Information Systems Audit (ISA)

Information systems audit, is an examination of the controls within an Information technology (IT) infrastructure. An IS audit is the process of collecting and evaluating evidence of an organization's information systems, practices, and operations.

IS Audit conducted in accordance with IS audit standards, guidelines and best practices to assist the organization in ensuring that its information technology and business systems are protected and controlled.

Information Systems Audit process consists of the following steps

• Planning
• Define audit objectives and scope
• Evaluation of controls
• Evidence collection
• Evaluation of evidence
• Reporting and follow up

Typical Audit phases include the following

• Audit subject
• Audit objective
• Audit scope & scope freeze
• Pre audit planning
• Audit procedure and steps for data gathering
• Testing and evaluating results
• Audit report preparation
• Post audit review and action taken