1st Edition
Information System Audit How to Control the Digital Disruption
The digitalization of companies is a recurrent topic of conversation for managers. Companies are forced to evolve at least as fast as their competitors. They have to review their organization, their processes, and their way of working. This also concerns auditors in terms of their audit strategy and working methods.
Digitalization is the tip of the iceberg that represents the increasing reliance on information technology of the company’s information system. Companies have seen new competitors succeed with a digital approach, competitors that have opened new markets or new ways of interacting with their customers, and all business processes can be digitalized.
In this new paradigm, auditors have to renew themselves too. Long gone are the days of auditors specializing in one technique, like financial auditors or IT auditors. This makes it a phenomenal opportunity for auditing to renew itself, embracing the vision of the company’s information system: long live the information system auditors!
This book proposes you to go step by step from a common understanding of our history of auditing to gradually defining and justifying the impacts of digitalization on the audit strategy and the preparation of audits.
Preface
1—Audit
1.1—Legacy
1.2—Regulation, Controls and Audits
1.3—Audit and digital transformation
Bibliography
2—Information System
2.1—Information
2.2—Information Systems
2.3—IT impact on Information Systems
Bibliography
3—Information System Audit
3.1—Challenges
3.2—Different types of audits
3.3—Digitalization
Bibliography
4—Legal Risks
4.1—Sui generis risks
4.2—Identification and prevention
4.3—International context and innovation
Bibliography
5—Operational risks
5.1—Processes
5.2—Data
5.3—Digital impact
Bibliography
6—IT processes
6.1—Administrative processes
6.2—Service management
6.3—Project management
7—Human uncertainties
7.1—Unintentional acts
7.2—Intentional acts
7.3—Security
7.4—Forensic
Bibliography
8—IT risks
8.1—Geographical coverage
8.2—Data mobility, media mobility
8.3—Data media mobility
8.4—Are IT induced risks new?
Bibliography
9—Confidence
9.1—Short-term confidence
9.2—Medium-term confidence
9.3—Long-term confidence
Bibliography
10—Risks management
10.1—Enterprise risks
10.2—Operational risks
10.3—Technical risks
11—Information System Audit Strategy
11.1—Back to basics on audit strategy
11.2—Digitalization and audit strategy
11.3—Information Systems Risks due to its complexity
12—Performing audits
12.1—Back to basics on audit planning
12.2—Information System Audit planning
12.3—Achieving reasonable assurance
Bibliography
Biography
Philippe Peret is an IT Engineer with a major in IT Audit (CNAM, France). He passed a master in business administration (Toulouse School Management, France).
With plus twenty years of experience in IT, management, and audit, he works initially in consulting in program management office, project management. He co-authored the new release of SDMS™, SDMS21™, a leading methodology on Information Systems Management and projects management.
He moves to audit, CISA certified in 2008, and performs financial, IT, legal and forensic engagements initially for audit firms then for Corporate Audit departments (e.g. KPMG, Avon Cosmetics, Tyco International).
Other book (French and English):
- "More Haste? Less Speed! —Effective IT Project Management"—ISBN 978-2-9557622-0-2
