U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Process of Audit and Control: A Comparison of Manual and Electronic Information Systems

NCJ Number
206588
Journal
Policing: An International Journal of Police Strategies & Management Volume: 27 Issue: 2 Dated: 2004 Pages: 183-205
Author(s)
Caroline Allinson
Date Published
2004
Length
23 pages
Annotation
This study compared previous manual and current electronic processes for collecting, controlling the processing of, and auditing information by the Queensland Police Service (Australia).
Abstract
In this study, "control" is defined as "the policies, practices, and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected." "Audit" refers to the means by which implemented processes of control are effectively assessed and evaluated. Manual information management by the Queensland Police Service was examined for the period 1940-1980. The manual management procedures were compared with the current electronic information systems introduced to policing in the decades of the 1980's and 1990's. The study found that although electronic systems produce faster communications, with centrally controlled and updated information readily available for use by large numbers of users connected across significant geographical locations, the consequence has been a deterioration in audit and control processes. Manual information systems attracted and received greater ownership and custodianship by those in command. Procedures used for the manual systems had an automatic and visible audit trail, and audit, control, management, and classification functions were stronger than is the case with electronic systems. Moreover, unlike computer-based systems, these schemes were readily understood by a management group that may not be "computer literate" under the more complicated electronic systems. Under electronic systems, application systems should be designed with the ability to link to or provide alerts on relevant policy and procedural changes as the officer is performing tasks. The world of business and information technology is experiencing difficulty with control and management in e-mail environments that did not exist in manual environments, and this problem has yet to be resolved. Regarding audit record entry, there should be a separate written information systems audit trail to provide a sufficient level of confidence that all electronically recorded activity is a true and accurate account of what has occurred. In an ever increasing number, e-mail is being used in place of postal and telephone services. It is more difficult to audit and monitor personal use of electronic mail under an increasing trend by users who are claiming privacy rights. There should be a signed agreement between the employee and the employer regarding the use of e-mail. 8 figures and 21 references