Audit and Audit Standards Essay

Submitted By Ffgblue1
Words: 650
Pages: 3
Open Document
The intent of testing is to appraise the level of security and identify vulnerabilities for mitigation measures. Vulnerability assessments identify and report on security weaknesses and vulnerabilities in the target system. This analysis is an important element of any activity in risk management. Vulnerability assessment components help in integrating all the steps in this analysis by automating the process of detecting, identifying, measuring, and understanding the vulnerabilities found in a target ICT system or infrastructure (Anderson & Rainie, 2010). In order to achieve this, the process involves both passive and active scanning, and this is important in verifying that the vulnerabilities are both present and exploitable.

In addition, tools used in vulnerability assessment are capable of performing on various network nodes including networking and networked devices such as printers, routers, and firewalls, as well as desktops, servers, and mobile devices, which present a new set of security issues that requires being handled (Price, 2003).

Penetration testing uses security tools and techniques that help identify and validate vulnerabilities. External penetration testing helps identify weaknesses in a company’s network that might be exploited by an attacker to attack the enterprise environment from the internet. Internal testing seeks to detect and exploit weaknesses to determine if the unauthorized access or other shady activity can be performed in the target network (Price, 2003). This gives an indication whether the system is able to withstand any attack emerging at the point where the test was accessed. By testing the security of the system in this way, we seek to answer this question: “Can an attacker exploit the identified weaknesses?”

This information is necessary to help the company’s security team gain experience in defending against cyber-crimes (Anderson & Rainie, 2010). It provides objectivity regarding the existing vulnerabilities and the efficacy of defense and mitigating mechanisms in place and those intended to be implemented in future.

Audit Standards

Companies favor an integrated audit that covers financial controls as well as the information systems. Organizations have to ensure that they comply with the set audit standards and legislations in this process. An audit standard like Statement of Auditing Standard (SAS) number 70 complies with the American Institute of Certified Public Accountants (AICPA) and ensures that the measures of financial records and processes are sound (University of Maryland University College, 2010).

Integrating financial control and its audits is more practical for large organizations since most data are stored electronically and information systems are used in their day-to-day business. In addition, legislation like Sarbanes-Oxley requires companies to ensure compliance in
Show More

Related Documents: Audit and Audit Standards Essay

In Terms Of Professional Standards When Is A Disclaimer More Appropriate Than An Audit Opinion?

Several federal laws require external audits to protect the public. Should federal laws also require internal audits within a public corporation? Provide an example to support your response. DQ 2: Professional auditing standards provide for an unqualified audit report with three standard paragraphs. Briefly describe those paragraphs. Which is the most important? Why? DQ 3: In terms of professional standards, when is a disclaimer more appropriate than an audit opinion? Explain the basis for your example…

Words 372 - Pages 2

Aas Summry Icai Essay

Summary of Auditing & Assurance Standards as prescribed by ICAI AAS-1 Basic Principals governing an Audit This Auditing and Assurance Standard was the first standard on auditing issued by the Institute. As the name suggests, it seeks to lie down and briefly explain the basic principles which govern the auditor’s professional responsibilities and which should be complied with whenever an audit is carried out. These principles are, namely, integrity, objectivity and independence, confidentiality, skills…

Words 4709 - Pages 19

Essay Building Conceptual Frameworks

Traditionally, audits were mainly associated with gaining information about financial systems and the financial records of a company or a business. Financial audits are performed to ascertain the validity and reliability of information, as well as to provide an assessment of a system's internal control. The goal of an audit is to express an opinion of the person / organization / system (etc.) in question, under evaluation based on work done on a test basis.[citation needed] Due to constraints, an audit seeks…

Words 1831 - Pages 8

Essay on Internal Auditing Case Study

Appreciative Internal Audit: A Strength-Based Approach to Quality System Auditing – A Case Study. Jon Morris President JDQ Systems Inc. Vancouver, BC, Canada Introduction Traditional internal audits fulfill an important need for companies with fresh ISO 9001:2000 Quality Management System implementations, but for companies with mature systems, those registered for more than five years, an innovative approach to auditing called “Appreciative Internal Quality Audit” can take them beyond compliance…

Words 4401 - Pages 18

Audit Notes Essay

Nature, Timing & Extent Chapter 1: Why Audit: Legal and Contractual Requirements Restrictive Covenants in Debt Agreements Modern Corporation Setup – Absentee Stockholders and professional Managers Principal –Agent Relationships Lack on information symmetry Conflicts of Interest Cost Effective Monitoring Device Information asymmetry: when on party has more or better information that the other party. Independence: Independence is a backbone of auditing. If an auditor is not independent…

Words 1473 - Pages 6

Essay on QAIP Best Practices 2015 AGA Conference

Conducting Internal Audit Quality Assessments – Best Practices Angela M. Poole, CPA, CGFM Associate Vice President, Finance and Administration Florida A&M University Agenda • Become familiar with IIA Standards related to a Quality Assurance and Improvement Program • Discuss the IIA Framework for Quality (Path to Quality Model) • Discuss the benefits of conducting quality assessments • Review a best practice – State of Texas IIA Study “Quality is never an accident; it is always the result of…

Words 1784 - Pages 8

Essay on Gay Marriage

E 1-17 D 1-18 D 1-19 C 1-20 A 1-21 A 1-22 B 1-23 E 1-24 C Review and Short Case Questions 1-25 The objective of external auditing is to provide opinions on the reliability of the financial statements and, as part of an integrated audit, provide opinions on internal control effectiveness. The value of the external auditing profession is affirmed when the public has confidence in its objectivity and the accuracy of its opinions. The capital markets depend on accurate, reliable, and…

Words 5939 - Pages 24

Essay on Innovation: Audit and Audit Expectation Gap

Expanded audit report Empirical studies have been conducted in the US, the UK and Australia to examine whether using an expanded audit report is effective in reducing an audit expectation gap. A survey conducted by Nair and Rittenberg (1987) in the USA revealed that an expanded audit report changes the users’ perceptions with regard to the responsibilities of the auditors. Likewise, Gay and Schelluch (1993) found that audit reports based on the revised Statement of Auditing AUP3 (i.e…

Words 687 - Pages 3

Question 1 Essay

Title: An audit report is not a guarantee, certification, or even a statement of fact. Rather it is the auditor’s opinion about the compliance of a company's financial statements with Generally Accepted Accounting Principles (“GAAP”) based on the auditor's work performed under Generally Accepted Auditing Standards (“GAAS”) ABSTRACT This is a discussion that focuses on GAAP and GAAS standards of auditing. It is a write up that tackles important factors in the auditing field and ensures…

Words 641 - Pages 3

Acc 490 Week 1

Week 1 Paper Auditing Standards Amy Jarvis ACC 490 Febuary 23, 2015 Looking into the Generally Accepted Auditing Standards there are 10 different type of elements that is associated with the Generally Accepted Auditing Standards which are separated into three different categories such as the general standards, standards of field work, and standards of reporting. In the general standards categories you have three elements, the auditor must have technical training, maintain independence…

Words 682 - Pages 3