Thank you for the opportunity to help you with your question!
1. System control; IT auditors work with technical controls built-in to the computer systems and also procedural controls, legal controls, Human Resources controls. These controls may be preventive, detective or corrective in nature.
2. Recommend - auditors generate “audit recommendations” but have neither the authority to implement suggested changes nor can we force management to do so. We achieve improvements mostly by a process of explanation, justification and persuasion, explaining the risks represented by control weaknesses, justifying the need to change systems and/or processes, and persuading management to apply the necessary resources and direction in order to address the risks.
3. Examination - auditing involves the gathering and assessment of
factual information from various sources. It is important that the
formal outputs of the auditing process are traceable to
valid information sources.
Content will be erased after question is completed.