IT Examiner School, Seaside, CA

Audit Component Rating

Areas to focus on when rating IT Audit component adequacy: • Independence and quality of oversight • Audit risk analysis methodology/resources applied to IT Audit • Scope, frequency, accuracy, and timeliness of audit reports • Extent of audit participation in SDLC to ensure effectiveness internal controls and audit trails • Audit plan in providing appropriate coverage of IT risks

Audit Component Rating

Areas to focus on when rating IT Audit component adequacy (cont.): • IT auditor’s adherence to code of ethics/professional standards • Qualifications of IT auditor and staff performing internal certifications • Timely and formal follow-up and reporting on management’s resolution of identified issues or weaknesses • Quality and effectiveness of internal and external audit activity related to IT controls