1. Objectives, Focus and Description of the Text.- Section I: Corporate Governance and the Audit Process.- 2. Responsibilities, Regulations, Control Frameworks.- 3. The Audit Beginning.- 4. Audit Field Work.- 5. Audit Conclusion.- Section II: Controls Overview .- 6.Types of Audits and Categories of Controls.- 7. Administrative Controls Established by Audit Clients.- 8. Physical Controls that Provide Safeguards.- 9. System and Application Access Controls.- 10. Enterprise Operational Controls.- 11. Separation of Duties.- 12. Application Controls.- 13. Recent Challenges.- Section III: Pro-active Measures.- 14. Identification of Exposures and Issues.- 15. Risk Management.- 16. Testing.- Section IV: Mock Audits.- 17. Preparation Steps for Mock Audits Roles.- 18. Mock Audit Field Work.- 19. Mock Audit Field Work.
Ed Danter retired after nearly 42 years with IBM developing, maintaining, and evaluating systems as a member of their corporate audit staff and business controls organizations involved with Sarbanes Oxley and SAS70 audits, with extensive teaching of application systems control and auditability. After leaving IBM, he worked as an adjunct professor at Kean University, USA teaching classes on Auditing Information Systems and Auditing Financial Statements. He currently has his own company, IAE (Internal Audit Education) where he offers education to management and executives to prepare them to be “audit ready,” avoiding the illusion of control.
Most university undergraduate and graduate audit classes are geared towards educating prospective auditors but do not provide education for those who will be audit clients and subjected to audits. Future audit clients need to be educated as well as future auditors to ensure that there is a level playing field. Those being audited do not receive the same level of formal education as internal auditors– most client education occurs during the audit itself. The client, once subjected to an audit and faced with the consequences of a failed audit, will learn via trial and error. If left unprepared, managers can suffer financial losses and promotional setbacks; the preparation and education that is needed to be audit ready is lacking.
Of interest to accounting, finance or business students and entry-level practitioners, this book provides the audit education and preparation that has been missing. It shows how to interface with auditors, helping to identify issues, exposures and risks, and adequately position current and future managers to achieve successful audits. The book also provides mock audit simulation exercises to further prepare prospective audit clients.
Ed Danter retired after nearly 42 years with IBM developing, maintaining, and evaluating systems as a member of their corporate audit staff and business controls organizations involved with Sarbanes Oxley and SAS70 audits, with extensive teaching of application systems control and auditability. After leaving IBM, he worked as an adjunct professor at Kean University, USA teaching classes on Auditing Information Systems and Auditing Financial Statements. He currently has his own company, IAE (Internal Audit Education) where he offers education to management and executives to prepare them to be “audit ready,” avoiding the illusion of control.