Systems audit is a very vague term which leads to communication gap if not defined in advance in terms of approach and outcome.
A system in any company consists of following:
- Automated (IT) system
- Manual system
- Hybrid system
The audit of any system requires vetting of two things:
- Whether design of system is appropriate as per the nature of business and size of the company or not?
- Whether designed system is running effectively or not?
The outcome of vetting these two imperative questions leads to identification of gaps in system design and it’s operating effectiveness. Purpose of installing any kind of system is usually two folds : mitigation of risk and scaling up.
Our unique approach to systems audit:
- Understanding of the nature and size of business
- Discuss about the current system failures and their impact
- Understand the context of system audit requirement i.e. Internal initiative, Advised by Statutory Auditor, Due diligence expected
- Agree on the areas to be covered and frequency of system audit
- Carry out system audit of one area and discuss the outcome to understand the expectation gap, if any.
- Execute the complete system audit and share the report with our suggestions for implementation.
- Include the status of implementation of last report along with challenges faced and revised plan, if any.