U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

COMPUTER SECURITY AND THE AUDITOR'S RESPONSIBILITY

NCJ Number
64578
Author(s)
J L SARDINAS
Date Published
1975
Length
231 pages
Annotation
THIS DISSERTATION EXAMINES THE AUDITOR'S ROLE IN COMPUTER SOFTWARE SECURITY WITH THE AIM OF DEVELOPING PROCEDURES PERMITTING MORE EFFECTIVE AUDITS OF DATA PROCESSING FACILITIES AND IMPROVING INTERNAL CONTROL.
Abstract
THREE PHASES OF SOFTWARE SECURITY AND AUDITABILITY ARE SCRUTINIZED: (1) PREPROCESSING CONSIDERATIONS, (2) PROCESSING CONSIDERATIONS, AND (3) POSTPROCESSING CONSIDERATIONS. DISCUSSION CENTERS ON THE PROCESSING FUNCTION AND ESPECIALLY ON ITS OPERATING SYSTEMS AND DATABASE MANAGEMENT SYSTEMS. AN INTENSIVE SEARCH OF RELEVANT LITERATURE DRAWS INFORMATION FROM THE LITERATURE ASSOCIATED WITH THE ACCOUNTING PROFESSION AND THE COMPUTER SCIENCE DISCIPLINE. A NUMBER OF CASE STUDIES ARE USED TO DISCUSS THE ACTUAL ELECTRONIC DATA PROCESSING (EDP) AUDITING PROCEDURES UTILIZED BY MOST ACCOUNTING FIRMS. THROUGH DISCUSSIONS WITH PERSONNEL OF ACCOUNTING FIRMS AS WELL AS ONSITE VISITS THE STRENGTHS AND WEAKNESSES OF AUDITING PROCEDURES ARE EVALUATED. A CONCEPTUAL MODEL IS DEVELOPED DESCRIBING A 'SYSTEMS APPROACH' TO AUDITING. THE PROCEDURES CURRENTLY AVAILABLE TO THE EDP AUDITOR ARE REVIEWED, AND BACKGROUND INFORMATION REGARDING OPERATING SYSTEMS AND DATABASE MANAGEMENT SYSTEMS ARE PROVIDED. FINALLY, RECOMMENDATIONS INCLUDE THE SUGGESTION THAT OPERATING SYSTEMS AND DATABASE MANAGEMENT SYSTEMS BE 'HARDWIRED' (BECOME PERMANENTLY PROGRAMMED, INTEGRATED CIRCUITS) SO THAT THE PROGRAMMER CANNOT MODIFY SUCH SYSTEMS. TABULAR DATA, A FLOW CHART, AND A BIBLIOGRAPHY ARE INCLUDED. (WJR)