This article chiefly discusses how of import information engineering has become in internal auditing after the passing of the Sarbanes-Oxley Act in 2002, which require hearers to utilize engineering when carry oning internal audits of house. The article airss and replies research inquiries that are based on an audit map ‘s activities that include: control confidence, risk-assessment, and conformity rating of security steps ( Weidenmier 2006 ) .
Under the risk-assessment activity, IT auditors can utilize engineering to place possible hazards based on benchmarks, fiscal projections, and simulations. These benchmarks and simulations are created based on past tendencies that are formed from “ data-mining ” , which is a procedure of utilizing informations and statistics in order to find forms or make a type of projection, whether it ‘s a fiscal projection or fraud pattern sensing. Under the control confidence activity, hearers have to stay by the Sarbanes-Oxley Act in which hearers have to utilize a technology-oriented model when supervising a house ‘s internal control ( Weidenmier 2006 ) .
IT hearers should be “ IT-literate ” when it comes to measuring the security steps of a house ‘s computing machine systems. Many companies use “ cookies ” and web-scripts in order to derive information from users including consumers, employees of the company, etc. IT hearers should be able to configure the web to maintain unauthorised entree from happening in the systems. In order to do certain that the computing machines are unafraid before or after an audit, the IT hearer should make a firewall ; and put in anti-virus/anti-malware plans to forestall highjacking and hackers from deriving entree doing individuality larceny and fraud ( Weidenmier 2006 ) .
Although this journal article was based on a written paper, I believe this beginning to be dependable for both hearers practising in the field and pupils who may be composing a paper. The article comes from a scholarly diary database and all beginnings and commendations are right cited in this beginning. It is besides believable because of the figure of commendations and beginnings used, which was about 4 pages long of mentions. The beginning created in 2006, which is merely a few old ages old but is much more dependable than a beginning created 10 old ages ago because engineering alterations drastically each twelvemonth, if non each twenty-four hours ( Weidenmier 2006 ) .
Weidenmier, M. , & A ; Ramamoorti, S. ( 2006 ) . Research Opportunities in Information Technology
and Internal Auditing. Journal of Information Systems, 20 ( 1 ) , 205-219. Retrieved from
Academic Search Premier database.
a-?Article 2: “ Continuous Online Auditing: A plan of research ”
This article discusses how computing machines have influenced auditing and accounting processs in general. Continuous online auditing, harmonizing to this article is defined as a type of scrutinizing that produces real-time audit consequences based on events related to the audit consequences. These audit consequences are normally placed within a web on a computing machine system which is handled by the IT hearer ( s ) in order for the informations to be accessed by both hearers and the clients as good. These webs are to a great extent monitored and protected by firewalls and advanced security processs such as decision maker rights and limited entree control to the webs. Continuous online auditing ( COA ) besides helps hearers manage audit hazard appraisal because the COA proctors online activity while garnering the appropriate audit grounds and informations ( Kogan 1999 ) .
In relation to the credibleness of this article, this article is dependable and utile for IT auditors practising in the field because it demonstrates what the hearers must make in order to keep an online audit system utilizing the appropriate processs and IT security steps. Although this article was written in 1999, it is still a scholarly diary that reflects the same issues of IT security in computing machine systems that occurs in 2010 such as the usage of firewalls and administrative rights for hearers and other people involved with the audit ( Kogan 1999 ) .
Kogan, A. , Sudit, E. , & A ; Vasarhelyi, M. ( 1999 ) . Continuous Online Auditing: A Program of
Research. Journal of Information Systems, 13 ( 2 ) , 87. Retrieved from Academic Search Premier database.
a-?Article 3: “ On Auditing Audit Trails ”
This article talked about the past auditing frauds that resulted from companies like Enron, WorldCom, and questionable companies like Xerox and Tyco who were pull stringsing their audit trails in order to look as a financially stable company. An audit trail is a type of computerized database ( s ) that shops all grounds of scrutinizing records for a company. It is of import for IT auditors to keep audit trails for a company because in the event of a false-fraud probe of the company, the IT hearer can show the audit trails as grounds to turn out whether fraud has taken topographic point or non.
Not merely do IT auditors use audit tests for accounting and big corporations, audit trails are besides used for assorted industry including jurisprudence enforcement and the pharmaceutical industry. For illustration, harmonizing to the article, an audit trail was conducted for a jurisprudence enforcement bureau and the audit trail showed that a fellow constabulary officer was prosecuting in illegal Acts of the Apostless including sexual torment. In the pharmaceutical industry, all records, computing machine systems, equipment, and informations must be verified and processed before the company can publish any new expressions for medical specialties and drugs in order to do certain fraud has n’t occurred in the auditing trail.
To turn to the credibleness of this article, I believe this article to be dependable for IT auditors working in the field and for pupils who may be composing a paper about audit trails. This article was published in 2003, shortly after the passing of the Sarbanes-Oxley act that resulted from the fraud of big corporations such as Enron & A ; WorldCom. This article demonstrates what IT hearers could make in order to keep audit trails for a company that ‘s being audited in order to do certain that if fraud occurs, the appropriate grounds is present that will find whether fraud really occurred or non ( Mercuri 2003 ) .
Mercuri, R. ( 2003 ) . On Auditing Audit Trails. Communications of the ACM, 46 ( 1 ) , 17-20.
Retrieved from Academic Search Premier database.
a-?Article 4: An Probe of Factors Influencing the Use of Computer-
Related Audited account Procedures
Janvrin, D. , Bierstaker, J. , & A ; Lowe, D. ( 2009 ) . An Probe of Factors Influencing the Use of Computer-Related Audit Procedures. Journal of Information Systems, 23 ( 1 ) , 97-118. Retrieved from Academic Search Premier database.
a-? Article 5: “ Auditing System Development: Constructing the Meaning of Systematic and Rational in the Context of Legacy Code Migration for Vendor Incentives ”
Borthick, A. , & A ; Bowen, P. ( 2008 ) . Auditing System Development: Constructing the Meaning of “ Systematic and Rational ” in the Context of Legacy Code Migration for Vendor Incentives. Journal of Information Systems, 22 ( 1 ) , 47-62. Retrieved from Academic Search Premier database.
Article 6: “ Audit Technology and the Use of Computer Assisted Audit Techniques ”
Lovata, L. ( 1990 ) . Audit Technology and the Use of Computer Assisted Audit Techniques. Journal of Information Systems, 4 ( 2 ) , 60-68. Retrieved from Academic Search Premier database.