Information Technology Reference
In-Depth Information
The IS auditor should have a good understanding of the nature of IT risks and how they
are being mitigated before developing an IS audit program. We will analyse IT risk in more
detail in chapter 6.
History of IS Auditing
The advent of microcomputer systems brought about increased dependence on the use of
IT systems by private and public organisations in the mid 1960s and early 1970s. The in-
creased dependence on IT systems also brought in the need to ensure that systems were
reliable, secure, and processed data with high accuracy. The use of computer auditors was
one way which was considered to enhance assurance and saw the birth of a new profession,
which today has hundreds of thousands of practicing IS auditors around the world. The de-
velopment of IS auditing as a profession was also largely influenced by the growth of the
use of computerised accounting systems and the need to have effective IT controls which
would provide assurance to management on financial record-keeping in an automated en-
vironment.
Today we are seeing the development of large integrated information systems used by mul-
tinational corporations such as Microsoft, Samsung, Citibank, and many other similar cor-
porations. These corporations, due to the volumes of transactions, are able to generate large
volumes of electronic data. Big data has become a subject of discussion in many enterprises
as this has created new opportunities to analyse data and extract various types of informa-
tion which enterprises can use to enhance performance of their businesses and have a com-
petitive advantage in the marketplace.
The growth of IS auditing has also been influenced by the increasing use of the Internet
to conduct business by many enterprises. Most business transactions today are conducted
using the Internet, and global enterprises have taken advantage of the Internet to grow and
offer their services to a global market.
The original focus of IS auditing was very technical and was more concerned with the tech-
nical features of systems than it is today where our focus is more risk-based and centred on
the need to enhance business performance.
Accounting scandals in the USA and Europe also reinforced the importance of using IS
auditing. IS auditing is used by many enterprises that are dependent on information tech-
nology, and it is also highly influenced by various forms of corporate regulations and legis-
lation by jurisdictions around the world.
ISACA is one of the professional organisations which are promoting the practice and de-
velopment of the information systems auditing profession. The association has been in op-
eration since 1969 when it was incorporated. The Institute of Internal Auditors is one other
professional association responsible for promotion of IS auditing. The two organisations
Search WWH ::
Custom Search