● Understand the overall audit objectives and related scope of the IS controls audit
● Obtain an understanding of an entity and its operations and key business processes
● Obtain a general understanding of the structure of the entity’s networks
● Identify key areas of audit interest (files, applications, systems, locations)
● Assess IS risk on a preliminary basis
● Identify critical control points (for example, external access points to networks)
● Obtain a preliminary understanding of IS controls
● Perform other audit planning procedures
No comments:
Post a Comment