Federal Information System Controls Audit Manual: Volume I Financial Statement Audits [Superseded by GAO-09-232G]
Highlights
This document has been superseded by GAO-09-232G. GAO published a manual to provide auditors guidance for evaluating internal controls over the integrity, confidentiality, and availability of data maintained in computer-based information systems. The manual's sections provide detailed guidance on evaluation and testing computer-related controls, including guidance on: (1) identifying the auditee's significant computer-supported operations, assessing the risk associated with these operations, and identifying the controls to be tested; (2) control objectives and commonly used control techniques, as well as audit procedures; and (3) common application control objectives and related control techniques, as well as suggested audit procedures. This is the 1999 version.