IT Examiner School, Providence, RI
Audit Reporting/Follow-up
Similar to Safety & Soundness:
o IT Audit reporting channels what is being reported and to whom o Senior Management Responses
are they reasonable and corrective timeframe is appropriate
o Exception Tracking
show all IT audit findings, both Internal and External, and regulatory along with corrective action(s)
Auditor Independence & Qualifications
Whether or not there are conflicting duties, e.g. involved in auditing areas they have responsibilities or oversight Type of IT experience and training • Some IT audits require specific skill sets
Whether or not the Auditor has a debt with the entity (may have some influence)
Auditor should be reporting to Board or Audit Committee
Independence :
Current IT certifications the auditor maintains
List of references from entities with similar IT activities
Qualifications :
These qualifications provide some assurances, but don’t guarantee a quality audit
Made with FlippingBook Annual report