Professional Documents
Culture Documents
ACCOUNTING SCHOOL
ACADEMIC REPORT
COURSE:
Comprehensive audit
AUTHOR:
Lizárraga Hernández, Frank Arturo
TEACHER:
Nancy Margot Esquives Chunga
LIMA PERU
2023 – I
2
INDEX
INTRODUCTION.................................................................................................................................3
II. DEVELOPMENT..........................................................................................................................4
Objectives of the Computer Audit.............................................................................................4
Rules and Regulations...............................................................................................................4
IT Audit Procedures....................................................................................................................6
IT Audit Tools..............................................................................................................................6
Stages of the IT Audit Process.................................................................................................7
Results and Conclusions of the Computer Audit....................................................................7
Recommendations and Action Plans.......................................................................................8
REFERENCES......................................................................................................................................9
3
I. INTRODUCTION
The IT audit is a comprehensive assessment of an organization's information
systems to assess the effectiveness and efficiency of recovery, security, risk
mitigation, and compliance with local and international standards and regulations.
Computer auditing is a discipline that is responsible for the review and evaluation
of an organization's computer systems, with the aim of verifying their correct
operation, their security and compliance with applicable standards and regulations.
This discipline has become increasingly relevant due to the growing importance of
technology in business and in society in general.
On the other hand, the author Félix Eyzaguirre del Sante, a Peruvian national who
has published in the field of computer auditing, is the one who wrote the book
"Audit of Computer Systems" where he presents the basic concepts of computer
auditing and its application in the Peruvian context. , as well as the use of auditing
techniques and tools to assess the security and performance of computer systems
in an organization. The work of Eyzaguirre del Sante is considered an important
reference for professionals and students interested in computer auditing in Peru.
(Felix, 2016)
II. DEVELOPMENT
Objectives of the Computer Audit
The objectives of the computer audit refer to the goals and purposes that are
sought to be achieved through the performance of an audit of information systems
and technologies. According to Alarcón and Casanueva (2016)
The objectives of the IT audit are to ensure the integrity, confidentiality and
availability of information, assess regulatory compliance, verify the efficiency and
effectiveness of IT systems, and make recommendations to improve the
management of IT systems in the organization.
establish the obligations and responsibilities of the parties involved in the IT audit
process. According to Sánchez Alfonso (2015)
It is important to note that these rules and regulations are intended to guarantee
legality, transparency and security in the handling of company information.
Therefore, it is critical that IT auditors are aware of these regulations and apply
them appropriately during the audit.
The norms and regulations in computer auditing are essential to guarantee the
protection of information and transparency in the management of information
systems of companies.
IT Audit Procedures
Computer audit procedures are the techniques and methods used to assess the
effectiveness, efficiency, and reliability of an organization's information systems.
These procedures are carried out to identify potential risks and weaknesses in
security controls and to ensure that systems comply with established rules and
regulations. According to Alfonso E. (2015)
IT Audit Tools
Computer audit tools is Mario Piattini, who in his book "Computer Audit" explains
how the tools can be used for data collection, analysis and presentation of results,
as well as providing an overview of the most commonly used tools. in systems
auditing. According to Piattini, M. (2017)
Computer audit tools are software solutions that allow auditors to test,
monitor, and analyze systems and applications to identify potential risks
7
Computer audit tools are essential for the identification and evaluation of security
risks in an organization's computer systems. The use of these tools can help
detect vulnerabilities and weaknesses, in order to take preventive and corrective
measures.
The stages of the IT audit process are divided into several steps that are carried
out to ensure a complete and exhaustive audit of the information systems. Each
stage is described in detail below:
8
Planning: In this stage, the scope and objectives of the audit are
determined, a work plan is established and the resources necessary to
carry out the audit are defined.
Data Collection: In this stage, the necessary data for the audit is collected,
such as policies and procedures, system documentation, previous audit
records, etc.
Data analysis: In this stage, the collected data is analyzed to assess the
effectiveness of the information system and to identify possible problems or
weaknesses.
Risk assessment: In this stage, the risk associated with the possible
problems identified is evaluated and their priority is determined.
Problem identification: In this stage, problems and weaknesses in the
information system are identified.
Recommendations: In this stage, recommendations are developed to
address the identified problems.
Reporting: At this stage, a detailed report is presented that includes the
results of the audit, recommendations to address the problems identified,
and any other relevant information.
It is important to note that these stages are not necessarily linear and may require
iterations to ensure that a full and thorough audit has been performed.
Action plan
REFERENCES
Alarcón, J., & Casanueva, C. (2016). Computer Audit. Mexico DF: Limousa.
Cárdenas, R., & Ortiz, M. (2017). Audit of computer systems. Lima: Pearson
Education.
Hernández, A., & Romero, A. (2015). Introduction to Computer Audit. Mexico DF:
Alphaomega.
Chen, D., & Huang, H. (2018). Introduction to the Special Issue on Cyber Security
and Information Management. Journal of Management Information Systems,
35(4), 1006-1009. doi:10.1080/07421222.2018.1508017.