IT Examiner School - Oct 2023

First page Table of contents Previous page 42 Next page Last page

Internal Use Only

Written IT Audit Reports Describe scope, objectives, and result

Identifies deficiencies/ weaknesses

Suggests corrective action(s)

Management’s response/timing for corrective action(s)

Provides information on prior audit findings

• Identifies repeat findings

Complies with audit plan & schedule

13

Internal Use Only

Types of IT Audits

Internal Audits/ Certifications

IT General Controls

Penetration Tests

Vulnerability Assessments

Statement on Standards for Attestation Engagements (SSAE ‐ 16/18)

14

Made with FlippingBook - professional solution for displaying marketing and sales documents online