IPPF – Practice Guide. Developing the. IT Audit Plan. Global Technology Audit Guide (GTAG) Written in straightforward business language to address a timely. GTAG series serves as a ready resource for chief audit executives on . IT Audit Plan Development Process. . 5. PErforming A riSk ASSESSmEnt. Start studying GTAG Developing the IT Audit Plan: Glossary. Learn vocabulary, terms, and more with flashcards, games, and other study tools.

Author: Mikadal Gogal
Country: Paraguay
Language: English (Spanish)
Genre: Literature
Published (Last): 18 August 2014
Pages: 52
PDF File Size: 17.62 Mb
ePub File Size: 20.71 Mb
ISBN: 448-2-31138-654-5
Downloads: 15286
Price: Free* [*Free Regsitration Required]
Uploader: Kejin

Back Establish and maintain the audit plan for the audit program.

This Control directly supports the implied Control s: Assess the quality of the audit program in regards to its documentation. There are no implementation support Controls.

The internal audit plan should be based on the risk assessment and be approved by the audit committee. The developung plan must be developed based on audit materiality. Audit planning must be updated by the external auditors on a timely basis by assessing improvements in internal controls when changes have occurred or when material weaknesses or control deficiencies are identified.


ITGC – Wikiwand

The audit frequency should be commensurate with the criticality and risk of the IT system or process. International Convergence of Capital Measurement and Capital Standards – A Revised Framework Tin smelters and tungsten smelters initial audits will cover the period from 1 year before the audit.

Specification, Not all audit areas should be reviewed during each audit cycle. The frequency of the audit is based on the likelihood and the impact of risk occurrence in relation to the objectives of the organization.

Developing the IT Audit Plan Organizations or private companies that are not required to comply with Sarbanes-Oxley or other regulations or legislation may wish to develop an audit plan covering the IT universe over two or three years. Management of IT Auditing Auditing periodically is necessary for evaluating the design and effectiveness of the identity and access management IAM system. The frequency of the auditing should be determined during the annual audit planning process arising from the internal audit’s annual risk assessment.


Selecting auditors and conducting the audits must be objective and impartial, and auditors must not audit their own work. If the auditor is performing test procedures that contradict the reason for which the test was based, the auditor should modify the audit procedures that were planned to be executed.

App A Objective 2: App A Objective 6: The audit plan should cover at least 12 months and be approved annually by the audit committee.

The frequency of audits should be based on the results of risk assessments. Pg 11, Exam Tier I Obj 8. Whether internal auditors have expertise or training in funds transfer operations and controls.