Home
Premium
NEW

Topic Role of auditors in financial information systems auditing

W
Shared by: abstraks
Categories
Tags
-
Stats
views:
130
posted:
4/13/2010
language:
English
pages:
5
Document Sample
scope of work template 
							                                                                                         Enci Ye
                                                                                    Sari Merinen

Case 1
Topic: Role of auditors in financial information systems auditing
Introduction
IT becomes an integral part of most businesses. And with a rapid escalation of technology
and the use of computers in business, the conventional internal control of companies
extends their controlling scope, not only from financial point of view but also from the
information system control view. Some companies have gradually realized that it is not
enough to hire a financial auditor specialist for auditing, but also an execution of an IT
internal control is needed. The effectiveness of an information system's controls is
evaluated through an information systems audit. It is a part of a more general financial
auditing. Information systems are designed so that every financial transaction can be traced
and that way the auditing should also be possible.

Why did we select this topic?

Two directions of researches rise when looking for articles about IT auditing or financial
information auditing; using modern technology to support auditing and auditing the
information systems (e.g the technology). Examples of using modern technology to support
auditing are on line auditing, continuous auditing, auditing supported by certain software
and so on. When it comes to auditing information systems, varying issues come out. The
state of art researches in financial information system auditing topics includes:

      what kinds of problems they meet when conducting FIS auditing,

      what kinds of existing guidelines they can follow and improve,

      How IT control can be conducted to comply with regulations (e.g SOX).

Financial auditors face challenges with their knowledge of auditing financial information
systems. They will need more training about auditing IT. A topic about role of auditors in
financial information auditing came to our mind. We chose this topic because of our
particular interest in financial information system auditing and its promising future.

What papers and studies there are about the topic? How did we make the
selection?
Most of the research papers are researches about the topic mentioned before. In order to
find relevant articles about our topic, we searched databases through Nelli portal. The main
databases we used were Proquest and Emerald. These databases seemed to have the most
relevant researches about our topic. We used key words such as “information system
auditing”, “IS auditing and auditors”. We found a few quite good articles in Information
Systems Control journal, but unfortunately full text is not available for us on line, even in
Hanken library. Finally, we chose three articles which contain full text online:

      “Are Financial Auditors Overconfident in Their Ability to Assess Risks Associated
       with Enterprise Resource Planning Systems?”

      “New Survey Reveals Strengths and Weaknesses in Information Security”

      “The Role of Internal Auditors in the Prevention and Detection of Computer Fraud”.

They are all mainly about the need of auditors for FIS and what challenges they meet and
problems they face.

Introduction to articles
Are Financial Auditors Overconfident in Their Ability to Assess Risks Associated with
Enterprise Resource Planning Systems?

This paper is to find out which risks the financial auditors recognize in an ERPS compared
with other system. 165 auditors, both audit specialists and financial auditors, participated in
the risk assessment for this research. The results were tested with manipulation check,
response measures, preliminary testing, risk recognition, consultation, confidence and
supplemental survey. Both auditor types indicate significantly higher risks with the ERP
compared to non-ERP systems. Although the IT audit specialists found more risks with
ERP than the financial specialists. The financial auditors do not indicate a need to consult
with IT audit specialists when auditing with ERP. Auditing firms face the challenge of how
to evaluate ERP risks in an effective and efficient manner. The findings of this research
suggest, that the financial auditors may need more training in the IT related risks and
maybe the IT audit specialists would become a permanent part of the audit team

The Role of Internal Auditors in the Prevention and Detection of Computer Fraud

This article presents a survey which was carried out to discover how organizations assign
responsibility for the prevention and detection of computer fraud and to investigate the role
of their internal audit department in this area. Besides, it also provides internal auditors’
opinions about the threats of computer fraud and investigates the demand of trained
compute audit staff.

Case study is the one main methodology. Two main results presented in this research were:

      The information services department is the most likely holder for responsibility for
       detection and prevention.

      Internal audit is the second most likely department to bear responsibility.

Most internal audit departments had considered computer fraud at the installation stage of
the system but not at later stages. Without close scrutiny from the audit department or
adequate development/maintenance controls at later stage, there may be an opportunity to
insert a fraudulent routine.

There were no clear or specific guidelines for action when a computer fraud was detected.
In those organizations where there are guidelines to follow, the most common action is
prosecution and dismissal.

The Auditor's Role in IT Governance

This article mainly presents the effects of technology on auditors and challenges auditors
face in this new IT environment. Four main IT governance activities that auditors involved
are planning and organization, acquisition and implementation, delivery and support,
monitoring. All of four main IT governance activities are explained in this article. Despite
new challenges that have arisen as a result of the technology boom, auditors have benefited
from innovation within their own industry. Finally, the article drew conclusion that the
auditor's role is key in building a mature IT governance environment aligned with the
business objectives and supporting the stakeholders' needs.

What did we learn from these articles? What might be viable ideas for
new research projects?
By examining the three articles we learned that financial auditors are facing great challenge
in new technology environment. However, not much attention was drawn by them. The
urgent demand for new information systems auditing forces them to realize the
development in the information system world. IT auditors become more popular in business
society but lack of business process knowledge. They are also facing many problems when
they do audit in business environment.

Based on our brief investigation in financial information systems auditing topic, we suggest
that new research projects relevant to auditors in financial information systems can be done.
The research would be concrete challenges auditors meet and provide a model to solve
them and to make sure that IT auditors would not be too concentrated only on IT and
financial auditors would not be too concentrated only on finance.

References
The Role of Internal Auditors in the Prevention and Detection of Computer Fraud

Collier, Paul, Dixon, Rob, Marston, Claire. Public Money & Management. Oxford: Winter
1991. Vol. 11, Iss. 4; p. 53

Are Financial Auditors Overconfident in Their Ability to Assess Risks Associated with
Enterprise Resource Planning Systems?

Hunton, James E. Wright, Arnold M. Wright, Sally. Journal of Information Systems. Fall
2004,Vol.18 Issue 2, P7

The Auditor's Role in IT Governance
Daniel Ramos, Information Systems Control Journal, Volume 5, 2001
Links to article sources:
http://proquest.umi.com.proxy.shh.fi/pqdweb?index=1&did=7674290&SrchMode=1&sid=
2&Fmt=2&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=1170014238&cl
ientId=15386


http://www.isaca.org/Content/ContentGroups/Journal1/20012/The_Auditors_Role_in_IT_
Governance.htm


http://proquest.umi.com.proxy.shh.fi/pqdweb?RQT=305&querySyntax=PQ&searchInterfac
e=1&moreOptState=CLOSED&TS=1170013731&h_pubtitle=&h_pmid=&clientId=15386
&JSEnabled=1&SQ=are+financial+auditors+overconfident+in+their+ability+to+assess+ris
ks&DBId=-
1&date=ALL&onDate=&beforeDate=&afterDate=&fromDate=&toDate=&pubtitle=&auth
or=&FT=0&AT=any&revType=review&revPos=all&STYPE=all&sortby=REVERSE_CH
RON&searchButtonImage.x=21&searchButtonImage.y=7
Related docs
AUDITORS MARKET CONCENTRATION AND THEIR ROLE FINANCIAL
Views: 3  |  Downloads: 0
Topic No
Views: 6  |  Downloads: 0
Role of Auditors in Regulation of NBFCs
Views: 4  |  Downloads: 0
STATUTORY AUDITORS REPORT ON THE FINANCIAL
Views: 3  |  Downloads: 0
Auditors Reports
Views: 5  |  Downloads: 0
Types of Auditors
Views: 15  |  Downloads: 0
A STUDY PAPER ON THE TOPIC ADEQUACY OF FINANCIAL
Views: 1  |  Downloads: 0
THE ROLE OF FINANCIAL JOURNALISTS IN CORPORATE
Views: 3  |  Downloads: 0
ANTI-MONEY LAUNDERING FOR INTERNAL AUDITORS
Views: 14  |  Downloads: 0
annex board auditors
Views: 0  |  Downloads: 0
Other docs by abstraks
CHIP and HIPAA CHIP Trifold English 3-1-2009
Views: 2  |  Downloads: 0
Soil Management
Views: 6  |  Downloads: 0
Provision of Financial Audit Services to the Auditor-General
Views: 1  |  Downloads: 0
Fall 01 Mailing List _MS Excel file_ - IEEE Entity Web Hosting - Home
Views: 39  |  Downloads: 0
Audit Requirements_revised 9302_
Views: 1  |  Downloads: 0
Leonard Warren Papers
Views: 45  |  Downloads: 0
Strategies for Spelling Strategies
Views: 38  |  Downloads: 1
Sally Strongheart is a resident of Pawtucket_ Rhode Island_ who
Views: 5  |  Downloads: 0
Introduction to BHS Ireland Adult Summer Camps 2009
Views: 57  |  Downloads: 0
fff guidelinespmd - PDF
Views: 7  |  Downloads: 0