WASIKE B AMOS

CIT-221-123/2012

BIT 4.2

INFORMATION SYSTEM & AUDIT ASSIGNMENT

ASSIGNMENT

1. Explain the difference of each auditor based on auditor types.

 External Auditor- The traditional statutory audit, also known as financial audit or
statutory audit, is carried out by external auditors. The role of an external auditor is to
determine whether the books of accounts have been adequately managed.
 Internal Auditors- Internal auditors are employed by the organizations they audit. These
auditors can review the performance of employees, compliance with company standards
and financial and accounting systems. Internal auditors allow company leaders to be
informed of what is happening within the company and to deal with problems or concerns
in advance.
 Government Auditors- Government auditors are those auditors who review the finances
and practices of federal agencies.
 Tax Auditor- A tax auditor examines the financial statements to see if they are eligible
under the tax laws.

2. Find out standardization of IS auditor profession and which organization issued the
standard.

 The IIA (Institute of Internal Auditors)- The IIA has issued two sets of standards for
internal auditing: International Standards and Interpretations. The International Standards
is internationally applicable and includes basic requirements for professional practice.
The Interpretations clarify concepts within the Statements. This International Standard
was developed by ISO technical committee ISO/TC 164: Internal Auditing and is based
on and also references other International Standards (ISO 19011) and Guides to the
application of ISO 9001, ISO 14001, and OHSAS 18001. The term ‘internal control’ used
 in this standard does not refer to all components of risk management or internal control. It
refers only to those that relate to compliance with legal or regulatory requirements. 
 American Accounting Association- The American Accounting Association (AAA) is an
organization that supports worldwide excellence in accounting education, research, and
practice. The American Accounting Association is the primary professional association
for accounting academics in the United States. The American Accounting Association
was formed in 1916 under the name American Association of University Instructors in
Accounting. The organization assumed its current name in 1936 and remains a voluntary
organization comprised of individuals interested in accounting education and research.
 ISACA (Information System Audit and Control Association)- is an independent,
globally active professional association. It was founded in 1969 as the Information
Systems Audit and Control Association and today operates only under the acronym. The
professional association is intended for auditors, IT auditors, and professionals working
in the areas of IT governance and information security. 

3. On your opinion how importance IT and IS audit for an organization.

 Determines the Current Security Posture

 Determines the need for Change in Policies and Standards
 Protect IT System & Infrastructure against Attacks
 Evaluates the Security of Data Flow
 Verifies Compliance
 Keeps Security Measures Updated
 Effectiveness of Security Training & Awareness
 Formulate New Security Policies & Procedures
 Incident Response Management
 Compliment Infrastructure with IT Security