skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 73526 Find in a Library
Title: Systems Auditability and Control Study - Executive Report
Corporate Author: Stanford Research Institute
United States of America
Date Published: 1977
Page Count: 27
Sponsoring Agency: IBM Corporation
Washington, DC 20006
Institute of Internal Auditors, Inc
Altamonte Springs, FL 32701
Stanford Research Institute
Menlo Park, CA 94025
Format: Document
Language: English
Country: United States of America
Annotation: This executive report of a systems auditability and control study examines the rationale for audit and control in computer-based information systems and the cost implications of systems auditability and control.
Abstract: Two complementary objectives guided the formulation of the research methodology for this project. The first objective was to identify and document specific audit and control techniques of proven value. The second objective was to identify practices and trends in internal audit in data processing for broad segments of business and government, both domestic and international. Data were gathered through either 45 site visits or a mail survey of 1,500 various industry groups and government agencies in Canada, the United States, Europe, and Japan. These companies were believed to be leaders in either their approach to data processing or internal auditing in the data processing environment. It was found that in many organizations no clear delineations had been made among the responsibilities at top management, data processing, internal audit, and the users of electronic data processing (EDP) systems for the control of such systems. Relying on EDP specialists, the users of a computer-based information system bear the main burden of ensuring the accuracy and completeness of inputs and the eventual reports. Internal auditors must be in a position to verify that the controls are adequate and are properly used yet maintain ther objectivity and independence. However, top management must ensure that clear lines of responsibilities exist for the control of EDP systems. Management should, therefore, evaluate current audit and control practices and the data processing skills within the internal audit staff, identify likely future trends in the development of computer-based information systems and data processing technology, and review existing programs and formulate new programs to improve capabilities in both the audit and control areas. Although the study attempted to identify costs associated with auditing computer-based information systems and with the implementation of necessary internal controls, little quantitative information was available. However, it was determined that the cost of detecting and correcting errors in computer-based information systems increases markedly at each successive stage of development and operation. Tabular data are provided. For related documents, refer to NCJ 73524 and 73525.
Index Term(s): Accounting methods; Auditing standards; Computer aided operations; Information dissemination
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=73526

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.