logo1
   
logo2
    Home 
logo3
IS Audit
IS Consulting
About Richard Chichakli
Contact Us
Search
nav bottom
Risk-based approach for planning IS audits

Inventory the information systems deployed in the organization and categorize them

Determine which of the systems impact critical functions or assets, and how close to real time they operate

Assess what risks affect these systems and the severity of impact on the business

Rank the systems based on the above assessment and decide the audit priority, resources, schedule and frequency

 

Types of Information System Audits
IS Audit Services
About IS Audt | Types of IS Audit | IS Audit Standards

 

IS Audits

There are several types of information system audits and assurance services mostly related to the areas of availability, confidentiality, and integrity. The IS audit is a systematic approach that aims to provide reasonable assurances, on test-basis,  regarding the adequacy of the controls used in the governance over IT resources, and our IS audit services covers all the major and common types of audits; including but not limited to the following types:

System Audits

A system audit is an audit of the controls designed and implemented into the system to ensure the integrity of the data processed by the the system and maintain the proper functionality of system processes.

Application Audits

The audit of an information system application is an audits of the controls placed over an enterprise information system which are usually designed to ensure the Effectiveness, Efficiency, Confidentiality, Availability, Reliability, and Compliance of information and processing in an enterprise IT environment.

Compliance Audits

Compliance audits provide management with tool for the internal review of compliance in their operating units. The audit program one or many compliance areas. Each area may be applicable to a particular operating unit, depending on its activities, funding, regulatory administrative rules, or any other pre-defined criterion.

Security Audits

Security audits are aimed to provide comprehensive and cost-effective network vulnerability assessments by disclosing number of vulnerability tests, provide detailed and comprehensive report on weaknesses found, and depending on the classification of the system as to “mission critical”, suggest remedies, solutions, and preventive measures to reduce or eliminate vulnerabilities. The audit will also provide program(s) to update the list of vulnerability and perform testing on an ongoing basis.

Performance Audits

Performance audits entail an objective and systematic examination of evidence to provide an independent assessment of the performance and management of a program against objective criteria as well as assessments that provide a prospective focus or that synthesize information on best practices or cross-cutting issues.

 

 
     
© Richard Chichakli 1998-2009, for information contact webmaster.