The computer auditor's involvement in IT strategic planning

M.Com. (Computer auditing) / 1. Overview of Topic This dissertation deals with the question of the computer auditor's involvement in IT (Information Technology) strategic planning. Increasingly, organizations have come to value IT for the competitive or strategic advantage that it can provide in the modern marketplace. IT has thus moved from being an administrative function to being of strategic importance to an organization. The IT strategic plan expresses an organization's beliefs and goals relating to the use of information technology and the use of IT for strategic purposes. The IT strategic plan should ideally support the organizational goals and the principles identified in the organizational strategic plan. 2. Research Problem and Methodology The purpose of this research project is to identify whether a computer auditor should be involved in IT strategy planning. It is contended that the involvement would normally be that of auditing an IT strategy, but could also extend to providing input into the development of such a strategy. This dissertation suggests that the IT strategy is a risk area in the organization and as such should be examined by the computer auditor. In addition, the concept of IT strategy being a key control system within the organization is introduced. A survey of literature is used to justify the above. Based on points gleaned from the literature survey, a suggested guideline for auditing an IT strategy is proposed. 3. Results of the Research Although a comprehensive survey of literature was performed. no indication was found that this topic had been dealt with in the past. The literature survey. however, proved to be of value in defining IT strategy and identifying it's risk areas. In addition, some of the literature did imply that there was scope for the involvement of the computer auditor in IT strategy planning. The literature survey also indicated that the topic of IT strategy was of importance to South African companies. Based on the literature survey it was concluded that, because IT strategy represented a risk area to the organization, the computer auditor should be involved in the audit thereof. The following guidelines were drawn up: one to assist in identifying when an IT strategy should be audited, one to identify control objectives relating to IT strategy and a corresponding audit guideline for each control objective. 4. Conclusion The literature surveyed indicated that there was a definite need for the computer auditor to become involved in the audit of IT strategy. The guideline presented for the audit of an IT strategy should prove to be useful to the computer auditor in identifying when and how an IT strategy should be audited. Investigating the actual involvement of the computer auditor in IT strategic planning was identified as an area for possible future research.

Identiferoai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:uj/uj:12097
Date19 August 2014
CreatorsBrown, Ronald Arden
Source SetsSouth African National ETD Portal
Detected LanguageEnglish
TypeThesis
RightsUniversity of Johannesburg

Page generated in 0.0019 seconds