 |
| Vittal Raj with participants at the training seminar organised by the Institute of Internal Auditors |
The presenter, Vittal Raj, a well-known IT security expert and an accomplished trainer, engaged the audience primarily on IT auditing concepts-must know for effective audit, IT audit approach, and how to perform audit procedures and communicate findings.
“Information Technology (IT) is not for IT sake but for businesses it is essential. The primary requirement is whether IT resources and processes meet business requirements with adequate control. IT auditors should bear this in mind” he said.
“IT controls” can be placed in two categories, namely application control and general control.
The presenter advised auditors to ensure that the structure, policies and procedures are designed to provide assurance that business objectives are achieved and undesired events are prevented. Raj cautioned auditors about security in the emerging IT models such as SaaS, Cloud computing, social media and mobile apps. The special IT audit aspects include cyber-crimes, forensics, privacy controls and cross border data security.