Auditors get guidance on application controls

News

Auditors get guidance on application controls

Antony Savvas

The Institute of Internal Auditors (IIA) has issued advice on auditing IT application controls.

The Institute's Global Technology Audit Guide 8 - Auditing Application Controls, helps internal audit practitioners, executives and boards of directors to understand various risks associated with application controls and how internal auditing can help to mitigate those risks.

"Most internal auditors think of application controls as a mysterious black box and are unsure of how to look inside to ensure they're working as they should," said Lily Bi, IIA manager of technology practices.

"It's important that all internal auditors have a good level of knowledge in this area to be skilled enough to determine if an application's controls are properly designed, and are operating effectively to manage financial, operational, or regulatory compliance risks," said Bi.

Application controls are applied to individual business processes or application systems such as data edits, separation of business functions, balancing of processing totals, transaction logging, and error reporting.

Failure to audit application controls can leave an organisation open to risks that have a negative impact on the integrity, completeness, timeliness, and availability of financial or operational data. 

GTAG 8 Auditing Application Controls can be viewed here.

Sarbanes-Oxley defeat blow for SMBs >>

Information security the route to compliance >>

Comment on this article: computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy