Audit Sistem Informasi
Information System Audit
IS auditing is the process of collecting and evaluating evidence to determine whether information systems and related resources, adequately safeguard assets, maintain data and system integrity, provide relevant and reliable information, achieve organizational goals effectively, consume resources efficiently, and have in effect internal controls that provide reasonable assurance that operational and control objectives will be met.
Internal Auditing Standards
- According to the Institute of Internal Auditors (IIA), the purpose of an internal audit is to evaluate the adequacy and effectiveness of a company’s internal control system.
- Also, it is to determine the extent to which assigned responsibilities are actually carried out.
The IIA’s five audit scope standards are:
- Review the reliability and integrity of operating and financial information and how it is identified, measured, classified, and reported.
- Determine whether the systems designed to comply with operating and reporting policies, plans, procedures, laws, and regulations are actually being followed.
- Review how assets are safeguarded, and verify the existence of assets as appropriate.
- Examine company resources to determine how effectively and efficiently they are utilized.
- Review company operations and programs to determine whether they are being carried out as planned and whether they are meeting their objectives.
- …the process for controlling an organization’s IT resources, including information and communication systems, and technology.
- …using IT to promote an organization’s objectives and enable business processes and to manage and control IT related risks.