●Preparation of system audit report
Once the system audits are complete, a “system audit report” is prepared
to accurately inform management, the audited department, and the related
departments of the results.
The audit report includes the “audit results”, a “general overview”, the
“strong points”, “suggestions”, and “things that need to be improved.”
●Opinion exchange meeting
At the “opinion exchange meeting,” opinions are exchanged with the
representative of the audited department to make sure there are no factual
errors in the audit report. Opinion exchange is a characteristic process of
system audits.
The opinion of the audited department as shared at the opinion exchange
meeting is reflected in the system audit report, and additions or changes
are made as necessary to put the finishing touches on it.
●Audit report meeting
An “audit report meeting” is held to provide an explanation of the audit
results to management based on the final audit report.
●Follow-up
The effectiveness of system audits hinges on the provision of suggestions
for improvement. For that reason, the system auditor checks on the status
of improvements and supports the implementation thereof. This is called
“follow-up.” Regular audits are carried out to check on the status of improvements, and follow-up audits are performed as necessary.
2
Other Audit Work
Other typical audit work is as follows.
149
Accounting audit
Accounting and financial statements are audited and approved by a third party. These audits are performed by a
certified public accountant or an auditing firm.
Operations audit
The results of a company’s business and management activities, the management methods used, etc. are verified
and evaluated by a third party. These audits are performed
by internal auditors or the company’s auditor.
Information security
audit
The criteria, methods, etc. of information security measures
are audited, corrected, verified, and evaluated by a third
party. These audits are performed by internal auditors or the
company’s auditor.