External Auditing Of Information Security - 1634 Words

External Auditing of Information Security Yue Dai ACC 412 Auditing Belhaven University 8/1/2015 Abstract This paper is meant to be a guide for general readers including IT professionals, external auditors and so on. This research paper has a main focus on the external auditing of information security. It provides a basic understanding of the reasons for external auditing of information security. It is also meant as an aid for auditors to have solutions and Biblical implications and other possible recommendations. A variety of research techniques are used in this passage, such as analysis of files, writing questions, listing examples and making conclusions. In conclusion, It is essential that IT and audit work together in†¦show more content†¦As part of this, external auditors often examine and evaluate internal controls used in managing the risks which could affect the financial accounts, to determine if they are working properly. Information security - Information security is way of protecting information from being stolen or revised. All companies have secret information and they should protect them from other people who might take advantage of them. Once the security got hacked, it can lead companies to serious situations and they may face huge loss. Therefore the information security audit (IS audit) are intended to improve the level of information security to maintain a certain level of security in an organization. Information security audit - An information security audit is an audit of the organization s level of information security.(Wikipedia) It can be seen as a part of an information technology audit when centered on the IT aspects of information security. Information technology (IT) audits assess the controls, accuracy, and integrity of an institution’s electronic data processing and computer areas. Information security audit is often then referred to as an information technology security audit. ITs usually have the duty to protect confidential information. Internal control - The power point slide in the Lecture 4 defines Internal control as: Internal control is broadly defined as a