UP TO 50% OFF on Combo Courses!

CISA Domain 3 – Information Systems Acquisition, development and implementation- Part 9

PART 9 – CISA Domain 3 – Information Systems Acquisition, development and implementation

  • What are the online audit techniques?
    • Systems Control Audit Review and Embedded Audit Modules (SCARF/EAM)
    • Snapshots
    • Audit Hooks
    • Integrated test facility (ITF)
    • Continuous and intermittent simulation (CIS)

Online auditing techniques:

  • Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM)The use of this technique involves embedding specially written audit software in theorganization’s host application system so the application systems are monitored on a selective basis
  • Snapshots This technique involves taking what might be termed pictures of the processing path that a transaction follows, from the input to the output stage.
  • Audit hooks This technique involves embedding hooks in application systems to function as red flags and to induce IS security and auditors to act before an error or irregularity gets out of hand.
  • Integrated test facility (ITF) – It creates a fictitious entity in a database to process test transactions simultaneously with live input. It can be used to incorporate test transactions into a normal production run of a system.
  • Continuous and intermittent simulation (CIS) This means that the simulation is notified about each transaction that is entered to the application and accesses to database by the DBMS
Points to remember:

  • An online auditing techniques is most effective for the early detection of errors or irregularities – Audit hooks
  • Generalized audit software (GAS) – Used by IS auditor to detect duplicate invoice records within an invoice master file

Part 1, Part 2, Part 3, Part 4, Part 5, Part 6, Part 7, Part 8, Part 9

Aswini Srinath ( )
Writer And Editor
I am a qualified Chartered Accountant based out of Chennai, with 8+ years of experience in various roles in finance domain including CA Practice, financial reporting and auditing. I have always been keen to challenge myself by exploring potential capabilities outside of my core competency. Picked up Information Security as one such thing. Cleared CISA with 2nd Rank in ISACA Chennai Chapter in 2019. Since then, i have been sharing my learning and experience to a small group of avid followers, helping them prepare for their CISA exams. This article is also one such attempt, where I summarize the key areas in each domain based on the importance and weightage from an exam point of view.