As more businesses are licensing commercial enterpirse applications, auditing IT application controls is a key part of IT audit lifecycle. The level of controls for a particular application is dependent on the degree of risk involved in the incorrect or unauthorized processing of that data and regulatory compliance requirements.
The application platform could be a Oracle or peoplesoft payroll system, an intuir quickbooks accounting system, a custom developed inventory system, an outsourced billing system or, possibly, an integrated ERP (enterprise resource planning) system like SAP, Oracle, Peoplesoft and Infor. Since, all rules and logics pertaining to the business processes are designed and devleoped in the application software auditing application controls is key to get assurance on information integrity.
Also, most of the business users interact with IT systems only through the application software. The enterprise application software should limit the actions that a user can do and detect any frauds or unauthorized access.
It is very important to have solid controls in key enterprise applications and do a thorough risk assessment because the business processes and financial transactions flow through the application package.
Each application has its own risks and to understand the risks, you need to be experienced in auditing the systems. Checklist 2.0 best practices and controls are prepared by real-world IT experts involved in designing, developing and managing the applications. This allows Checklist 2.0 to bring practical experience in how the application controls are used as well as strategies to mitigate risks.