IT Examiner School, Providence, RI

IT Audit Risk Assessment and Scope

Identifies areas  to be reviewed‐ consistent with  risk  assessment/risk  level

Describes how  the audit will  be performed  and tools to be  used

Provides the  timeframe for  completing  the audit

Firms may provide engagement letter  specifying this information including costs

IT Audit Coverage

IT General Controls

Information Security Program (GLBA)

EFT (ACH/Wires/RDC)

NACHA Compliance

Penetration Testing/Vulnerability Assessment

Identity Theft Red Flags Program

Regulation GG/Unlawful Internet Gambling  Enforcement Act