Thank you for the opportunity to help you with your question!
1. System control; IT auditors work with technical controls built-in to the
computer systems and also procedural controls, legal controls, Human Resources controls.
These controls may be preventive, detective or
corrective in nature.
2. Recommend- auditors generate “audit recommendations” but have
neither the authority to implement suggested changes nor can we force
management to do so. We achieve improvements mostly by a process of
explanation, justification and persuasion, explaining the risks
represented by control weaknesses, justifying the need to change systems
and/or processes, and persuading management to apply the necessary
resources and direction in order to address the risks.
3. Examination - auditing involves the gathering and assessment of
factual information from various sources. It is important that the
formal outputs of the auditing process are traceable to
valid information sources.
Please let me know if you need any clarification. I'm always happy to answer your questions.
Aug 23rd, 2015
Did you know? You can earn $20 for every friend you invite to Studypool!