ACTIVITY 5-AUDT2

1. What is the objective of an Information System Audit?

- An information system audit's goal is to provide reasonable assurance that an
organization's data processing assets are protected, data integrity is maintained, and
system effectiveness and efficiency are achieved. There are five primary processes to
completing an audit: planning the audit, testing of controls, tests of transactions, tests of
balances or overall results, and audit completion. This report examines how the
organization's nature and use of generalized application software effect the phases'
conduct. The company is a medium-sized vehicle repair shop. A local area network of
three microcomputers running software application packages is used by the
organization. Microcomputers are stationed in various areas to perform various tasks. It
runs well-known, well-tested application software packages provided by a respected
vendor. All of the apps are quite simple.

2. What is Risk Based Audit Framework?

- The Risk Based Audit Framework is a management document that discusses
how risk ideas are included into the plans and procedures used to manage transfer
payments-funded programs. The Risk Based Audit Framework provide background and
profile information on the transfer payment program including the key inherent risk
areas (internal and external) that the program faces, an explicit understanding of the
specific risks that may influence the achievement of the transfer payment program
objectives, a description of existing measures and proposed incremental strategies for
managing specific risks and an explanation of monitoring, recipient auditing, internal
auditing, and reporting practices and procedures.