IT Internal Audit Report
Subscriber Content
Best Practices for Conducting and Documenting an IT Audit
This sample audit report discusses steps auditors can use when conducting an information technology (IT) audit.
Testing involved identifying and evaluating the key general computer controls in place to support the company’s processing in the areas of information security, computer operations, software change management and systems support; identifying and evaluating the key controls around system security (both user administration and functional security rights); providing implementation team support by acting as a controls expert in the subject matter during the design of CPOE; and attending key committee and team meetings as necessary in addition to serving in a project risk/controls advisory role.