Anda di halaman 1dari 3

ManaGing theInformationSystems AuditFunction d

AuditPlanningandManagement Audit Planning and Management

Planningfunction Planning function Organizationfunction Staffingfunction S ffi f i Leadingfunction Controllingfunction

4/21/201112:44PM

4/21/201112:44PM

Planningfunction Planning function


Long run / term plans goals : Longrun/termplansgoals:
Toprovideanoveralldirectionforthefunction Totrytoensurewewillhaveadequateresources y q todischargetheresponsibilitiesassociatedwith thefunctioneffectivelyandefficiently

AreaofPlanningtheISAuditfunction Area of Planning the IS Audit function


1. 1 2. 3. 3 4. 5. Businesssystems Business systems Systemunderdevelopment ISfacilitiesmanagement S f ili i Securityandrecoverycontrols EffectivenessandefficiencyofIS

Shortrun/termplanspuprpose :
Toidentifythoseareaswithinorganizationsthat needtobeauditedwithaviewtoreducingthe d t b dit d ith i t d i th exposuresfacedbytheorganizationtoan acceptablelevel. p
4/21/201112:44PM 3

4/21/201112:44PM

Toreview,appraiseandreport To review, appraise and report


Impor rtance eofcur rrents system m
Soundness,adequacy,andapplicationofcontrols , q y, pp Compliancewithestablishmentpolicies,plans andprocedures Accountingforandsafeguarging corporateassets Applicationofproperauthoritylevels R li bilit f Reliabilityofaccountingandotherdata ti d th d t Qualityofperformanceofassignedduties Extent of coordinated effort between Extentofcoordinatedeffortbetween departements g g p g Safeguardingofcorporateinterestingeneral
4/21/201112:44PM 5

Informationsystemauditplanning withinacontingencyperspective within a contingency perspective


Importanceoffuturesystem Importance of future system Low High
Onlysmall

Low amountsofIS
auditplanning di l i Extensiveshort runISaudit IS dit High planning

Extensivelongrun ISauditplanning Extensiveshort runandlongrun dl ISauditplanning


6

4/21/201112:44PM

Havinganimpactonorganizations missionsandgoalviaanISauditfunction d l d f
affects ff t
Organizational missionand goals

ShortrunplanningbasedonRisk management t
Risk management program Riskmanagementprogram
Enabletoidentifywherewhe shoulddothe detailedworkassociatedwithanauditora detailed work associated with an audit or a securityprogramandhowoverallwecanbeginto managethelevelofauditriskassociatedwithan organization.

affects ff t affects
ISfunction outcomes ISAudit function

affects

4/21/201112:44PM

Improved assetsafeguarding Dataintegrity Effectiveness efficiency

4/21/201112:44PM

Riskmanagementprogram g p g
Enable to identify where whe should do the Enabletoidentifywherewhe shoulddothe detailedworkassociatedwithanauditora securityprogramandhowoverallwecan security program and how overall we can begintomanagethelevelofauditrisk associatedwithanorganization. associated with an organization

Riskmanagementprogramare variationonafewbasicstep f b
1. Identifytheunitofanalysis 1 Identify the unit of analysis 2. Identifyasetegeneric riskpertinenttothe unitofanalysis unit of analysis 3. Determineariskweightingforeachunitof analysis l i 4. Prioritizeaudits(securityevaluations)based onriskweighting 5. Determinetheresourcesneededtosupport pp theprogramofaudittobeconducted
9 4/21/201112:44PM 10

4/21/201112:44PM

Organizationfunction Organization function


1. Theformallegitimizeofitsplacewithinthe 1 The formal legitimize of its place within the organization 2. Itsrolewithinorganization soverallaudit 2 Its role within organizations overall audit function 3. Whetheritshouldbecentralizedor 3 Wh h i h ld b li d decentralized 4. Howitshouldberesourced

Auditcharter Audit charter


1. Auditfunction splacewithintheorganization 1 Audit functions place within the organization 2. Auditfunctionsauthority 3. 3 Auditfunctionsscope di f i

4/21/201112:44PM

11

4/21/201112:44PM

12

Staffvs Linefunction
Staff Staff
Auditmanager Audit manager (partner)

Staffvs Linefunction
LineFunction
Auditmanager Audit manager (partner)

Auditteam1 manager

Auditteam2 manager

ISAudit manager

Auditteam1 manager

Auditteam2 manager

Auditteam3 manager

Generalstaff General staff auditor

Generalstaff General staff auditor

ISAudit IS Audit specialis

ISAudit IS Audit specialis

Generalstaff General staff auditor

Generalstaff General staff auditor

Generalstaff General staff auditor

Generalstaff G l t ff auditor

4/21/201112:44PM

13

4/21/201112:44PM

14

Staffingfunction Staffing function


Sourcing and recruitment of IS Audit staff SourcingandrecruitmentofISAuditstaff AppraisalandDevelopmentofISAuditStaff C CareerpathforISAuditStaff h f S di S ff

Leadingfunction Leading function


Leadership Objectives LeadershipObjectives
Pencapaian keselarasan :
1. 1 2. 3. 4. Misi dan sasaran organisasi ISauditmission,goals,andplans ObjectivesofspecificISAuditor j p ActionsofindividualISauditor

LeadershipProcess p
Observation feedback
4/21/201112:44PM 15 4/21/201112:44PM 16

Controllingfunction Controlling function


Atthebegininng At the begininng Duringtheconductoftheaudit Throughoutandaudit h h d di Substantialcaremustbetaken

4/21/201112:44PM

17