IT systems are employed to support business processes, process information and organise the administration, and the measures of internal audit are often contained in IT systems as well. Naturally, this means that IT systems have to be audited as well.
IT has to be audited as well
Naturally, this means that IT systems have to be audited as well. You want to be able to rely on your information supply, which means you have to be able to rely on your IT system. And that is what the IT Audit, also known as the EDP Audit, is focused on.
Integrated part of the annual accounts audit
The EDP Audit can be an integrated part of the annual accounts audit. An EDP Audit is focused on determining the extent to which the systems and the risks related to these systems are managed. The EDP Audit can be:
- in the form of a scan
- an audit of general controls and/or
- an audit of specific application controls
For the accountant
Accountants often employ an EDP auditor in their annual audit when a high degree of automation is involved, or when the IT systems are extensive and complex. In that case, the accountant is aware of the risks that might be involved, and of the extent to which he can rely on the client's systems.
And for you
Naturally, this information is also of great importance and use to the audited corporation or institution itself. Therefore, the EDP audit is often a valued instrument for directors and management to get and keep a grip of the IT and information provision .
Specialised EDP auditors
Carrying out EDP audits requires specialist knowledge and experience with IT systems. Mazars has an expertise cluster with qualified Registered EDP auditors (RE), who carry out EDP audits for the benefit of the regular audit. These auditors are registered as EDP auditor with the Dutch Order or Registered EDP auditors (Nederlandse Orde van register EDP-auditors), which is associated with NIVRA. They have years of experience and knowledge of a great number of IT applications. In addition to these Registered EDP auditors, Mazars has Certified Information Systems Auditors (CISA) who are registered with the ISACA, the international professional organisation of EDP auditors.