ebook img

Information System Audit: How to Control the Digital Disruption PDF

274 Pages·2022·8.494 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Information System Audit: How to Control the Digital Disruption

Information System Audit The digitalization of companies is a recurrent topic of conversation for managers. Companies are forced to evolve at least as fast as their competi- tors. They have to review their organization, their processes, and their way of working. This also concerns auditors in terms of their audit strategy and working methods. Digitalization is the tip of the iceberg that represents the increasing reliance on information technology of the company’s information system. Companies have seen new competitors succeed with a digital approach, competitors that have opened new markets or new ways of interacting with their customers, and all business processes can be digitalized. In this new paradigm, auditors have to renew themselves too. Long gone are the days of auditors specializing in one technique, like financial auditors or IT auditors. This makes it a phenomenal opportunity for auditing to renew itself, embracing the vision of the company’s information system: long live the information system auditors! This book proposes you to go step by step from a common understanding of our history of auditing to gradually defining and justifying the impacts of digitalization on the audit strategy and the preparation of audits. Security, Audit and Leadership Series Series Editor: Dan Swanson, Dan Swanson and Associates, Ltd., Winnipeg, Manitoba, Canada. The Security, Audit and Leadership Series publishes leading-edge books on critical subjects facing security and audit executives as well as business leaders. Key topics addressed include Leadership, Cybersecurity, Security Leadership, Privacy, Strategic Risk Management, Auditing IT, Audit Management and Leadership Say What!? Communicate with Tact and Impact: What to say to get results at any point in an audit Ann M. Butera Auditing Information and Cyber Security Governance: A Controls-Based Approach Robert E. Davis The Security Leader’s Communication Playbook: Bridging the Gap between Security and the Business Jeffrey W. Brown Modern Management and Leadership: Best Practice Essentials with CISO/CSO Applications Mark Tarallo Rising from the Mailroom to the Boardroom: Unique Insights for Governance, Risk, Compliance and Audit Leaders Bruce Turner Operational Auditing: Principles and Techniques for a Changing World (Second Edition) Hernan Murdock CyRMSM: Mastering the Management of Cybersecurity David X Martin For more information about this series, please visit: https://www.routledge. com/Internal-Audit-and-IT-Audit/book-series/CRCINTAUDITA Information System Audit How to Control the Digital Disruption Philippe Peret First Edition published 2023 by CRC Press 6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742 and by CRC Press 4 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN CRC Press is an imprint of Taylor & Francis Group, LLC © 2023 Philippe Peret Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, access www.copyright.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. For works that are not available on CCC please contact mpkbookspermissions@tandf. co.uk Trademark notice: Product or corporate names may be trademarks or registered trademarks and are used only for identification and explanation without intent to infringe. Library of Congress Cataloging‑in‑Publication Data Names: Peret, Philippe, author. Title: Information system audit : how to control the digital disruption / Philippe Peret. Identifiers: LCCN 2022001328 (print) | LCCN 2022001329 (ebook) | ISBN 9781032136165 (hardback) | ISBN 9781032136172 (paperback) | ISBN 9781003230137 (ebook) Subjects: LCSH: Information technology--Auditing. | Management information systems--Auditing. Classification: LCC HD30.2 .P466 2022 (print) | LCC HD30.2 (ebook) | DDC 657/.458--dc23/eng/20220113 LC record available at https://lccn.loc.gov/2022001328 LC ebook record available at https://lccn.loc.gov/2022001329 ISBN: 978-1-032-13616-5 (hbk) ISBN: 978-1-032-13617-2 (pbk) ISBN: 978-1-003-23013-7 (ebk) DOI: 10.1201/9781003230137 Typeset in Sabon by KnowledgeWorks Global Ltd. Dedication To my son, I love you so much. Contents About the author xi Preface xiii 1 Audit 1 1.1 Legacy 1 1.2 Regulation, controls, and audits 5 1.3 Audit and digital transformation 16 Bibliography 20 2 Information system 21 2.1 Information 21 2.2 Information systems 24 2.3 IT impact on information systems 35 Bibliography 41 3 Information system audit 43 3.1 Challenges 43 3.2 Different types of audits 50 3.3 Digitalization 56 Bibliography 64 4 Legal risks 65 4.1 Sui generis risks 66 4.2 Identification and prevention 71 4.3 International context and innovation 79 Bibliography 84 vii viii Contents 5 Operational risks 85 5.1 Processes 85 5.2 Data 90 5.3 Digital impact 96 Bibliography 103 6 IT processes 105 6.1 Administrative processes 108 6.2 Service management 112 6.3 Project management 117 7 Human uncertainties 125 7.1 Unintentional acts 126 7.2 Intentional acts 132 7.3 Security 137 7.4 Forensic 142 Bibliography 145 8 IT risks 147 8.1 Geographical coverage 149 8.2 Data mobility 152 8.3 Media mobility 157 8.4 Are it induced risks new? 161 Bibliography 170 9 Confidence 171 9.1 Short-term confidence 174 9.2 Medium-term confidence 180 9.3 Long-term confidence 186 Bibliography 191 10 Risks management 193 10.1 Enterprise risks 195 10.2 Operational risks 202 10.3 Technical risks 210 Bibliography 214 Contents ix 11 Information system audit strategy 215 11.1 Back to basics on audit strategy 217 11.2 Digitalization and audit strategy 221 11.3 Information system risks due to its complexity 226 12 Performing audits 233 12.1 Back to basics on audit planning 234 12.2 Information system audit planning 238 12.3 Achieving reasonable assurance 242 Bibliography 247 Index 249

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.