1. BACKGROUND
1.1 Linkage to ISACA Standards
1.1.1 ISACA IS Auditing Standards, as well as certain of the IS Auditing Guidelines, have direct relevance to the IS auditor’s audit work
on ERP systems or ERP system implementation projects.
1.1.2 For example, in accordance with Standard S6 Performance of Audit Work, supervision of the performance of ERP related audit
work by subordinate IS or other audit staff for the IS auditor must be subject to sufficient appropriate supervision by the IS auditor.
1.1.3 Further, in those circumstances where the IS auditor is requested or required to be involved in nonaudit roles associated with the
ERP systems or implementation project, in addition to the IS Auditing Standards and Guidelines related to S2 Independence and
G12 Organisational Relationships and Independence, the IS auditor should review and appropriately consider the applicability of
the ISACA Standards for IS Control Professionals.
1.1.4 If the IS auditor is to be involved from an audit or a nonaudit role perspective in the business process reengineering (BPR)
activities associated with the implementation and use of an ERP system, ISACA’s IS Auditing Guideline G26 Business Process
Re-engineering should be reviewed.
1.1.5 In addition to the pronouncements of ISACA’s Standards Board, its Research Board has or has had a number of projects and
deliverables, which are available through the ISACA website (www.isaca.org) and may be of interest to the IS auditor depending
on the specific ERP product and other resources being used