From the course: Certified Information Systems Auditor (CISA) Cert Prep

Unlock this course with a free trial

Join today to access over 23,300 courses taught by industry experts.

Audit strategy

Audit strategy

From the course: Certified Information Systems Auditor (CISA) Cert Prep

Start my 1-month free trial Buy for my team

Audit strategy

- [Instructor] Okay, let's take a look at our audit strategy. So of course we have to have a strategy, we have to have a broad plan, and sort of a map, if you will, about what our process is going to be. So this will allow our audit executive to define our starting point, figure out what our target state is, and determine the processes and resources necessary. That's exactly what you expect from a strategy. Here's where we are, here's where we want to go, and then how are we going to get there. So this is ISAC's layout of an IT audit strategy. And as you'd expect, we talk about our starting point. We have to have input. Now, the business impact analysis is important because this shows us those elements that have the greatest impact on the success of our organization. So of course that's going to be a high focus. Then we have our IT risk assessment. So what are the risks that exist and where's our standing? Where are we currently? Who are the resources that we have? What are the…

Contents