IT audit - preparation and course of cooperation with an external auditor

The main objective of this thesis is to create a document that provides summarized information about the context, process and content of IT audit to the employees of an audited entity who are participating in the IT part of a financial statement audit in order to ensure a smooth audit process and effective cooperation with the external IT auditor. The theoretical part of the paper explains the history, definition and types of audit with emphasis on the definition of financial statement audit and information system audit including their regulation in the Czech Republic. The thesis defines controls in the context of internal control system and describes the most well-known audit frameworks and methodologies focused on IT controls. Subsequently, the individual stages of the financial statement audit process and the role of the IT specialist in this process are described. The practical part is focused on the development of the methodological guide for cooperation between an audited organisation and an external IT auditor during IT audit as part of a financial statement audit and includes an analysis of the most common audit findings. The methodological guide covers the most important aspects of cooperation with an IT auditor. It includes a glossary of terms, the reason for involvement of an IT auditor, the course of cooperation with an IT auditor, tested general IT controls, necessary audit evidence and the most common audit findings. The guide concludes by addressing problematic areas and provides recommendations on how to avoid common pitfalls.