Information system Auditor involved in reviewing overall activity of the information system from the stage of development to the operation and service. An information system auditor ensures following things:
• An adequate audit trail so that transactions can be traced forward and backward through the system.
• Controls over the accounting for all data entered into the system and controls to ensure the integrity of those transactions throughout the computerized segment of the system.
• Handling exceptions to and rejections from the computer system.
• Testing to determine whether the systems perform as stated.
• Control over changes to the computer system to determine whether the proper authorization has been given.
• Authorization procedures for system overrides.
• Determining whether organization and government policies and procedures are adhered to in system implementation.
• Training user personnel in the operation of the system.
• Developing detailed evaluation criteria so that it is possible to determine whether the implemented system has met predetermined specifications.
• Adequate controls between interconnected computer systems.
• Adequate security procedures to protect the users data.
• Backup and recovery procedures for the operation of the system.
• Technology provided by different vendors is compatible and controlled.
As the IS auditors ensures above activities it helps in the quality control of the information system.