Global ETD Search

21	Computer audit concerns in the client-server environment Streicher, Rika 13 February 2014 (has links) M. Com. (Computer Auditing) / and peer-to-peer have taken the world by storm. Dramatic changes have taken place in the information technology of organisations that have opted to follow this trend in the quest for greater flexibility and access to all those connected. Though technology has already had far-reaching effects on business, many changes are yet to be seen. The threats associated with the continuing developments in computer technology have resulted in many traditional internal control processes changing forever. Although, according to the above, it is fairly common that the client-server technology brings with it new threats and risks with internal control processes having to change to address these threats and risks, not all areas have been addressed yet. It is therefore clear that computer audit has a role to play. The main objective of this short dissertation is to shed some light on the problem described above: How will the changes wrought by the client-server technology affect the traditional audit approach? In other words, how will the computer auditor narrow the gap that has originated between traditional established audit procedures and an audit approach that meets the new challenges of the client-server environment? This will be achieved by pinpointing the audit concerns that arise due to the fundamental differences between the traditional systems environment and the new client-server environment... Client/server computing Electronic data processing Auditing - Data processing
22	The audit implications of object-oriented programming Murphy, Ninette 18 February 2014 (has links) M.Com. (Computer Auditing) / During the last few decades the hardware of a computer system has undergone repeated revolutions. On the other hand the software development process has remained largely unchanged. The advent of the Information Age has, however, necessitated major improvements in the software development process. Object-Orientated Programming is seen as the vehicle by which this can be achieved. The use of object-orientation involves the auditor in two major areas. Firstly, the auditor may be involved in advising as to which systems engineering process to use and secondly, to assess the influence of the systems engineering process on the control environment of the client's computer system. In this dissertation, both the use of object orientation as a systems engineering methodology and the implications of this methodology on the control environment are discussed. Object-Orientated Programming can be broken down into the three main features, encapsulation, inheritance and interfaces. Encapsulation implies that both the data and processes that are permissible on that data, should be encapsulated as a single entity, known as an object. Inheritance on the other hand can be thought of as a specialisation of objects, to form a hierarchy of objects. Inheritance is, therefore, a way of sharing information between objects but with additional features to change or add certain attributes or methods of other objects. The external powers of an object are completely circumscribed by message passing. The only way in which an object can be addressed is to send a message to the object. This is done by the specific interfaces between the objects. Auditing - Data processing
23	A control model for the evaluation and analysis of control facilities in a simple path context model in a MVS/XA environment Damianides, Marios 28 July 2014 (has links) M.Com. (Computer Auditing) / The need to evaluate today's complex computer environments from an audit perspective has increased, particularly in viewof the disappearance of a paper audit trail and the inefficiencies of auditing "around" the computer in these environments. By making use of the Access Path and the Path Context Models, it was possible to carry out an evaluation of the MVS/XA environment. This evaluation was carried out using the methodology developed in this research essay. This methodology may have universal applicability in the evaluation of computer security. The concept of each layer in the access path being a "net", which only allows authorised users to drop to the next layer, was applied. It was found that each systems software component had sufficient facilities to meet the control objectives. The operating system itself, however, was found to present the installation with more risk factors than controls. It was therefore concluded that an external access control software package needs to be implemented to supplement the controls in this environment, if the control objectives are to be met. It was also concluded that the implementation of this package would not, in itself, solve all the security issues, and that the matrices developed should be used in the implementation of this package. This is a further indication of the usefulness of the model and the methodology. The applicability of the Access Path and the Path Context Models in the evaluation of the predefined environment has therefore been established. Computer security Computers - Access control Auditing - Data processing
24	Diensleweringsverbetering van 'n interne ouditdepartement deur 'n kliëntebehoeftebepaling Van Biljon., D.P. 26 May 2014 (has links) M.Com. (Business Management) / The sector of the economy in which service providers compete, has undergone much change during tho last two decades. Successful service providers followed specific tactics to ensure that the needs of clients were satisfied. Customer satisfaction became more important as competition increased. Although the internal audit department of ABSA has never had to face competition, this situation is rapidly changing. External audit firms are attempting to expand their businesses by providing the internal and the external audit functions to a company. ABSA's internal audit department is not only faced with the increase in competition but is also under pressure to improve its level of service to clients who no longer receive its service free of charge. Auditing - Data processing Marketing - Management Case studies Auditing, Internal
25	Preliminary control risk assessments by computer audit specialists and non-specialists Narasimhan, Ramesh January 1987 (has links) Auditors are encountering more and more computerized accounting applications as the pervasiveness of computing technology increases in business. Auditors, therefore, need to adapt their audit approaches in the face of the changes caused by the new technology. The AICPA has addressed the issue by requiring auditors to consider the nature of the data processing system ln their client environments when planning the audits. Specialists, if necessary, are recommended to be brought in as part of the audit team in audits involving computerized accounting applications. The implicit assumption behind this is that the specialists would make “better” judgments in auditing computerized systems than non-specialists. A need was seen to compare the judgments of specialists and non-specialists in evaluating controls in a simple computerized environment. The results indicate that while both specialists and non-specialists have a high degree of consensus, a significant difference existed between the two groups of auditors. Both groups of auditors exhibited high reliability and self-insights. Experienced non-specialists had lower consensus than specialists while inexperienced non-specialists had lower reliability than specialists. Firm affiliation effects were noted for the non-specialists in their consensus scores. Unlike previous studies, segregation of duties cue did not account for a majority of the variance In judgments. This cue was considered important only by the experienced non-specialists. A need was seen for further research into how the difference ln consensus affects subsequent audit program planning. / Ph. D. / incomplete_metadata LD5655.V856 1987.N375 Computers -- Accounting Auditing -- Data processing
26	Task Domain Knowledge as a Moderator of Information System Usage Marshall, Thomas E. (Thomas Edward), 1954- 05 1900 (has links) Information system (IS) support of human problem solving during the complex task of auditing within a computer environment was investigated. 74 computer audit specialist professionals from nine firms participated in the field experiment. Task accomplishment behavior was recorded via a computerized activity-logging technique. Theoretical constructs of interest included: 1) IS problem-solving support, 2) task domain knowledge, and 3) decision-making behavior. It was theorized that task domain knowledge influences the type of IS most functionally appropriate for usage by that individual. IS task presentation served as the treatment variable. Task domain knowledge was investigated as a moderating factor of task accomplishment Task accomplishment, the dependent variable, was defined as search control strategy and quality of task performance. A subject's task domain knowledge was assessed over seven theoretical domains. Subjects were assigned to higher or lower task domain knowledge groups based on performance on professional competency examination questions. Research hypothesis one investigated the effects of task domain knowledge on task accomplishment behavior. Several task domain knowledge bases were found to influence both search control strategy and task performance. Task presentation ordering effects, hypothesis two, were not found to significantly influence search control strategy or task performance. The third hypothesis investigated interaction effects of a subject's task domain knowledge and task presentation ordering treatments on task accomplishment behavior. An interaction effect was found to influence the subject's search control strategy. The computer-specific knowledge base and task presentation ordering treatments were found to interact as joint moderators of search control strategy. Task performance was not found to be significantly influenced by interaction effects. Users' task accomplishment was modeled based upon problem-solving behavior. A subject's level of task domain knowledge was found to serve as a moderating factor of IS usage. Human information-processing strategies, IS usage, and task domain knowledge were integrated into a comprehensive IS user task model. This integrated model provides a robust characterization scheme for IS problem-solving support in a complex task environment. auditing problem solving Auditing -- Data processing. Problem solving -- Data processing. Management information systems.
27	The relationship between entity related corporate governance factors and the establishment of separate risk management committee in South Africa Sekome, Nkoko Blessy 10 June 2014 (has links) M.Com. (Computer Auditing) / This dissertation aims to explore the entity characteristics associated with the implementation of the board-level stand-alone risk management committee (RMC) in South Africa. We developed a battery of econometric models based on triangulation of corporate governance theories which linked an entity’s decision to set up a separate risk management committee (RMC) in its board structures as a dependent variable and a host of entity-specific factors as independent variables. Data collected from audited annual reports of 181 JSE-listed non-financial entities was analysed using logistics regression estimation procedures. Our results show a strong positive relationship between the likelihood that an entity would establish a separate RMC, on the one hand, and board independence, board size, entity size, and industry type, on the other. Our study fails to find support for the hypothesis that an entity’s characteristics – such as the independence of the board chairman, the use of Big Four audit firms, financial reporting risks, and levels of financial leverage – do influence an entity’s decision to form a separate RMC. Our findings emphasize the role that information asymmetry between executive and non-executive directors, agency cost and potential damage to reputation capital of directors; diversity in background, expertise, and skills of directors; economies of scale in absorbing RMC costs; and industry-specific institutions and norms play in an entity’s decision to form a separate RMC. The implication of our findings is that policy-makers should consider the size and composition of boards and also take cognizance of entity size and industry-specific idiosyncrasies in setting recommended corporate governance practices. Auditing - Data processing Financial risk management - South Africa Information technology - Risk assessment Corporate governance - South Africa
28	Audit risks in a database environment with specific reference to Oracle7 Wiid, Liné Cornette 13 February 2014 (has links) M.Com. (Computer Auditing) / The objective of an independent audit of financial statements is to express an opinion on the fair presentation of the financial statements. The auditor should obtain sufficient audit evidence to enable him to draw conclusions to support the content of his report. The auditor should obtain an understanding of the entity's accounting system and related internal controls to assess their adequacy as a basis for the preparation of financial information and to assist in the designing of his audit procedures. If the auditor intends to rely on any internal controls, he should study and evaluate those controls. If a database system is used, it is logical that all the financial data reside in the database. In order for an auditor to express an opinion on the financial statements, he has to determine to what extent he can rely on the integrity of the financial data that resides in the database. The objective of this research was to identify the risks and controls present in a general database environment as well as those present in the Oracle? database management system environment, to develop a comparison table between these environments and to develop an Oracle? internal control questionnaire. Auditing - Data processing Financial statements - South Africa Risk management - Data processing ORACLE 7 (Computer system)
29	The impact of expert systems on auditing firms: an investigation using the Delphi technique and a case study approach Baldwin-Morgan, Amelia Annette 06 August 2007 (has links) The increasing effort to develop auditing expert systems raises many questions about their impact on public accounting firms. This research examines the status of expert systems in auditing and investigates the possible future impacts of expert systems on auditing firms. The research involved two separate studies. First, a Delphi study involving auditing and expert-systems experts investigated the likelihood of the proposed future impacts of expert systems on auditing firms. The purpose of the Delphi study was not only to identify the most and least likely impacts, but also to explore the reasons why respondents felt they were the most or least likely. The Delphi panel suggests that expert systems will very likely have an impact on auditing firms in the next decade. The most likely impact identified was that use of an expert system for an audit task provides documentation references for audit judgements and reasoning. other specific impacts that were identified as very likely include distribution of expertise, increased ability to handle complex analyses, and improved decision consistency and quality. The panel also indicated that use of expert systems in auditing is very likely to impact the education of auditors. Second, a case study of an auditing firm using an audit planning expert system provided evidence concerning the impact of an expert system in use. The case study confirmed that, even today, expert systems may be used to provide documentation references and enhance decision consistency and quality. In the situation studied, the impacts were most evident for the less experienced users. The primary contribution of the research is to address questions and concerns about the impact of expert systems on the aUditing profession. The pool of potential impacts of expert systems that has been discussed in the literature can now be narrowed to focus on the most likely impacts. This research is the first step in developing a theory of expert systems impacts. It provides (1) the impetus for further research addressing more specific areas of potential expert systems impact and (2) case study evidence about expert systems impacts that are occurring today. Reasons for the most probable impacts of expert systems on auditing in the future are identified. / Ph. D. LD5655.V856 1991.B359 Accounting -- Automation Auditing -- Data processing Expert systems (Computer science)
30	An information systems auditor's profile Carroll, Mariana 30 November 2006 (has links) The increasing dependence upon Information Systems (IS) in the last few decades by businesses has resulted in many concerns regarding auditing. Traditional IS auditing has changed from auditing "around the computer" to a hands-on approach (auditing through and with the computer). Technology is changing rapidly and so is the profession of IS auditing. As IS auditing is dependent on Infonnation Technology (IT), it is essential that an IS auditor possesses IT and auditing knowledge to bridge the gap between the IT and auditing professions. The aim of the study is to: 1) define the roles and responsibilities expected from IS auditors, based on the different types of audit assignments and the steps involved in perfonning an IS audit assignment; 2) describe the basic IT and audit knowledge required from IS auditors based on the roles and responsibilities identified; 3) describe the soft skills required from IS auditors to successfully perfonn an IS audit assignment; 4) define the main types of IS audit tools and techniques used most often to assist IS auditors in executing IS audit roles and responsibilities; and 5) establish an IS auditor's profile based on the 4 characteristics defined above / Computing / M.Sc. lnformation Systems Infonnation Technology Auditing Information Systems Auditing Knowledge Skills Roles and responsibilities CAATs 657.450285 Auditors Auditing -- Data processing Electronic data processing -- Auditing

Search results