IT Audit provides assurance over the effectiveness of information technology controls. IT controls mitigate the risk of computer generated data that can impact financial and operational results. In this chapter, we will:
Describe IT Audit activities
Provide an approach for managing the IT Audit program; and
Review examples of automating Audit activities using Oracle GRC Controls applications—Access Controls Governor, Transaction Controls Governor, Change Controls Governor, and Preventive Controls Governor
As many organizations run their business on enterprise applications, such as Oracle E-Business Suite, PeopleSoft, JD Edward, the auditors must include IT controls within the scope of the overall audit program. Auditors should be familiar with how the IT controls work and also have the right approach and tools to assess the control over enterprise applications and computer systems that store, process, and report business information. Well designed IT controls can improve...