Increasing IT audit efficiency by using a new audit methodology

Authors:
Traian Surcel;Cristian Amancei;Ana-Ramona Bologa;Alexandra Florea;Razvan Bologa
Affiliations:
Computer Science Department, Academy of Economic Studies from Bucharest, Bucharest, Romania;Computer Science Department, Academy of Economic Studies from Bucharest, Bucharest, Romania;Computer Science Department, Academy of Economic Studies from Bucharest, Bucharest, Romania;Computer Science Department, Academy of Economic Studies from Bucharest, Bucharest, Romania;Computer Science Department, Academy of Economic Studies from Bucharest, Bucharest, Romania
Venue:
ACC'10 Proceedings of the 2010 international conference on Applied computing conference
Year:
2010

Citing 1
Cited 0

A framework for developing measurement systems and its industrial evaluation

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper proposes an audit methodology which aims to identify key risks that arise during the IT audit within an organization and presents the impact of identified risks. This involves evaluating the organization's tolerance to IT systems unavailability, identifying auditable activities and subtasks, identifying key risk factors and the association of weights, evaluating and classifying significant risks identified, conducting audit procedures based on questionnaires and tests and assessing the remaining aggregate risk that was not reduced by effective controls. Verifying the existence of compensating controls and the possibility of their implementation in an iterative manner, followed by a reassessment of covered risks, after each iteration, eventually provides an insignificant remaining aggregate risk.