in use at a business and the info entered into and derived from them 審計.
This led to the development of specialised accounting software program, and in 1968 the American Institute of Licensed Public Accountants helped formalize EDP audits, protecting them on the rigorous requirements employed by monetary audits. The Digital Knowledge Processing Auditors Affiliation (EDPAA) was fashioned shortly thereafter, for the rising variety of accountants who specialised in EDP audits. EDPAA has since (in 1994) modified its named to the Info Programs Audit and Management Affiliation, and publishes CobiT-Management Goals for Info and associated Know-how, the broadly accepted checklist of requirements and aims in IT audits.
IT auditing grew to become particularly prioritized within the aftermath of the Fairness Funding Company of America scandal of 1973, when former EFCA worker Ronald Secrist and analyst Ray Dirks reported that the Los Angeles company-which offered mutual funds and life insurance-was responsible of widespread and arranged accounting fraud. At the least 100 workers since 1964 had been responsible of deceiving traders and the federal government, and that deceit included a pc system dedicated to the forgery of insurance coverage insurance policies for fictitious policyholders.
Figuring out the extent of the fraud, in fact, meant auditing the pc system, in addition to all others in use by the company-a course of that took over two years. Equally, within the wake of the 21st-century accounting scandals, the Sarbanes-Oxley Act of 2002 was handed, establishing stricter requirements for public company boards and public accounting firms-with a larger emphasis on IT audits.
There are 5 classes of IT audits:
Programs and Purposes audits take a look at the enter, output, and processing in any respect ranges of the company’s programs and purposes.
Info Processing Services audits take a look at the management of the processing facility below regular and disruptive situations. Programs Development audits look at the programs below development to ensure that they meet the company’s aims and requirements.
Management of IT and Enterprise Structure audits look at the organizational construction and procedures in use.
Consumer/Server, Telecommunications, Intranets, and Extranets audits give attention to networking points, an space the place there’s specific concern with staying present in safety protocols.
Info know-how adjustments quickly, as does its place within the strategy of doing business. IT auditors, although they might be CPAs, are usually extra versed in data programs, with a common understanding of accounting rules, as a result of the accounting part of their job is the extra static ingredient within the combine, whereas the ramifications, safety considerations, and potential for misuse of know-how are all the time in flux.