ABSTRACT
This chapter explores the necessity of auditing the information technology (IT) operations and systems through which business transactions and financial data are processed. It discusses how audit can add value to these processes by evaluating the efficiency, effectiveness and economy of an organisation's IT systems in relation to its objectives. The chapter discusses the need for an IT-based competency dimension for modern auditors the ability to audit information systems (IS) that are used in producing financial data. The two main approaches available to an auditor of a Computerised Information Systems (CIS) are auditing round the computer and auditing through the computer. The chapter sheds light on Information Systems Audit and Control Foundation's (ISACF) Control Objectives for Information and Related Technology (COBIT) framework which assists audit and control functions by linking the IT control objectives to the overall business objectives. COBIT was originally viewed as an IT assurance tool.
