NCJ Number
73525
Date Published
1977
Length
204 pages
Annotation
This report, a part of a systems auditability and control study, presents information on auditing in the data processing environment and current data on processing methodology, tools, and techniques.
Abstract
Written primarily for internal auditors, the report will also be of interest to system designers and data processing managers who work with internal auditors or are concerned with improving the auditability of computer application systems. The report discusses the state-of-the-art of electronic data processing (EDP), emphasizing the importance of the EDP audit function and outlining a role for internal audit as it relates to the data processing function. Information is also presented on establishing an EDP audit staff, selecting individuals for that staff, and training of EDP auditors. Further, the three areas of audit activity in the data processing environment are described. They are auditing computer-based information systems, auditing computer service centers, and auditing computer-based systems development. Audit management tools and techniques discussed cover audit area selection, scoring, multisite audit software, and a competency center. In addition, computer application audit tools and techniques, such as parallel simulation, embedded audit data collection, extended records, and control flowcharting are described and evaluated. Job accounting data analysis, audit guides, and disaster testing for computer service center audits are also outlined. Tabular data, charts, and a glossary are provided. For related reports, refer to NCJ 73524 and 72526. (Author abstract modified)