Scribd Logo
Upload

Welcome to Scribd!

  • TM Lecture 2

    Uploaded by

    kamran
    7 views26 pages

    Original Title

    TM lecture 2.pptx

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views26 pages

    TM Lecture 2

    Uploaded by

    kamran

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 26

    TECHNOLOGY MANAGEMENT

    INFORMATION SYSTEM AUDITING


    ISA

    Information system auditing is the process of collection and evaluating evidence


    to determine weather a computer system safeguards assets, maintain data integrity,
    allows organizational goals to be achieved effectively and uses resources
    efficiently.
    IMPACT OF ISA FUNCTION ON
    ORGANIZATION

    • Assets safeguarding objectives


    • Data integrity objectives
    • System effectiveness objectives
    • System efficiency objectives
    IMPACT OF ISA ON ORGANIZATION

     Assets safeguarding objectives


    Assets of an organization include hardware, software people etc must be protected
    by a system. By ISA this one becomes important objective for many organization to
    achieve.
    IMPACT OF ISA ON ORGANIZATION

     Data integrity objectives


    Data integrity is a fundamental concept of ISA.it is state implying data has certain
    attributes like completeness, purity, accuracy etc.if data integrity is not maintained
    properly it could suffer.
    IMPACT OF ISA ON ORGANIZATION

     System effectiveness objectives


    To evaluate weather a system reports information in a way that facilitate decision
    making by its users, so auditors must know the characteristics of users and the
    decision making environment.
    IMPACT OF ISA ON ORGANIZATION

     System efficiency objectives


    An efficient system uses minimum resources to achieve its required objectives.

    Difficult to achieve
    EFFECTS OF COMPUTER ON INTERNAL
    CONTROL

    Goal of assets safeguarding, data integrity


    system effectiveness and efficiency if an
    organization sets up a system internal
    controls.
    SEPARATION OF DUTIES

    In manual system separate person is responsible for each of the task that will
    assign by the management.
    But in some situation computer system didn’t perform because it considered as
    inefficient.
    DELEGATION OF AUTHORITY AND
    RESPONSIBILITY

    A clear line of authority and responsibility is an essential control in both manual


    and computerized system.in computer it will be unambiguous because most
    resources are shared among multiple users.
    COMPETENT AND TRUST WORTHY
    PERSONNEL

    This one is also difficult task in manual system because sometimes the
    organization have been forced to compromise In their choice of staff but in case of
    computer
    Risk is reduce not finished.
    SYSTEM OF AUTHORIZATION

    Management have two types of authorization to execute transactions.


     General authorization
     Specific authorization
    SYSTEM OF AUTHORIZATION CONT..

    • In manual system auditors evaluate the adequacy of procedures for


    authorization by examine the work of employees or environment.
    • But in the computer authorization procedures are often embedded within a
    computer program.
    ADEQUATE DOCUMENTS AND RECORDS

    • In a manual system adequate documents and records are needed to provide an


    audit trail activities within the system.
    • But in computerized system it might not be used to support the recording of
    such transactions.
    PHYSICAL CONTROL OVER ASSETS
    AND RECORD

    Physical control over assets and record both are critical in manual and automatic.
    Difficult to maintain.
    ADEQUATE MANAGEMENT SUPERVISION

    In manual system supervision of employees activities is relatively straightforward


    because they are in same physical location, but in computer system activities are
    less visible.
    INDEPENDENT CHECKS ON PERFORMANCE

    In manual system independents checks are carried out because employees makes
    mistakes, but in case of computer it will a little value.
    CONDUCTING AN INFORMATION SYSTEM
    AUDIT
    NATURE OF CONTROLS

     Control
    A control is a system that prevents, detects or correct unlawful events.
    KEY ASPECTS OF CONTROL

    Control is a system
    Interrelated components that function together
    to achieve some specific goal.
    KEY ASPECTS OF CONTROL CONT..

     Focus of control on unlawful events.


    An unlawful events can arise if unauthorized ,inaccurate ,incomplete, ineffective
    or inefficient input enters the system .
    KEY ASPECTS OF CONTROL CONT..

     Controls are used to prevent , detect or correct


    Prevention control
    Detective control
    Corrective control
    PURPOSE:

    • Overall purpose of control is to reduce


    expected losses from unlawful events that
    can occur in a system.
    DEALING WITH COMPLEXITY

    • Conducting an information system audit is an exercise in dealing with


    complexity.
    • Given the purpose of information system audit and divide the system into
    subsystems.
    • Determine the reliability of each sub system then overall level of reliability of
    system.
    YOUR TASK

    Management subsystem
    ?

    You might also like