While there are four major types of internal audits, financial, operating, compliance and information technology - it is not unusual to incorporate elements of each when we review a business process or department on any of the campuses. In addition, internal auditors are sometimes asked to perform special reviews.
Information Technology audits evaluate the internal controls related to the management of information technology environments and related infrastructure, applications and data. Typical areas assessed include: governance with related policy and process documentation; security (physical and logical over information, applications and infrastructure assets); change management; monitoring; and business continuity/disaster recovery. Controls are evaluated based on industry organizations and audit standards such as ISO 27002 (International Organization for Standards), ISACA (Information Systems Audit and Control Association) and related COBIT (Control Objectives for Information and related Technology), and IIA (Institute of Internal Auditors), GTAG (Global Technology Audit Guides), as well as adherence to laws and regulations.
The PDF files on this page require the free Adobe Acrobat Reader.
What We Can Do For You
Policies and Guidelines
Reports & Resources