


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
An overview of sampling techniques used in auditing, including attribute and variable sampling, evidence collection, reporting, and follow-up. It also covers control self-assessment and evidence gathering techniques. The document emphasizes the importance of understanding when to apply each sampling method and the role of evidence in reaching reasonable conclusions.
Typology: Study notes
1 / 4
This page cannot be seen from the preview
Don't miss anything!
Attribute Sampling – used for compliance testing. Yes or No… Backups and restoration test in a period. Variable Sampling – used for substantive testing. How much, how little, how good… Credit accounts over $1,
Notes:
Standards and Guidelines are found in ITAF 3 rd^ Edition. If you don’t have a copy by now you are strongly advised to get one. How to read them?
Classification of Audits: Pay particular attention to the Forensic Audit section. While preservation and protection of evidence is important in any audit, (integrity, privacy,…) it is much more so with forensic audits. Chain‐of‐custody is also a delicate matter in these types of audits for any and all evidence you will use may be used to support a criminal investigation.
people realize the benefits of the controls they engage in their design and overall improvement. Unfortunately, we don’t always get buy‐in. People may perceive this shift of responsibilities as added work or a replacement of the audit function. But I think there are more benefits than drawbacks.
Other Notes :
Finally take a look at the Data Validation Edits and Controls table in Chapter 3 of the CISA Review Manual. It is Exhibit 3.29 on page 213 in my copy from last year. The table lists a set of IS Controls and their descriptions. Their names should be enough to understand what they are supposed to do. Don’t memorize them but get a general idea of what they do. They will become handy for the final.