Comprehensive IS Audit Services | Information Systems Audit by QRC

Call Us

If you’re wondering what is IS audit, it is the process of collecting and examining the management of controls over an organization’s information systems, practices, controls and operations. The analysis of evidence obtained through the IS audit process determines whether the components of the information systems that safeguard assets and maintain data integrity are operating effectively to achieve the organization’s overall goals and objectives. The audit reviews performed can be in conjunction with a financial statement audit, internal audit, or other forms of attestation engagement.

The IS Audit covers the following major categories:

Systems & Applications: Focusing on the systems and applications within an organization.
Information Processing Facilities: Focusing that IT processes are working correctly, timely and accurately, whether in normal or disruptive conditions.
Systems Development: Evaluate if those systems which are under development are in compliance with the organization’s standards.
Management of IT and Enterprise Architecture and assuring that IT management is structured and processes in a controlled and efficient manner.

As a CERT-In Empaneled Security Auditor, QRC is authorized to help you understand, manage and comply with RBI Guidelines & Circulars that are released on a periodic basis..

Audit Approach

Business Understanding

Evaluating business process and environment to understand the in-scope elements

Audit Scope Finalization

Detailed questionnaire is shared with your teams to aid in the scope definition, planning and preparation of the audit and objectives

Audit Plan

Audit Charter from the client detailing the purpose of the audit, the management responsibility, authority, and accountability of the Information Systems Audit function.

Audit Checklist Preparation

We create an audit checklist to ensure coverage of all audit areas as per the regulatory requirements in a systematic and comprehensive manner.

Evidence Review

Understanding the business process requirements, we review all the essential documents as per scope and interview the auditees.

Audit Execution

Perform testing of controls to check the inadequacies and collect evidence for control implementation and testing. We create an information base for future audits and record data for future references.

Audit Reporting

The report and the findings as per observations, risks and recommendations, are communicated to the stakeholders, presenting the finds to the management via an Executive summary.

Related Updates

We use cookies to enhance your user experience. By continuing to browse, you hereby agree to the use of cookies. Know more Privacy Policy & Cookies Policy.

Information Systems Audit

Audit Approach

Business Understanding

Audit Scope Finalization

Audit Plan

Audit Checklist Preparation

Evidence Review

Audit Execution

Audit Reporting

Related Updates

Securing Payment Software: Lessons from Real-World Breaches.

Understanding the Consequences/Risk of Non-Compliance.

CEA Releases Draft Cybersecurity Regulations for the Power Sector.

Understanding the Philippine Privacy Trust Mark Certification.

Integrated Audit - Streamlining Compliance.

Whitepaper : Changing Landscape of Global Compliance.

Contact Us

Quick Links

Services

People Presence