Activity

Abstract

One of the more pivotal aspects of an IT audit engagement is IT audit follow-up. Depending on the ambit and terms of the engagement as well as under a relevant information systems audit standard, external IT auditors may rely on an internal IT audit function to follow-up on agreed-on corrective actions. Follow-up responsibilities for ongoing internal audit activities should receive inscription in the audit charter of the internal IT audit function and for external IT audit assignments in the engagement letter. Chapter 10 details follow-up as a continuing IT audit engagement, a separate follow-up engagement, and agreed-upon follow-up procedures covering corrective actions. Chapter 10 also provides IT audit follow-up tasks for determining satisfactory and unsatisfactory corrective action deployments.