IT Auditing: New Systems

Michael Lapelosa, CISA

Michael Lapelosa, CISA, is a 25-year seasoned Internal Audit Professional with experience in financial services, state government and healthcare.

Michael’s responsibilities have included Internal Audit, Performance Appraisal, TQM, and Information Security.
 
Michael is very active with The IIA as both a member of The Board of Directors of The IIA New York Chapter and Past President of the New York Chapter.
 
He was formerly a member of the Executive Committee of the ISACA New York Chapter and a member of the ISACA Academic Relations Committee.
 
Michael is a frequent instructor and seminar leader for The Institute of Internal Auditors, USDA Graduate School, and the Foundation for Accounting Education (FAE) teaching various seminars including: 

• Internal Auditor’s Toolkit
• Integrated Auditing
• Internal Auditors Best Practices
• Internal Auditors Standards and Quality Assurance
• Computer Fraud
• CISA Review Course
• Risk Assessment
• COSO Self Assessment
• EDP Auditing
• Auditing a Paperless Environment
• Auditing for Fraud: A Proactive Approach
• Auditing Local Area Networks
• SDLC Auditing: Hitting the Hot Spots
• Effective Audit Testing

He is an Adjunct Professor at Baruch College teaching Accounting Information Systems and was instrumental in developing an Internal Audit undergraduate degree program at that College.

Michael has published several articles including Internal Auditor Toolkit, Internal Auditing and the New Model Economy, Outsourcing Self Test, Auditing Factoring Companies, and Auditing at the Crossroads.

His electronic publications include "IT Auditing: The Basics", “Modern Integrated Audit Approach” and “Internal Auditor Toolkit” digitalSeminar^TM (a complete seminar including PowerPoint slides accompanied with a digital soundtrack) are available on CD for both individual and chapter use at http://www.pleier.com.



New system implementations give internal audit departments splendid opportunities to add value to the organization and establish long-term business relationships in a non-adversarial manner by utilizing an integrated approach that focuses on understanding the entire control environment and targeting automated control solutions to reduce risk, enhance operational efficiency, and augment internal audit processes.

Regulatory requirements imposed by legislation such as the Sarbanes-Oxley Act in the United States highlight the complex relationship between computer systems, internal controls, and accurate financial reporting.  While spending enormous amounts of money to comply with these regulations it became very apparent that organizations’ financial reporting and operational performance become more and more dependent on complex information technology.

Since computer systems are becoming ever more complex with numerous interfaces to and from other systems IT auditors with a broad knowledge of the various business processes and systems using an integrated approach can contribute significantly to the successful development of these systems.  

Many IT departments welcome auditors as another set of eyes looking for the best solution.  In fact IT senior management sometimes challenges the audit department to join development efforts and contribute to their successful completions.

Michael's latest electronic publication, “IT Auditing: New Systems” addresses the need for IT audit to provide expertise that ensure controls are implemented during the development process.

As an Audit Director and IT Auditor with over 25 years experience in the profession, Michael Lapelosa suggests an approach and a customizable work program that should help auditors add value to an organizations by addressing the requirement for building in effective and efficient controls as systems are being developed or major changes are being made.  This integrated approach for IT auditors enables the support of both financial and operational auditors as appropriate.

Throughout this digital product Michael shares an integrated approach that works well to add value to organizations by the IT Auditing of New Systems.

IT Auditing: New Systems Presentation

"IT Auditing: New Systems" PowerPoint Presentation

Click the link above to access the PowerPoint presentation. 
 
The 70-slide PowerPoint offers some excellent insights to the world of New Systems and Major Upgrades of Systems with an emphasis on opportunities for internal audit to add value by the IT Auditing of New Systems.

The PowerPoint material highlights numerous insights to that topic including the following subjects:

Introduction
Audit Opportunities to Add Value
Methodology & Objectives
Integrated Approach
Business Process
Audit Steps
Benefits
Pitfalls to Avoid
Critical Success Factors

IT Auditing: New Systems Audit Program

"IT Auditing: New Systems" Audit Program

Click the link above to access an actual audit program that follows and supplements the ideas presented in the PowerPoint presentation. 

The audit program can be used to help develop an integrated approach to performing IT audits of New Systems or to modify your current approach.

Using this approach permits an efficient use of internal audit resources in the auditing of new automated systems and major changes to existing systems by ensuring that a risk assessment is made prior to committing audit resources.

Using this approach ensures the audit objectives of the reviews selected because of high risk-ranking are met by determining if automated controls are being incorporated into the system, if new systems are being developed and implemented according to a formal methodology, and if new systems comply with that methodology.

This audit program addresses specific audit concerns in these important areas:
   

Policy
Audit Opportunities
Use of the Audit Program
Procedures
Guidelines
Background
Planning
Risk analysis
Monitoring
Reporting
Audit integration
IT Project Management Survey
Detailed Audit Program
Project Proposal/Plan
Detail Design
Program Design
Program Coding/Testing
System and User Documentation
Implementation/Conversion
System Testing
Post Implementation And System Maintenance

Other Resources

If you like the quality of this electronic publication on CD check http://www.pleier.com for additional information.

Current Publications - Click the link to preview:

• 21st Century Audit Management – Opportunities and Challenges – by a number of contributing authors
• A Practitioner's Guide to Corruption Auditing by Muhammad Akram Khan
  
• A Practitioner’s Guide to Performance Auditing by Muhammad Akram Khan
• Achieving Auditor Excellence by David McNamee
  
• Auditing Fraud - Complete Publications, Threat Scenarios, Purchasing & Contracts Fraud by David McNamee
• Auditing IT Infrastructures by Alan Oliphant
• Auditing Purchasing and Contracts by David McNamee
  
• Control Self Assessment by David McNamee
• Exceeding Expectations by John D. Tongren
  
• Internal Auditing: Basics & Best Practices by David McNamee
  
• IT Auditing: An Adaptive Process by Robert E. Davis
• IT Auditing: Irregular and Illegal Acts by Robert E. Davis
• IT Auditing: IT Governance by Robert E. Davis
• IT Auditing: The Basics by Michael Lapelosa
• IT Auditing: The Process by Robert E. Davis
  
• McKeever CCSA Study System by John J. McKeever
• Operational Auditing: Adding Value to Organizations by John D. Tongren
• Risk Management - Best Practice, Case Studies, and Related Material – by a number of contributing authors
• Risk Management and Risk Assessment by David McNamee

Print Order Form - PDF
Print Order Form - Word Document
Order Online

ADM PLUS Audit Management Systems for managing an Audit Department help auditors manage better.