IT Auditing: New Systems

About the Author

Michael Lapelosa
Michael Lapelosa, CISA

Michael Lapelosa, CISA, is a 25-year seasoned Internal Audit Professional with experience in financial services, state government and healthcare.

Michael’s responsibilities have included Internal Audit, Performance Appraisal, TQM, and Information Security.
Michael is very active with The IIA as both a member of The Board of Directors of The II
A New York Chapter and Past President of the New York Chapter.
He was formerly a member of the
Executive Committee of the ISACA New York Chapter and a member of the ISACA Academic Relations Committee.
Michael is a frequent instructor and seminar leader for The Institute of Internal Auditors, USDA Graduate School, and the Foundation for Accounting Education (FAE) teaching various seminars including: 
He is an Adjunct Professor at Baruch College teaching Accounting Information Systems and was instrumental in developing an Internal Audit undergraduate degree program at that College.
Michael has published several articles including Internal Auditor Toolkit, Internal Auditing and the New Model Economy, Outsourcing Self Test, Auditing Factoring Companies, and Auditing at the Crossroads.

His electronic publications include "IT Auditing: The Basics", “Modern Integrated Audit Approach” and “Internal Auditor Toolkit” digitalSeminarTM (a complete seminar including PowerPoint slides accompanied with a digital soundtrack) are available on CD for both individual and chapter use at

cd and computer

IT Auditing: New Systems

New system implementations give internal audit departments splendid opportunities to add value to the organization and establish long-term business relationships in a non-adversarial manner by utilizing an integrated approach that focuses on understanding the entire control environment and targeting automated control solutions to reduce risk, enhance operational efficiency, and augment internal audit processes.

Regulatory requirements imposed by legislation such as the Sarbanes-Oxley Act in the United States highlight the complex relationship between computer systems, internal controls, and accurate financial reporting.  While spending enormous amounts of money to comply with these regulations it became very apparent that organizations’ financial reporting and operational performance become more and more dependent on complex information technology.

Since computer systems are becoming ever more complex with numerous interfaces to and from other systems IT auditors with a broad knowledge of the various business processes and systems using an integrated approach can contribute significantly to the successful development of these systems.  

Many IT departments welcome auditors as another set of eyes looking for the best solution.  In fact IT senior management sometimes challenges the audit department to join development efforts and contribute to their successful completions.

Michael's latest electronic publication, “IT Auditing: New Systems” addresses the need for IT audit to provide expertise that ensure controls are implemented during the development process.

As an Audit Director and IT Auditor with over 25 years experience in the profession, Michael Lapelosa
suggests an approach and a customizable work program that should help auditors add value to an organizations by addressing the requirement for building in effective and efficient controls as systems are being developed or major changes are being made.  This integrated approach for IT auditors enables the support of both financial and operational auditors as appropriate.

Throughout this digital product Michael shares an integrated approach that works well
to add value to organizations by the IT Auditing of New Systems.

cd and compute

IT Auditing: New Systems Presentation

"IT Auditing: New Systems" PowerPoint Presentation

Click the link above to access the PowerPoint presentation. 
The 70-slide PowerPoint offers some excellent insights to the world of New Systems and Major Upgrades of Systems with an emphasis on opportunities for internal audit to add value by the IT Auditing of New Systems.

The PowerPoint material highlights numerous insights to that topic including the following subjects:

Audit Opportunities to Add Value
Methodology & Objectives
Integrated Approach
Business Process
Audit Steps
Pitfalls to Avoid
Critical Success Factors

cd and compute

IT Auditing: New Systems Audit Program

"IT Auditing: New Systems" Audit Program

Click the link above to access an actual audit program that follows and supplements the ideas presented in the PowerPoint presentation. 

The audit program can be used to help develop an integrated approach to performing IT audits of New Systems or to modify your current approach.

Using this approach permits an efficient use of internal audit resources in the auditing of new automated systems and major changes to existing systems by ensuring that a risk assessment is made prior to committing audit resources.

Using this approach ensures the audit objectives of the reviews selected because of high risk-ranking are met by determining if automated controls are being incorporated into the system, if new systems are being developed and implemented according to a formal methodology, and if new systems comply with that methodology.

This audit program addresses specific audit concerns in these important areas:
Audit Opportunities
Use of the Audit Program
Risk analysis
Audit integration
IT Project Management Survey
Detailed Audit Program
Project Proposal/Plan
Detail Design
Program Design
Program Coding/Testing
System and User Documentation
System Testing
Post Implementation And System Maintenance

Other Resources

If you like the quality of this product please check for additional resources.

Order Online

Please tell other Audit Professionals during your sharing about these resources.

Thank you.

Pleier Corporation