Importance of follow up IS Audit
Follow up IS Audit is very important, sometimes even more important than main IS Audit.Let us briefly discuss what is follow up IS Audit and How this is useful ?
What is follow up IS Audit?
IS Audit which is done after main audit to review the steps taken by Management as suggested/recommended in Main IS Audit.IS Auditors checks whether the critical/major findings as suggested in Main audit is complied
1. Suitably
2. Adequately
3. As recommended or as per the best practice.
Who does the follow up IS Audit?
Not always necessary but this is generally done by same team of IS Auditor which conducts the main IS audit.
What is the purpose of Follow up IS Audit?
1. It reviews whether the management has taken
2. Whether all the necessary rectification were made
3. If recommended measures were not taken then why?
4. What is the reason for pending compliance.
Should all the suggested remarks should be rectified and complied?
It depends on:
1. Management appetite for taking risk
2. Cost benefit ratio
Whether IS auditor should submit the report of follow up audit?
Yes this should be as per ISACA Standard and guidelines.
CISA Type Question 08- 2307
When an IS Auditor should go for follow up IS Audit
1. after two weeks of main IS audit
2. after one month of main audit
3. As per the audit charter/engagement letter
4. IS auditor is not responsible for follow audit in any case.
Answer to CISA Type Question 08-2107
When data is bulky we should choose a method which is faster so, preferred method will be Symmetric cryptography as it much faster than asymmetric cryptography. So, the correct answer should be 1. Symmetric Cryptography
What is follow up IS Audit?
IS Audit which is done after main audit to review the steps taken by Management as suggested/recommended in Main IS Audit.IS Auditors checks whether the critical/major findings as suggested in Main audit is complied
1. Suitably
2. Adequately
3. As recommended or as per the best practice.
Who does the follow up IS Audit?
Not always necessary but this is generally done by same team of IS Auditor which conducts the main IS audit.
What is the purpose of Follow up IS Audit?
1. It reviews whether the management has taken
suitable and adequatesteps to complythe necessary remarks which were not rectified during main audit.
2. Whether all the necessary rectification were made
3. If recommended measures were not taken then why?
4. What is the reason for pending compliance.
Should all the suggested remarks should be rectified and complied?
It depends on:
1. Management appetite for taking risk
2. Cost benefit ratio
Whether IS auditor should submit the report of follow up audit?
Yes this should be as per ISACA Standard and guidelines.
CISA Type Question 08- 2307
When an IS Auditor should go for follow up IS Audit
1. after two weeks of main IS audit
2. after one month of main audit
3. As per the audit charter/engagement letter
4. IS auditor is not responsible for follow audit in any case.
Answer to CISA Type Question 08-2107
When data is bulky we should choose a method which is faster so, preferred method will be Symmetric cryptography as it much faster than asymmetric cryptography. So, the correct answer should be 1. Symmetric Cryptography
0 comments:
Post a Comment