Applying COBIT in an ERP environment, with specific reference to Qmuzik

Kieviet, Freda

12 1900

Thesis (MAcc (Accountancy ))--University of Stellenbosch, 2006. / ERP applications have evolved into enterprise-wide applications, which are generally acknowledged today as a critical component in an organisation’s information strategy. When implementing an ERP application, the control and governance of all IT processes are critical to ensure that value is delivered, risks are managed and that the investment in IT (ERP) delivers a reasonable return. It should, therefore, be important to focus on mitigating IT process risks that have an impact on the ERP environment, so that the level of residual risk is acceptable and aligned with the business objectives. This assignment focuses on using the generally accepted IT framework, COBIT (Control Objectives for Information and related Technology), as governance and control model. The criticality of each COBIT control objective (IT process) is evaluated by applying the COBIT control objectives in an ERP environment. Specific reference is also made to Qmuzik as an ERP application. By applying COBIT in an ERP environment, the most critical IT processes applicable to ERP are identified, in order to ensure that the minimum process controls for these IT processes are designed and implemented.

Information technology -- Management

Information technology -- Auditing

Dissertations -- Accountancy

Theses -- Accountancy

Technology auditing as a means of ensuring business continuity in a manufacturing organisation

Vlok, Nico

January 2003

Successful organisations have a well-defined mission and a strategy for accomplishing that mission. The organisation strategy involves the building of a competitive advantage in a defined market. Activities are oriented around this business strategy. When utilised effectively, technology is a powerful instrument for enhancing the organisation’s competitiveness. Technology management is the application of managerial techniques most suitable for ensuring that the technological factor is exploited for achievement of an organisation's goals. It is critical to correctly implement appropriate practices related to technology and innovation management at organisational level. Most organisations are technology intensive and deliver products or services. The research investigates, through the use of technology auditing, the present and future technology needs of the organisation. It also tried to establish the impact of technology auditing on the competitive advantage of the organisation. The research attempts to set a strategic context for the array of tools, technologies and standards emerging to support the organisation. The research analysed the potential of technology auditing to facilitate a dynamic scale of economy where the organisations take on the tasks of managing its technology. Basic theoretical principles of a technological audit were applied when the researcher conducted the technology audit. Because there is no organisation that is an exact replica of another, a technology audit must be custom made for the specific organisation where it is conducted. A micro business, MP Engineering, in the Port Elizabeth Metropole was chosen to conduct the technology audit at for the purpose of this research project. The research results confirmed the literature currently available.

Technology -- Management

Technology -- Auditing

Professional skills and knowledge requirements of an information systems auditor

28 September 2015

M.Com. (Computer Auditing) / Competence in information technology (IT) is crucial for the professional accountants and most importantly, for information systems (IS) auditors currently practising in the execution of IS audits. The increasing dependence of businesses on computerised information systems gives rise to the need for auditors who possess IT knowledge and skills. This study reports the results of a study that investigates the level of IT knowledge and skills required for an IS auditor in the specific context of audit work in South Africa. Results of this study are based on a literature analysis and on data collected from different IS auditor practitioners. The aim of this study is to: (i) examine the IT knowledge and key areas of expertise required from an IS auditor; (ii) determine the educational qualifications required of an IS auditor; and (iii) evaluate the soft skills required from an IS auditor. This research involves a two-stage empirical study. Firstly, the study carried out a literature survey of IT knowledge and skills. Secondly, structured interviews were conducted with a sample of IS audit practitioners. The findings from this study make three main contributions to the field of IS auditing practice and auditing education. Firstly, the study will help in contributing to a theoretical enhancement of the current level of knowledge in the limited existing literature on IS auditors and the type of knowledge and skills that is required from the professionals to perform their duties effectively and add value to the organisation. Secondly, findings from this study are significant to the standards setters regulating the audit profession, academia designing university courses, and audit practitioners evaluating their own IT knowledge. An important contribution of this study is that the findings would initiate discussion, debate and action that would lead to positive changes in the South African IS auditing profession to ensure that IS auditors are on par with the latest technologies around the world.

Information resources management

Information services industry

Information technology - Auditing