Your Task

Hy Fenation, Director of IT Audit, has indicated that the internal audit department has adopted the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework as its control framework and COBIT 5 as its framework for governing and controlling IT.

Acknowledging your understanding and knowledge on COBIT 5, Hy Fenation has asked you to assist him in preparing the planning document for the audit.

Hy has requested that you:

1. Provide a brief description of the audit process required to satisfy the auditing of IT controls over financial reporting.
2. Based on the presentations by the Software Program executives, perform a risk assessment of the infrastructure and applications to identify the processes that need to be included in the audit.
3. Explain to Hy the process of evaluating control design and operating effectiveness.
4. Identify the processes you believe should be included in the evaluation of control design and operating effectiveness.