Information System Auditing
Computer operations in information systems auditing
Typically, computer-based technology is one of the critical requirements for a proper information system auditing. Formally, system audits referred to (EDP) electronic data processing audits which later changed to information system auditing. Peltier outlines that “Computer operation in auditing entail carefully examining all the management controls within the system infrastructure to ensure that data integrity is maintained, various IT assets are safeguarded within the system and ensuring that the entire system functions efficiently to achieve the objectives of the organization” (Peltier, 2016). Consequently, the audit involves an analysis of the system’s internal control protocols, security measures, IT governance and the entire development process. Therefore, the critical role of a computer audit is to analyze the current system in place guarding a firm’s information, through an evaluation of its inputs, outputs, and the processing cycle.
Data Management Systems in Information System Auditing
Many organizations nowadays are competing and operating in an information age. It is therefore very imperative to ensure that an organization data becomes secure against unauthorized entry or interferences through Trojans and viruses. According to (Peppard & Ward, 2016) “the critical role of database management systems (DBMS) within information system auditing is to ensure that a specific database can manage a set of structured data, allowing real-time analysis of operations on data as requested by various users having access to the systems”. However, strict data policies should be implemented to mitigate risks to data security, for instance; hacking, eavesdropping, unauthorized entry and espionage. A good data management system should have a backup plan in case of any data loss or in cases of illegal entries the networks should have firewalls that prevent and detect any remote access to the systems.
System Development and Maintenance Activities in Information System Auditing
However, Siewiorek and Swartz outline that “Most organizations develop systems either to advance their technology, gain an upper competitive advantage or create a change in its business processes” (Siewiorek and Swartz, 2017). For a proper system development, there are fundamental stakeholders; management, end users, system analysts, programmers and accountants and auditors comprising of the system development life cycle (SDLC). Additionally, there are vital aspects of system development that should be followed to ensure the success of the entire process as seen in figure 2.
Networks, Internet and Commerce in Information System Auditing
Consequently, there are different types of networks; Local Area Network (LAN), wide area Network (WAN) and internet. Each machine gets a specific 32-bit integer code called an IP address and hostnames used for networking. According to Mendez et al, (2014) LAN protocols use Ethernet and a token ring while WAN uses TCP/IP which are four layer networks and OSI model while has seven layers. However, the systems need to be encrypted through plaintexts, algorithms, keys, and ciphertexts. Additionally, user authentication is also very crucial to determine the real identity of a user before getting full access to the system or network. However, secure servers over the internet like SSL (secure socket layer) can reduce chances of intrusion over WAN. However, different gadgets are used to connect different workplaces within a network as seen in the figure below. On the other hand, electronic commerce involves B2C, B2B and C2C marketing and transactions ensuring that electronic payment systems are essay writers active and marketing and advertising can be conducted online through different social sites and pages. Finally, each system should be safeguarded against unlawful entry because any slight breach into the system can amount to immense loses for an organization.
Mendez, D. J., Riggins, M. D., Wagle, P., Bui, H. Q., Ng, M., Quinlan, S. M., … & Bailes, R. S. (2014). U.S. Patent No. 8,812,702. Washington, DC: U.S. Patent and Trademark Office.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press.
Peppard, J., & Ward, J. (2016). The strategic management of information systems: Building a digital strategy. John Wiley & Sons.
Siewiorek, D., & Swarz, R. (2017). Reliable Computer Systems: Design and Evaluatuion. Digital Press.