IT Audit

Welcome To The W3 Journal IT Audit Section

An IT Audit is an examination or inspection of the controls within an entity's or organization's information technology infrastructure. It is a highly complex and structured operation.

Different tyes of IT audit include: Systems and Applications Audit; Information Processing Facilities; Systems Development; Management of IT and Enterprise Architecture. The audit process normally includes: Planning; Studying and Evaluating Controls; Testing and Evaluating Controls; Reporting; Follow-up.

There are a number of processional certifications in this arena, including: CISA - Certified Information System Auditor
CIA - Certified Internal Auditor
CAP - Certification and Accreditation Professional
CPA - Certified Public Accountant
CA - Chartered Accountant
CCP - Certified Computer Professional
CISSP - Certified Information Systems Security Professional
CISM - Certified Information Security Manager

Bodies performing audits are often:
Federal or State Regulators (eg: CISA, CISSP, OCC, DOJ)
Corporate Internal Auditors (eg: Certificated accountants, CISA, CISSP)
Corporate Security Staff (eg: Security managers, CISSP, CISM)
IT Staff (eg: support, management).



About Us

  • This is section of the W3 Journal will hold information about the journal itself and forthcoming material. It will also outline some of the more esoteric aspects of the subject, and a number of other ad hoc pieces.

Powered by W3 Journal