Knowledge Statement 1.1
- Credibility of an audit is based on commonly accepted standards.
2. ISACA is the global pioneer of IS assurance and audit that covers the below:
- Code of professional ethics
- Standards framework
- Tools and Techniques
ISACA Code of Professional Ethics
- Encourages compliance with appropriate standards, procedures and controls for information systems.
- Supports professional education of stakeholders to enhance their understanding of information systems security and control.
- Performs duties with due diligence and professional care in accordance with professional standards and best practices.
- Serves in the interest of shareholders in lawful and honest manner without engaging in acts discreditable to the profession.
- Informs appropriate parties about the results of work performed, revealing all significant facts known to them.
- Maintains the privacy and confidentiality of information obtained unless disclosure required by a legal authority.
- Maintains competency in respective fields and agree to only undertake those activities if they are in accordance with professional competence.
ISACA IT Audit and Assurance Standards Framework
The objectives of the standards framework is to inform:
- IS Auditors of the bare minimum level of performance required to meet the professional responsibilities.
- The Management of the profession requirement regarding the work of audit practitioners.
- CISA Holders that failure to meet these standards results in a review of ISACA board of directors, which may ultimately result in disciplinary action.
ISACA IT Audit and Assurance Guidelines
Guidelines provide additional information on how to comply with the ISACA standards. Guidelines and documents are identified by a prefix G, followed by the number. There are 42 categories of guidelines.
G2 — Audit Evidence Requirement
G7 — Due Professional Care
G10 — Audit Sampling
G15 — Planning
G20 — Reporting
G28 — Computer Forensics
G38 — Access Controls (A common point to check during your audit)
G42 — Continuous Assurance