Audit a rizika informačních technologií ve společnosti

Abstract

The aim of this bachelor thesis is to present the audit process in companies and to detect the risks that may arise due to the use of information technology in companies. The theoretical part contains the theoretical background of the audit, including the criteria of mandatory audit, legal regulation of audit in the Czech Republic and the auditor's procedure during the audit. Then the thesis focuses on the definition of cybersecurity and information technology. Also, specific cyber-attacks and security against these cyber-attacks are defined and delineated. Furthermore, information systems used in companies and Cloud computing are listed. The practical part deals with the audit and risks of information technology in the company, including the basic background for the audit, introduction of the IT audit plan, general IT risks and gaps, and an overall assessment of IT in the company. This section includes suggested recommendations and solutions for the problems and risks encountered.