What Does an Information System Auditor Do?

Auditors are individuals who have been systematically trained and qualified, and evaluated and audited by authoritative certification bodies, and have the quality and ability to engage in audit work.

Auditor

Auditors should have personal qualities to enable them to work in accordance with the audit principles described in Chapter 4.
The auditor should:
a) ethical, that is, fair, reliable, loyal, honest and cautious;
b) open-minded, that is, willingness to consider different opinions or opinions;
c) good at communication, that is, flexible interaction with people;
d) good at observation, that is, proactive understanding of the surrounding environment and activities;
e) Perceived, that is, the instinct to understand and understand the environment;
f) strong adaptability, that is, easy to adapt to different situations;
g) perseverance, that is, persistence in achieving goals;
h) Be assertive, that is, draw timely conclusions based on logical reasoning and analysis;
i) Self-reliance, that is, to work independently and play a role in effective interaction with others [1]
Auditors should have knowledge and skills in the following areas:
a) Audit principles, procedures and techniques: enable auditors to properly apply them to different audits and ensure audits
Nuclear implementation is consistent and systematic. The auditor should be able to:
---- use audit principles, procedures and techniques;
---- Effectively plan and organize work;
---- as agreed
The evaluation process includes four main steps.
Step 1-Identify personal qualities, knowledge and skills to meet the needs of the audit plan
In determining appropriate knowledge and skills, the following should be considered:
---- the size, nature and complexity of the audited organization
---- Aim and content of the audit plan
---- Certification requirements
---- The role of the audit process in the management of the audited organization
The level of credibility required in the audit plan;
---- The complexity of the audited management system
Step 2-Set up evaluation criteria
Criteria can be quantitative (such as years of work experience and education, number of audits, hours of audit training), or qualitative (such as personal qualities, knowledge, or skills demonstrated during training or work).
Step 3-choose the appropriate evaluation method
Evaluation can be performed by one or more methods selected by one person or group. It should be noted:
---- The listed methods as the scope of selection may not be applicable in all cases;
---- The reliability of the different methods listed may be different;
---- In general, a comprehensive approach should be used to ensure that the results are objective, consistent, fair and credible.
Step 4-Implement the evaluation
In this step, the person information collected is compared with the criteria established in step 2. When people are not
When the criteria are met, training, work experience, and / or auditing experience is required and re-evaluated.

IN OTHER LANGUAGES

Was this article helpful? Thanks for the feedback Thanks for the feedback

How can we help? How can we help?