Friday, 17 March 2017

Information Technology Audits

An Information Technology Audit examines and evaluates the information system of an organization. Audits can be made to check whether various parameters, like any people, a company, a building, a system or a document that are been used by people is correct. With the help of evidences IT audit states whether the IT controls are safeguarding corporate virtue, ensuring data integrity, confidentiality and availability of data in an IT Infrastructure.

Information Technology Controls
Information Technology controls are used to meet the business goals and objectives. In Information Technology Audit IT controls objectives are almost similar to the availability, confidentiality, and integrity of data in the business enterprise. There are two types of IT controls as follows,

1. ITGC (Information technology general controls)

2. ITAC (Information technology application controls)

IT general controls are used to have control over the information technology environment, access to programs and data, changes in the program, computer operations performed, program change and program development. IT application controls are used to process transaction.

The COBIT Framework
Cobit stands for Control objectives for Information Technology. It is a framework made by International professional association ISACA (Information system audits and control associations) to govern and manage the Information technology. Cobit was promoted by the IT governance institute. 

Cobit was first released in 1996 as COBIT1, by ISACA as a set of control objectives for financial audit. ISACA then released COBIT2 in 1998, and expanded it further with management guidelines in 2000 as COBIT3. Later in 2005 and 2007, COBIT 4.0 and COBIT 4.1 were released respectively with IT governance controls. In 2012, COBIT 5 was released which included functionality of cobit 4.1, Val IT and Risk IT as one framework, which acts as associate framework for enterprise to operate along with other framework and standards.

Conclusion:
Basically, IT audit is evaluation and examination of IT Fundaments, operations and policies for an organisation. Information Technology audit look over whether IT controls safeguards corporate virtue, to ensure sincerity and achieve business goals. COBIT is a set of processes to manage Information Technology, and each processes include process input and output, process objectives and performance measures.

About Author:
Vinita Vaishnav is a consultant in Systems Plus Pvt. Ltd. Within Systems Plus, she actively contributes to the areas of Technology and Information Security. She can be contacted at: vinita.vaishnav@spluspl.com

6 comments:

  1. THANK YOU FOR THE INFORMATION
    PLEASE VISIT US
    Seo Consultant Services













    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. This comment has been removed by the author.

    ReplyDelete
  4. Thanks for sharing this valuable Information | United SMEs
    (https://unitedsmes.in)

    ReplyDelete
  5. Nice blog! Thanks for sharing this informative blog with us. ITGC controls dictate how your organization uses technology, which helps prevent breaches, data theft, and operational disruptions. Call now to use the policy!

    ReplyDelete