Premium Essay

Information System Audit

In:

Submitted By marietomalan
Words 2359
Pages 10
Information Systems Audit

Information Systems Audit An information system audit examines and evaluates an organization’s information systems, practices, and operations. The audit is designed to confirm that the information system is safeguarding the organization’s assets, ensuring data integrity, and performing in an efficient way so as to meet the organization’s goals. Information system audit plans seek to evaluate the robustness of the organization’s information system. Is the system available at all times when needed by the organization? What are the security mechanisms in place to ensure confidentiality and security of data? Is the information provided by the systems accurate? Audits of information systems may be initiated to address these individual specific issues within the overall IS environment.
Information Systems Audit Program The elements of an information systems audit will address the effectiveness of controls in the following general areas: * Physical and environment review that includes physical property security, power supply, air conditioning, etc. * System administration review encompassing operating systems, databases, and system administration policies and procedures. * Application software review which is an encompassing examination of the applications being used by the organization as well as the access controls, authorizations, process flows, error and exception handling, and similar activities that effect software applications including system development lifecycle. * Network security review to identify the external and internal connections to the information system through firewalls and routers and the intrusion detection systems in place. * Business continuity review evaluates the systems that ensure continuity of operations including data backup programs, disaster recovery plans, redundant hardware systems,

Similar Documents

Premium Essay

It on Auditing

...REFLECTION PAPER ON “THE IMPACT OF EMERGING INFORMATION TECHNOLOGY ON AUDITING” In our modern world today, everything is possible... Everything is faster. But based on this fact, do we really know the influence of evolving “Information Technology” on our society specifically in the dynamics of businesses nowadays? To respond with this, IT has affected many sectors or aspects especially auditing. Audit is an evaluation of a person, organization, system, process, enterprise, project or product to enable the auditor to express an opinion whether the financial statements are prepared, in all material respects, is in accordance with the applicable financial reporting framework. The use of computers in the process of auditing is what we called “Accounting Information System” which is wildly by the auditors today. In a business context, information technology (IT) is defined as "the study, design, development, application, implementation, support or management of computer-based information systems". The prompt growth in information technology (IT) competencies and the longing of businesses of all sizes to obtain competitive advantage have led to a dramatic increase in the use of IT systems to make, process, store and communicate information. Today, employees at all levels use IT systems in their daily activities. Electronic records have replaced traditional paper documents. In fact, there are few companies that don’t rely on IT to at least some extent to achieve their financial...

Words: 614 - Pages: 3

Free Essay

Core Concepts of Ais

...CORE CONCEPTS OF Accounting Information Systems Twelfth Edition Mark G. Simkin, Ph.D. Professor Department of Accounting and Information Systems University of Nevada Jacob M. Rose, Ph.D. Professor Department of Accounting and Finance University of New Hampshire Carolyn Strand Norman, Ph.D., CPA Professor Department of Accounting Virginia Commonwealth University JOHN WILEY & SONS, INC. VICE PRESIDENT & PUBLISHER SENIOR ACQUISITIONS EDITOR PROJECT EDITOR ASSOCIATE EDITOR SENIOR EDITORIAL ASSISTANT PRODUCTION MANAGER PRODUCTION EDITOR MARKETING MANAGER CREATIVE DIRECTOR SENIOR DESIGNER PRODUCTION MANAGEMENT SERVICES SENIOR ILLUSTRATION EDITOR PHOTO EDITOR MEDIA EDITOR COVER PHOTO George Hoffman Michael McDonald Brian Kamins Sarah Vernon Jacqueline Kepping Dorothy Sinclair Erin Bascom Karolina Zarychta Harry Nolan Wendy Lai Laserwords Maine Anna Melhorn Elle Wagner Greg Chaput Maciej Frolow/Brand X/Getty Images, Inc. This book was set in 10/12pt Garamond by Laserwords Private Limited, and printed and bound by RR Donnelley/Jefferson City. The cover was printed by RR Donnelley/Jefferson City. This book is printed on acid free paper. Founded in 1807, John Wiley & Sons, Inc. has been a valued source of knowledge and understanding for more than 200 years, helping people around the world meet their needs and fulfill their aspirations. Our company is built on a foundation of principles that include responsibility to the...

Words: 241803 - Pages: 968

Premium Essay

Test Bank

...Chapter 1—The Information System: An Accountant’s Perspective TRUE/FALSE 1. Information is a business resource. ANS: T 2. An information system is an example of a natural system. ANS: F 3. Transaction processing systems convert non-financial transactions into financial transactions. ANS: F 4. Information lacking reliability may still have value. ANS: F 5. A balance sheet prepared in conformity with GAAP is an example of discretionary reporting. ANS: F 6. The Management Reporting System provides the internal financial information needed to manage a business. ANS: T 7. Most of the inputs to the General Ledger System come from the Financial Reporting System. ANS: F 8. When preparing discretionary reports, organizations can choose what information to report and how to present it. ANS: T 9. Retrieval is the task of permanently removing obsolete or redundant records from the database. ANS: F 10. Systems development represents 80 to 90 percent of the total cost of a computer system. ANS: F 11. The database administrator is responsible for the security and integrity of the database. ANS: T 12. A backbone system is completely finished, tested, and ready for implementation. ANS: F 13. The internal auditor represents the interests of third-party outsiders. ANS: F 14. Information Technology (IT) audits can be performed by both internal and external auditors. ANS: T 15. The single largest...

Words: 3541 - Pages: 15

Free Essay

Sidfh

...allow for faster system connections, staying updated with the available upgrade for the information system, faster connections to enhance business transactions, such as ordering supplies. Also, I would recommend adding a Wi-Fi connector to the system to enable customers to use their iPhones, blackberries, or droids while in the club. A Wi-Fi connection would allow consumers to place an order, which would allow the servers to spend less time running back and forth from the same table. By enabling wireless ordering one person can run the system, like an expeditor, while the other servers are seeing to the speedy delivery of the items. This is not only a benefit for the consumer but also the employees. The return on the investment for this will be significant seeing how this will allow a rise in productivity and at the same time lower costs. . When staff is to be trained on the wireless ordering system, it should be conducted by a person who is experienced in the function of the system. Although, this will cause an expenditure for the trainer and the pay of the employees, it will be minimal compared to the profitability the system will provide. The training should be offered to the employees when the club is closed, such as during the day. The training should begin with an explanation of the system and then hands-on training to allow the employees to better understand how the system will work. Next, I would recommend installing a transaction processing system (TPS) and an online...

Words: 1275 - Pages: 6

Free Essay

Accounting Information System

...accountant is affected. Later in the chapter, we provide a roadmap showing you where each component is covered in this textbook. Before beginning, let us tell you two things. First, the study of AIS, is our broad view, while the accounting information system itself, is our narrow view of an AIS. Second, you shouldn’t assign any meaning to the placements of the elements in figure 1.1. The figure just tells you that there are ten elements. 1. Business Operations: An AIS operates in concert with business operations. Many AIS inputs are prepared by operating departments, the action or work centers of the organization; and many AIS outputs are used to manage these operations. Therefore, we must analyze and manage an AIS in light of the work being performed by the organization. For example, to advise his management and to prepare reports for management decision making, a management accountant must understand his organization’s business. In our scenarios, Jill had to understand corporate takeovers to prepare the relevant analysis. 2. Transaction Processing: An organization Processes Transactions, such as sales and purchase; these Transactions mirror and monitor and business operations. these Transactions have operational, management information system(MIS), and AIS aspects. To design and use the MIS and the AIS, an accountant must know what the Transactions are how they are processed, and how each transaction is recorded. For example, Jill used data collected for fixed asset transactions...

Words: 1475 - Pages: 6

Premium Essay

Ais Chap 1

...|Subject Name |FIN3024 Accounting Information Systems | |Topic |Introduction to Accounting Information Systems | |Week |1 | Chapter Overview This chapter explains some fundamentals of accounting information systems and the historical development of it until the need to have one become so essential to meet the competitive environment. In addition, it discusses the role of systems within the organizational setting as well as accountants’ roles in using, designing and auditing the accounting information systems. Learning Objectives ▪ Explain the historical development of corporate accounting information systems ▪ Explain the nature, context and purpose of corporate accounting information systems. ▪ Explain the business information support systems. ▪ Examine the role of accountants and information systems. Learning Outcomes: On successful completion of this topic students should be able to: Describe the major influences changing the nature and context of accounting information systems; Demonstrate an understanding of business information support systems. Illustrate an awareness of the role of accountants...

Words: 1541 - Pages: 7

Premium Essay

Lincoln Electroic

...The Management Information System (MIS) Management information system, or MIS, is a managerial decision-making tool. A company uses it in all of its business operations and processes. As the management is in complete know of everything transpiring in the company, it leverages on this advantageous position. Using it, a company is able to record and document all facts pertaining to its procedures and methodologies. The basic intent is to manage and control all of the company’s employees and material through MIS. Importance of Management Information System: Using an MIS, an organization is able to establish its hierarchical structure and work-flow charts. Every employee in the organization knows the employees he has authority over and to whom he is responsible for work. The work then progresses without glitches. The company’s operating and procedures are listed by an MIS. The preparation of audits also gets simplified. Benefits of Management Information System: There are numerous pluses in using an MIS. The organization records and tabulates all its key strategic functions. As and when deviations from the planned course happen, the organization is able to take corrective action at once. Communication channels are enforced. As the authority-responsibility diagrams are well established, the superiors delegate work to their subordinates and the subordinates turn to them for guidance and suggestions. The MIS mechanism enables the organization to weigh the pros and cons...

Words: 304 - Pages: 2

Premium Essay

Paper

...An accounting systemThe personnel, procedures, devices, and records used by an organization to develop accounting information and communicate that information to decision makers. consists of the personnel, procedures, technology, and records used by an organization (1) to develop accounting information and (2) to communicate this information to decision makers. The design and capabilities of these systems vary greatly from one organization to another. In small businesses, accounting systems may consist of little more than a cash register, a checkbook, and an annual trip to an income tax preparer. In large businesses, accounting systems include computers, highly trained personnel, and accounting reports that affect the daily operations of every department. But in every case, the basic purpose of the accounting system remains the same: to meet the organization’s needs for information as efficiently as possible. Many factors affect the structure of the accounting system within a particular organization. Among the most important are (1) the company’s needs for accounting information and (2) the resources available for operation of the system. Describing accounting as an information system focuses attention on the information accounting provides, the users of the information, and the support for financial decisions that is provided by the information. These relationships are depicted in Exhibit 1–2. While some of the terms may not be familiar to you at this early point in your...

Words: 1827 - Pages: 8

Premium Essay

Chapt.1

...Chapter 1 Accounting Information Systems and the Accountant Accounting Information System (AIS) * the study of the application of information technology to accounting systems * a collection of data and processing information that creates needed information for its user Data * raw facts about events that have little organization or meaning – for example, a set of eaw scores on a class examination Information * processed data that are useful and meaningful – for example, by sorting, manipulation, aggregating or classifying them Audit Trail * the path that data follow as they flow through an AIS Information Overload * the situation where too much information, and especially too much trivial information, can overwhelm its users, possibly causing relevant information to be lost or overlooked Enterprise Resource Planning (ERP) system * software that integrates information subsystem into one application. An example of such software product is SAP ERP, which combines accounting, manufacturing and human resource subsystems into an enterprise-wide information system Predictive Analytics * include a variety of methodologies that managers might use to analyze current and past data to help predict future events Knowledge Workers * workers who produce, analyze, manipulate and distribute information about the business activities E-business * conducting business over the internet or dedicated proprietary networks E-commerce * a subset of...

Words: 457 - Pages: 2

Premium Essay

Management Controls

...10000125779 Tummala, Amuktha Reddy ASSIGNMENT 1 Week 6 CMP 559 Information Assurance Instructor: DR. Naren Kodali VIRGINIA INTERNATIONAL UNIVERSITY Discuss the audit objectives and procedures used to test data management controls. IT Audit is the process of collecting and evaluating evidence to determine whether a computer System has been designed to maintain data integrity, safeguard assets, allows organizational goals. To be achieved effectively, and uses resources efficiently. Data integrity relates to the accuracy and completeness of information as well as to its validity in accordance with the norms. An effective information system leads the organization to achieve its objectives and an efficient information system uses minimum resources in achieving the required objectives. IT Auditor must know the characteristics of users of the information system and the decision making environment in the audit organisation while evaluating the effectiveness of any system. The potential for material systems error has thereby been greatly increased causing great costs to the organisation, e.g., the highly repetitive nature of many computer applications means that small errors may lead to large losses Controls in a computer information system reflect the policies, procedures, practices and organizational structures designed to provide reasonable assurance that objectives will be achieved. The controls in a computer system ensure effectiveness and efficiency of operations, reliability...

Words: 1027 - Pages: 5

Premium Essay

Rest

...AKUNTANSI(ACCOUNTING INFORMATION SYSTEM) ECAU607202 SEMESTERI 2015/2016 No. | Lecturers | | E-mail | | | | | | | | | | | | | | | | | Subject Code | ECAU607202 | Subject Title | Accounting Information System | Credit Value | 3 | Pre-requisite/Co-requisite/Exclusion | Introductory to Accounting 2Management Information System | Role and Purposes | This subject provides students with an understanding of various business cycle in a company, system documentation techniques to document those cycles, documents and information flow within each cycle and internal control required in each cycle. Students will be required to attend a computer laboratory class to learn system documentations techniques and basic database design. | Subject Learning Outcomes | Upon completion of the subject, student will be able to:Technical competence: in Governance, Risk Management and Internal Control a. Analyze the components of internal control related to financial reporting (T4) * Understand the accounting information system and its position in an organization’s information system * Understand various system documentation techniques * Apply system documentation techniques to describe an accounting information system in an organization * Differentiate the general audit and the IT audit * Understand internal control principles in an organization * Understand the business cycles in a company (in general) * Analyze an accounting information system in a company...

Words: 853 - Pages: 4

Premium Essay

Ism Case Analysis

...Information Systems for Management (1.5 credit) Dr. Preeti Khanna 1 Evaluation Criteria • • • • End Term Examination Quiz / Class Test Class Participation Group Activity : : : : 25 10 05 10 • Total : 50 2 Session 1: Learning Objectives • Explain how information management delivers value to an organization. • Demonstrate the relationship between data, information and knowledge. • Identify key management issues of information and the perspective of information System 3 Today’s business environment Changes & driven by 4 The Emerging Digital Economy • To get a market of 50 Million People Participating: • Radio took 38 years • TV took 13 years • Once it was open to the General Public, • The Internet made to the 50 million person audience mark in just 4 years!!! Source: http://www.ecommerce.gov/emerging.htm Why Now? • Globalisation: Connect – Customers, partners, suppliers – and competition • Transparency : Polices – Industry regulations, consumer pressure and competition driving openness • Service focus: Customer Value – Differentiation and shareholder value increasingly derived from service experience 6 Business Information Management (BIM) • The process of managing information as a strategic resource for improving organizational performance. • This process involves developing strategies and introducing systems and controls to improve information quality to deliver value. 7 Using Information to Support the Business ...

Words: 724 - Pages: 3

Premium Essay

System Planning

...REVIEW QUESTIONS –Chapter 1 1. An accounting information system is a collection of resources designed to provide data to a variety of decision makers according to their needs and entitlement. 2. The users of accounting information fall into two broad groups: external and internal. External users include stockholders, investors, creditors, government agencies, customers and vendors, competitors, labor unions, and the public at large. Internal users are the managers in an organization. 3. Electronic data processing (EDP) is the use of computer technology to perform an organization's transaction-oriented data processing. Management information systems (MIS) use computer technology to provide decision-oriented information to managers. In a decision support system (DSS), data are processed into a decision-making format for the end user. An expert system (ES) is a knowledgebased information system that uses its knowledge about a specific application area to act as an expert consultant to end users. 4. The four common operating cycles of business activity are the revenue cycle, expenditure cycle, production cycle, and finance cycle. 5. The term internal control suggests actions taken within an organization to regulate and direct the activities of the organization. 6. A controller is in charge of the accounting function. The treasurer is responsible for the finances of the business. 7. Internal audit is charged with monitoring and assessing compliance...

Words: 975 - Pages: 4

Premium Essay

Information System and Software Application

...Information Systems and Software Applications Business Information BIS/219 University of Phoenix Professor Holger Brink November 24, 2010 Information Systems and Software Application Introduction There are various types of information systems, such as: transaction processing systems, office systems, decision support systems, knowledge management systems, database management systems, and office information systems. Information systems are information technologies, which are typically designed to enable humans to perform tasks that the human brain is not well suited to process, such as: handling large amounts of information, performing complex calculations, and controlling many simultaneous processes. I currently use the following information systems at work: Human Resource Management System, Marketing Information System, and Accounting Information System. Human Resource Management System In my current position I am a Project Manager with the Marketing Department. My responsibilities consist of dealing with these systems daily. For example, I process payroll for my department using components of Human Resource Management System (HRMS). The process consists of gathering data on employee time and attendance, and calculating their hours prior to submitting them to the payroll department. Through using the HRSM system it allows me to analyze and screen job applicants, and assist with the hire of new employees. Marketing Information System I am responsible...

Words: 442 - Pages: 2

Premium Essay

Internal Control and Risk Evaluation

...Control and Risk Evaluation Lauren A Lewis Accounting Information Systems ACC/542 June 23,2014 Yasin Dadabhoy Internal Control and Risk Evaluation       Internal controls and risk assessments are an essential part for an organization to be successful. Management at Kudler Fine Foods has reviewed the flowcharts prepared and is requesting information on controls that will be required. Risks are the negative events that may occur causing a change in an organizations productivity. Internal controls are the policies and procedures put in place to reduce unexpected occurrences related with the risks. This brief will discuss the risks of Kudler Fine Food’s current Accounting Information System evaluated by Learning Team A. It will also identify all risk and control points by incorporating the controls and risk into the flowcharts. Team A will design internal controls to ease risks to the systems, and discuss other controls, outside the system, that Kudler Fine Foods may need When evaluating Kudlers accounting information systems and the integration of the automation we found that Kudlers focus should be on payroll, accounts payable, accounts receivable, and inventory processes. Theses processes have risk involved. This brief will focus on Kudlers internal and external controls, which include polices and procedures, HR compliance/code of conduct and computer information access. Kudler must maintain a policy and procedures system documenting in detail how each procedure should be...

Words: 828 - Pages: 4