CS Professional SYSTEM AUDIT Important Topic
System audit is a very effective approach to know the effectiveness and reliability of the system. It’s also a very disciplined approach to know whether an individual element of the system is at par with the system and effectively working. It also helps to maintain data integrity and helps to achieve organizational goal.
NATURE OF SYSTEM AUDIT
We have come a long way in the line of audit use. We started from the financial audit, which was using paper-based books of account in an early day. Now we have moved on to a computer-based approach which relatively makes the process easier but on the other hand increase the complexity of system and risk of error, sabotage, and fraud. Now we cannot rely on only a single book based approach, we have to check the vulnerability of the system to know if there is any risk involved related to system exposure and whether data is safe.
The nature of the system audit is not only about checking of the system, but it is also spread to the importance of it and if there is any need of it and what will be the possible risk of it.
SIGNIFICANCE OF SYSTEM AUDIT
- It helps the organization to ensure data confidentiality, integrity, and
- Maintaining the confidentiality of data
- Maintaining integrity of data
- Planning for any contingencies and recovery of data
- Prevention and detection of error and fraud
- Data is available at all time to authorized users
- Helps to improve the system security and reliability by constant check
- Building confidence and public reputation
- Reduce data tempering and data loss
- Provide backup for data
Scope of information system audit
Information Systems Audit should cover the entire Information Systems Infrastructure system which includes Servers & other hardware items, Operating Systems, Databases, Application Systems, Technologies, Networks, Facilities, and Process & People.
Physical and environment security
- Environmental and physical control of data
- Safeguarding of assets, materials, software, and hardware
- Prevention of dust and pests
- Prevention of any leakage related to gas and water
- Ensuring power supply is properly covered
- The technique used in report validation are at par with industry standards
- The technique is error free and can be trusted
Network security review
- Audit of redundancy of links and devices
- Review of all types of networks and controls
- Secure internet and banking transactions with antivirus browsers
- Checking of network firewall
- Privileges available to Systems Integrator and outsourced vendors
- Fully securing the data in a best possible way
- Securing the data which corresponds to the required application and need to be checked
- Scrutinize the data and helps to find any
- Audit of backup and recovery testing procedure
- Testing disaster recovery and business continuity plan
- Effectiveness of a disaster recovery plan
- Existence of well-defined audit manual
- Audit of media maintaining procedures
- Audit of the email system
- Audit of payment procedures
- Control of data leakage by removable devices or through other means
For recorded lectures of CS Professional, Executive, and Foundation, click online classes for CS Professional.
Visit www.takshilalearning.com to know more.