Federal Information System Controls Audit Manual (FISCAM):

Exposure Draft [Superseded by GAO-09-232G]

GAO-08-1029G: Published: Jul 31, 2008. Publicly Released: Jul 31, 2008.

Additional Materials:

Contact:

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

This document has been superseded by GAO-09-232G. This letter transmits the exposure draft of the Government Accountability Office (GAO) Federal Information System Controls Audit Manual (FISCAM) for review and comment. The FISCAM presents a methodology for performing information system (IS) control audits of federal and other governmental entities in accordance with professional standards, and was originally issued in January 1999. We have updated the FISCAM for significant changes affecting IS audits.

The exposure draft revisions reflect changes in (1) technology used by government entities, (2) audit guidance and control criteria issued by the National Institute of Standards and Technology (NIST), and (3) generally accepted government auditing standards (GAGAS), as presented in Government Auditing Standards (also known as the "Yellow Book"). The Federal Information System Controls Audit Manual (FISCAM) provides a methodology for performing information system (IS) control audits in accordance with GAGAS. However, at the discretion of the auditor, this manual may be applied on other than GAGAS audits. As defined in GAGAS, IS controls consist of those internal controls that are dependent on information systems processing and include general controls and application controls. This manual focuses on evaluating the effectiveness of such general and application controls. This manual is intended for both (1) auditors to assist them in understanding the work done by IS controls specialists, and (2) IS controls specialists to plan and perform the IS controls audit.

Jun 20, 2016

Jun 13, 2016

Jun 6, 2016

May 26, 2016

May 18, 2016

Apr 6, 2016

Mar 30, 2016

Feb 29, 2016

Feb 25, 2016

Feb 11, 2016

Looking for more? Browse all our products here