Accounting and IT professionals providing audit and internal control services today cannot ignore the increasing impact of advanced technology on their clients, customers and employers. In today’s technology intensive business environment, disparate transactional systems, sub-ledgers and databases are linked together in highly complex, fine-tuned architectures that compile and collate financial information for the purposes of reporting. The interconnectivity of these information systems and the precise tolerances to which they are configured makes them and the information they generate especially vulnerable to changes in the IT environment.

How an organization manages change to its internal IT systems and information infrastructure, including modifications to existing hard- and software, is an important entity level-control that auditors must to evaluate as part of the Risk Assessment performed in connection with a financial statement audit.  In Part 2 of the five-part AICPA IT Community web seminar on IT General Controls for Financial Auditors, Lucas Kowal, CPA, CISA, CISSP introduces the concept of Change Control and explains:

§         What Change Control Is and What It Entails

§         Why It Is Important for Auditors to Understand

§         Proper Change Control Procedures, and How Auditors Can Assess Change Control within the Financial Statement Audit

§         Important Review and Test Strategies for Determining Risk Related to an Entity’s Change Control Policies and Procedures

About the Presenter: