Quantitative Methods in Audits and Control

Quantitative Methods in Audits and Control - Quantitative...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Quantitative Methods in Audit and Control 422 STANDARDS REVIEW ON MISSION OF MANAGEMENT INFORMATION SYSTEMS AUDIT Delia BABEANU Ph.D, Information System Supervisor, Lecturer, Faculty of Accounting and Management Information Systems, University of Economics, Bucharest, Romania E-mail: [email protected] Web page: www.cig.ase.ro Valerica MARES Ph.D, Lecturer, Faculty of Accounting and Management Information Systems, University of Economics, Bucharest, Romania E-mail: [email protected] Web page: www.cig.ase.ro Abstract: The purpose of auditing is to verify that all hardware and software functions, automated processes, declared and published performance criteria are producing correct results, within the confines of system integrity, security measures and other control mechanisms, in accordance with functionality, originally envisaged, designed or modified. Key words: standards for information systems audit; risks management; information security; IT governance Introduction The scope of an information systems audit may be as far and wide to cover the entire lifecycle of the technology under scrutiny, including the correctness of computer calculations, or a basic test to verify compliance with a specific declared objective. The "scope" is of an audit is dependent on its declared objective, decided upon from the outset. Audits may be initiated as a result of some concern over the management of assets. The concerned party may be a regulatory agency, an asset owner, or any stakeholder in the operation of the systems environment, including systems managers themselves. Each and every party may probably have an objective in initiating and commissioning the audit. Such an objective may be to validate the correctness of the systems performance or calculations, confirming that systems are appropriately accounted for as assets, to assess the operational integrity of a series of automated processes, to verify that confidential data is not compromised by being exposed to unauthorized persons, or it may even be a multifaceted combinations of the above mentioned aspects in addition to a wider ranging information systems issues of lesser or greater significance to an organisation, which by its very nature, may vary from one place to another. Selected various objectives of an audit will ultimately determine its scope. The purpose of auditing is to verify if all hardware performances are used according to the software ones, at designed parameters. In order to achieve these normal working
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Quantitative Methods in Audit and Control 423 parameters of computer networks have been defined as well as those peripheral devices. It is important that the audit starts from the results of a previous audit of the company. The existing documents, created by a previous mission, should be analyzed, after which all the subsequent changes to the system will be verified. If these existing documents, as well as the documentation for further changes satisfy the need for information of the
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/25/2012 for the course IT 205 taught by Professor Kurts during the Winter '08 term at University of Phoenix.

Page1 / 8

Quantitative Methods in Audits and Control - Quantitative...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online