First Part: An information technology audit, or information systems audit, is an examination of the management controls within an Information Technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization’s goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. IT audits are also known as “automated data processing (ADP) audits” and “computer audits”. They were formerly called “electronic data processing (EDP) audits”.
Second Part: The purposes of an IT audit are to evaluate the system’s internal control design and effectiveness. This includes, but is not limited to, efficiency and security protocols, development processes, and IT governance or oversight. Installing controls are necessary but not sufficient to provide adequate security. People responsible for security must consider if the controls are installed as intended, if they are effective, or if any breach in security has occurred and if so, what actions can be done to prevent future breaches.
The primary functions of an IT audit are to evaluate the systems that are in place to guard an organization’s information. Specifically, information technology audits are used to evaluate the organization’s ability to protect its information assets and to properly dispense information to authorized parties. The IT audit aims to evaluate the following:
• Will the organization’s computer systems be available for the business at all times when required? (known as availability)
• Will the information in the systems be disclosed only to authorize users? (known as security and confidentiality)
• Will the information provided the system always be accurate, reliable, and timely? (measures the integrity)
Many organizations are spending large amounts of money on IT because they recognize the tremendous benefits that IT can bring to their operations and services. However, they need to ensure that their IT systems are reliable, secure and not vulnerable to computer attacks.
IT audit is important because it gives assurance that the IT systems are adequately protected, provide reliable information to users and properly managed to achieve their intended benefits. Many users rely on IT without knowing how the computers work. A computer error could be repeated indefinitely, causing more extensive damage than a human mistake. IT audit could also help to reduce risks of data tampering, data loss or leakage, service disruption, and poor management of IT systems.
Third Part: Computer Assisted Audit Technique (CAAT) is the tool which is used the auditors. This tool facilitates them to make search from the irregularities from the given data. With the help of this tool, the internal accounting department of any firm will be able to provide more analytical results. These tools are used throughout every business environment and also in the industry sectors too. With the help of Computer Assisted Audit Techniques, more forensic accounting with more analysis can be done. It‘s really a helpful tool that helps the firm auditor to work in an efficient and productive manner.
The CAAT tool supports the forensic accounting in which larger amount can be diverted to the analytical form and it also prompts where the tool detects the fraud. This tool simplifies the data and in the automated form. The name of CAATs tool is placed in almost every firm where the auditing or advance level accounting takes place. The firm is well aware of the benefits of these tools and also making some advancement in this tool in accordance with their need, in return all the large raw data becomes in statistical and analytical form. It‘s a time saving tool.