TCA’s Experience in IT Audit IT Audit Group
Author : celsa-spraggs | Published Date : 2025-06-23
Description: TCAs Experience in IT Audit IT Audit Group Turkish Court of Accounts TCA Milestones Establishment of ComputerAssisted Audit Group 1997 First IT audit 2002 Twinning Project for Strengthening Audit Capacity of TCA 20052007 IT audit
Presentation Embed Code
Download Presentation
Download
Presentation The PPT/PDF document
"TCA’s Experience in IT Audit IT Audit Group" is the property of its rightful owner.
Permission is granted to download and print the materials on this website for personal, non-commercial use only,
and to display it on your personal computer provided you do not modify the materials and that you retain all
copyright notices contained in the materials. By downloading content from our website, you accept the terms of
this agreement.
Transcript:TCA’s Experience in IT Audit IT Audit Group:
TCA’s Experience in IT Audit IT Audit Group Turkish Court of Accounts - TCA Milestones Establishment of Computer-Assisted Audit Group (1997) First IT audit (2002) Twinning Project for Strengthening Audit Capacity of TCA (2005-2007) IT audit guideline (2007) IT audit training activities (2007 - …) Expert support in conducting technical tests (2007 - …) ITASA with EUROSAI ITWG (2013) Establishment of IT Audit Group (2015) Audit of e-Government projects (2017) 1 Types TCA performs IT audit as a part of regularity audit * as a part of performance audit separately public institutions particular systems/applications ongoing system development projects theme-based 2 Levels IT Audit as a part of Regularity Audit Assessment of basic level IT controls (by generalist auditors) IT audit (by IT auditors) 3 Assessment of Basic Level IT Controls No need for in-depth IT audit knowledge - performed by generalist auditors Conducted in accordance with «Regularity Audit Guideline» Conducted in every regularity audit Determine which business workflows are carried out in the IT environment and outputs of which systems affect accounting data and financial statements Compulsory audit procedures relating to IT controls IT governance/management, information security, operation and maintenance, business continuity and disaster recovery planning, outsourcing, project management and application controls Control weaknesses are reported along with recommendations 4 IT Audit Conducted under the responsibility of «IT Audit Group» Performed by IT auditors Conducted in accordance with «IT Audit Guideline» Separately reported - «Information Systems Audit/Evaluation Report» 5 Audit Approach Determine the risks concerning the examined information systems Identify the necessary control mechanisms that can minimize these risks Check whether these IT controls are established, and if so, whether they are functioning effectively or not Assess the weaknesses in IT controls Report the obtained findings according to a certain procedure 6 Information Criteria Confidentiality Integrity Availability Reliability Efficiency Effectiveness Compliance 7 Audit Criteria Confidentiality >> concerns the protection of sensitive information from unauthorised disclosure Integrity >> relates to the accuracy and completeness of information as well as to its validity in accordance with business values and expectations Availability >> relates to information being available when required by the business process now and in the future Reliability >> relates to the provision of appropriate information for management to operate the entity and exercise its fiduciary and governance responsibilities 8 Audit Criteria Efficiency >> concerns the provision of information through the optimal (most productive and economical) use of resources Effectiveness >>
