2023 IT Examiner School
Written IT Audit Reports
Describe scope & objectives
Identifies deficiencies/ weaknesses
Suggests corrective action(s)
Management’s response/timing for corrective action(s)
Provides information on prior audit findings
• Identifies repeat findings
Complies with audit plan & schedule
Types of IT Audits
Internal Audits/ Certifications
IT General Controls
Penetration Tests
Vulnerability Assessments
Statement on Standards for Attestation Engagements (SSAE-16/18)
Made with FlippingBook - Share PDF online