skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 67602 Find in a Library
Title: EDP (ELECTRONIC DATA PROCESSING) AUDITING - WHY? HOW? WHAT?
Journal: INTERNAL AUDITOR  Volume:34  Issue:3  Dated:(JUNE 1977)  Pages:27-34
Author(s): P T MCGUIRE
Date Published: 1977
Page Count: 8
Format: Article
Language: English
Country: United States of America
Annotation: ASPECTS OF ELECTRONIC DATA PROCESSING (EDP) AUDITS WHICH WILL HELP TO PREVENT COMPUTER MISUSE AND HIGH COST ARE DISCUSSED.
Abstract: PREVENTING ILLEGAL INTRUSION INTO COMPANY FILES, INTENTIONAL OR ACCIDENTAL, SHOULD BE CONSIDERED EARLY IN SYSTEM DESIGN. DETECTING AND MONITORING SYSTEMS FOR MISUSE SHOULD BE CONTINUAL. THE EDP AUDITOR SHOULD BE INVOLVED IN THESE ACTIVITIES. THE AUDITOR CAN ALSO PROVIDE VALUABLE INFORMATION IN THE DESIGN OF A NEW SYSTEM. AN EDP AUDIT PLAN MIGHT INCLUDE AN EVALUATION OF EDP USER SATISFACTION, THE PERFORMANCE OF A RISK ANALYSIS (RISK OF EXPOSURE TO UNAUTHORIZED ACCESS AND MISUSE OF COMPUTER FILES), EVALUATION OF CONSULTING FEES PAID BY THE COMPANY, AND PRESENTATION OF FINDINGS AND SUGGESTIONS TO UPPER MANAGEMENT. THE PRESENTATION TO MANAGEMENT SHOULD INCLUDE INFORMATION SHOWING THE NEED FOR AUDITING, THE OVERALL PLAN, STAFFING REQUIREMENTS, TRAINING PROCEDURES, INITIAL AUDIT, BUDGET, AND AN ANALYSIS OF COST VERSUS BENEFITS. SUPPORT FROM UPPER MANAGEMENT FOR THE DEVELOPMENT OF THE AUDIT PLAN SHOULD BE OBTAINED FOR A GIVEN PERIOD OF TIME, AT THE END OF WHICH A REVIEW OF PROGRESS AND OBJECTIVES WILL BE MADE. WHEN HIRING THE FIRST EDP AUDITOR, AND ORGANIZATION SHOULD MAKE AN EFFORT TO FIND A DEGREED ACCOUNTANT WITH EXPERIENCE IN EDP AND COMPUTER FRAUD PROJECTS. TRAINING SHOULD BE PROVIDED FOR BOTH THE AUDIT MANAGER AND THE AUDITOR. FOR THE FIRST EDP AUDIT, WELL-DEFINED AND ATTAINABLE GOALS SHOULD BE PURSUED. ORGANIZATIONS MUST ANTICIPATE PROBLEMS IN STAFFING, SCHEDULING, LACK OF DOCUMENTATION NECESSARY FOR AN AUDIT, AND THE TEMPTATION TO FORMULATE PREMATURE CONCLUSIONS. (RCB)
Index Term(s): Audits; Computer related crime; Crime specific countermeasures; Personnel; Planning
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=67602

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.