IT Audit and Control
VerifiedAdded on 2022/12/14
|10
|2933
|385
AI Summary
The paper summarizes the annual Information Systems Audit Report and reviews applications in IT audit and control. It includes findings, recommendations, and weaknesses in various applications.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: IT AUDIT AND CONTROL
IT AUDIT AND CONTROL
Name of the Student
Name of the university
Author note
IT AUDIT AND CONTROL
Name of the Student
Name of the university
Author note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1IT AUDIT AND CONTROL
The paper will be summarizing the annual Information Systems Audit Report. The
content of the report provides the results of the annual cycle related to the information
systems audits of the year 2018. The report also includes some of the application reviews
from the report of the last year. Important findings as well as recommendations that address
the weaknesses of the common system have also been included in the report. Applications
refer to the software programs that enhance key business processes of an organization that
includes finance, case management, billing, licensing and human resources (Senft, Gallegos
and Davis 2016). The applications facilitate some of the specialist functions as well. These
specialist functions are essential as well as unique to individual entities. The article reviews
some of the primary applications of business that are there various state government entities.
Each of the applications is important to entity operations and also has a significant effect on
the stakeholders that include the public. The report considers four such applications that are:
1) Recruitment Advertisement Management System of Public Sector Commission
2) Advanced Metering Infrastructure of Horizon Power
3) Pensioner Rebate Scheme and Exchange of Office of State Revenue
4) New Land Register of Western Australian Land Information Authority
The review of the various application lay stress on organized processing as well as handling
of data in the below given categories:
a) Policies and procedures
b) Data input
c) Data output
d) Segregation of duties
The paper will be summarizing the annual Information Systems Audit Report. The
content of the report provides the results of the annual cycle related to the information
systems audits of the year 2018. The report also includes some of the application reviews
from the report of the last year. Important findings as well as recommendations that address
the weaknesses of the common system have also been included in the report. Applications
refer to the software programs that enhance key business processes of an organization that
includes finance, case management, billing, licensing and human resources (Senft, Gallegos
and Davis 2016). The applications facilitate some of the specialist functions as well. These
specialist functions are essential as well as unique to individual entities. The article reviews
some of the primary applications of business that are there various state government entities.
Each of the applications is important to entity operations and also has a significant effect on
the stakeholders that include the public. The report considers four such applications that are:
1) Recruitment Advertisement Management System of Public Sector Commission
2) Advanced Metering Infrastructure of Horizon Power
3) Pensioner Rebate Scheme and Exchange of Office of State Revenue
4) New Land Register of Western Australian Land Information Authority
The review of the various application lay stress on organized processing as well as handling
of data in the below given categories:
a) Policies and procedures
b) Data input
c) Data output
d) Segregation of duties
2IT AUDIT AND CONTROL
e) Security of sensitive information
f) Backup and recovery
g) Audit trail
h) Masterfile maintenance
The test done highlights the weaknesses in the control design of the applications that are
responsible to increase the risk of data or information to mishandle (Chou 2015). The report
suggests that the majority of the issues found were simple as well as inexpensive to resolve.
The entities of Western Australian government make use of Recruitment Management
System (RAMS) in order to maintain the recruitment process of its staffs as well as to record
other severance details. Public make use of this system to apply for the government jobs
there. As per the report the system is hosted by external means and a third party vendor
manages it in a SaaS arrangement that is Software as a Service (Dzuranin and Mălăescu
2015). The system contains sensitive informations that include names, work history, bank
details, addresses and tax file numbers. As per the report RAMS has been successful in
facilitating significant number of the recruitment processes since its implementation in the
year 2003. Still there are some opportunities of improvement in the application. The Public
Sector Commission has not been assured that the information stored in RAMS will be safe
and confidential. The Commission is unable to demonstrate the monitoring as well as
managing vendor compliance of RAMS as per the requirement of service level agreement.
The risk involved here is that inappropriate business continuity plan could encounter an
outage that could have serious impacts on the activities related to recruitment across Western
Australian government (Han, Rezaee, Xue and Zhang 2015). Poorly managed user access can
expose sensitive data to cyber criminals who can misuse these for their own benefit. RAMS
e) Security of sensitive information
f) Backup and recovery
g) Audit trail
h) Masterfile maintenance
The test done highlights the weaknesses in the control design of the applications that are
responsible to increase the risk of data or information to mishandle (Chou 2015). The report
suggests that the majority of the issues found were simple as well as inexpensive to resolve.
The entities of Western Australian government make use of Recruitment Management
System (RAMS) in order to maintain the recruitment process of its staffs as well as to record
other severance details. Public make use of this system to apply for the government jobs
there. As per the report the system is hosted by external means and a third party vendor
manages it in a SaaS arrangement that is Software as a Service (Dzuranin and Mălăescu
2015). The system contains sensitive informations that include names, work history, bank
details, addresses and tax file numbers. As per the report RAMS has been successful in
facilitating significant number of the recruitment processes since its implementation in the
year 2003. Still there are some opportunities of improvement in the application. The Public
Sector Commission has not been assured that the information stored in RAMS will be safe
and confidential. The Commission is unable to demonstrate the monitoring as well as
managing vendor compliance of RAMS as per the requirement of service level agreement.
The risk involved here is that inappropriate business continuity plan could encounter an
outage that could have serious impacts on the activities related to recruitment across Western
Australian government (Han, Rezaee, Xue and Zhang 2015). Poorly managed user access can
expose sensitive data to cyber criminals who can misuse these for their own benefit. RAMS
3IT AUDIT AND CONTROL
can be considered as the e-recruitment solution of government and all of the Western
Australia entities should make use of this to put advertisement for the vacancies,
redeployments and to record severances (Raphael 2017). The application aids the users by
helping them create profile and in these profiles they can submit their job applications via the
medium of multiple job boards. As per the report in the year 2017-18 RAMS has processed
almost 238,000 applications for more than 15,400 job advertisements. The audit findings
reveal that the Commission undertaken any such steps that could check that the information
security controls managed by the primary vendor are adequate. The report findings suggest
lack in case of assessing risks has been the main reason behind the information security
requirements for the stored informations. Risks involved in unauthorized access have
increased due to inadequate control over access. The outdated business continuity plan was
also one of the weaknesses that were found and it showed the inadequate arrangements in the
business continuity (Byrnes et al. 2018). Some recommendations suggest that the
Commission should think of implementing certain framework of risk assurance for the SaaS
arrangements and obtain feedbacks from the various stakeholders of the key entities. RAMS
Business Continuity Plan should be updated and reviewed on the basis of appropriate
Business Impact Analysis.
The report includes the audit being done on applications within Advanced Metering
Infrastructure that are made use of by the Regional Power Cooperation which conduct trade
as Horizon Power. The application records, monitors and bills for consumption of electricity.
These store all the personal as well as the sensitive data of the clients that include name,
location of the electricity meters installed and date of birth. The AMI system collects and
stores the data related to electricity consumption and communicates the same to the other
systems of Horizon business. Horizon is owned by the government that is involved in
generating, procuring and distributing electricity to industrial, commercial as well as
can be considered as the e-recruitment solution of government and all of the Western
Australia entities should make use of this to put advertisement for the vacancies,
redeployments and to record severances (Raphael 2017). The application aids the users by
helping them create profile and in these profiles they can submit their job applications via the
medium of multiple job boards. As per the report in the year 2017-18 RAMS has processed
almost 238,000 applications for more than 15,400 job advertisements. The audit findings
reveal that the Commission undertaken any such steps that could check that the information
security controls managed by the primary vendor are adequate. The report findings suggest
lack in case of assessing risks has been the main reason behind the information security
requirements for the stored informations. Risks involved in unauthorized access have
increased due to inadequate control over access. The outdated business continuity plan was
also one of the weaknesses that were found and it showed the inadequate arrangements in the
business continuity (Byrnes et al. 2018). Some recommendations suggest that the
Commission should think of implementing certain framework of risk assurance for the SaaS
arrangements and obtain feedbacks from the various stakeholders of the key entities. RAMS
Business Continuity Plan should be updated and reviewed on the basis of appropriate
Business Impact Analysis.
The report includes the audit being done on applications within Advanced Metering
Infrastructure that are made use of by the Regional Power Cooperation which conduct trade
as Horizon Power. The application records, monitors and bills for consumption of electricity.
These store all the personal as well as the sensitive data of the clients that include name,
location of the electricity meters installed and date of birth. The AMI system collects and
stores the data related to electricity consumption and communicates the same to the other
systems of Horizon business. Horizon is owned by the government that is involved in
generating, procuring and distributing electricity to industrial, commercial as well as
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4IT AUDIT AND CONTROL
industrial customers. As per the records it provides electricity to almost more than 100,000
residents and 10,000 businesses. The audit findings suggest that the application has
appropriate processes required in detecting errors if any in the meter readings but still the
value of error is generally high (Okeke-Uzodike and Subban 2015). The findings also suggest
that the policies and associated processes of Horizon do not involve checking the past history
of the employees being appointed that reveals inadequate human resource security. The
informations stored in the system are vulnerable to errors and unintentional disclosure. The
report also suggests that there are some opportunities where the security of the application
can be reviewed improvisations done on the electronic records. As per the recommendations
Horizons should determine the causes behind the errors in the meter reading and resolve
them. They should check the background of the staffs and the contractors. Manual processes
can be substituted with digital ones. There should be proper review as well as implementation
of user access management practices. Horizon power is well aware of the reasons behind
errors in the consumption data but has been unable to resolve the problem due to the complex
systems of Large Enterprises looking into contract management and billing. The costs related
to the implementation of digital solutions will be assessed by Horizons and then
implemented.
The Office of State Revenue is responsible to process the claims of local government
entities and then reimburses concessions which are paid to those pensioners and seniors those
who are eligible for the same trough PRS that is Pensioner Rebate Scheme and PRX that is
Pensioner Rebate Exchange. The PRS system and PRX interface support State Revenue and
local government claims to process the reimbursement claims. As per the report, the State
Revenue has not been involved in land ownership or any such occupancy checks since the
year 2005. This has increased the risks of paying the concessions to those who are not
eligible for the same. The State Revenue serves as a business unit of the Finance Department
industrial customers. As per the records it provides electricity to almost more than 100,000
residents and 10,000 businesses. The audit findings suggest that the application has
appropriate processes required in detecting errors if any in the meter readings but still the
value of error is generally high (Okeke-Uzodike and Subban 2015). The findings also suggest
that the policies and associated processes of Horizon do not involve checking the past history
of the employees being appointed that reveals inadequate human resource security. The
informations stored in the system are vulnerable to errors and unintentional disclosure. The
report also suggests that there are some opportunities where the security of the application
can be reviewed improvisations done on the electronic records. As per the recommendations
Horizons should determine the causes behind the errors in the meter reading and resolve
them. They should check the background of the staffs and the contractors. Manual processes
can be substituted with digital ones. There should be proper review as well as implementation
of user access management practices. Horizon power is well aware of the reasons behind
errors in the consumption data but has been unable to resolve the problem due to the complex
systems of Large Enterprises looking into contract management and billing. The costs related
to the implementation of digital solutions will be assessed by Horizons and then
implemented.
The Office of State Revenue is responsible to process the claims of local government
entities and then reimburses concessions which are paid to those pensioners and seniors those
who are eligible for the same trough PRS that is Pensioner Rebate Scheme and PRX that is
Pensioner Rebate Exchange. The PRS system and PRX interface support State Revenue and
local government claims to process the reimbursement claims. As per the report, the State
Revenue has not been involved in land ownership or any such occupancy checks since the
year 2005. This has increased the risks of paying the concessions to those who are not
eligible for the same. The State Revenue serves as a business unit of the Finance Department
5IT AUDIT AND CONTROL
and it is involved in collecting duties as well as taxes. This also administers various grants
and subsidies been paid to the society (Guo, Ten, Hu and Weaver 2015). This is also involved
in managing local government claims in accordance with Rates and Charges. The audit
findings suggest that there are high risks of the payments being paid to the persons who are
not eligible as the State Revenue does not perform essential land ownership as well as
occupancy checks. The informations can be accessed by unauthorized persons as there is no
such adequate control. The vulnerabilities related to security are mismanaged that leaves PRS
and PRX exposed to various attacks. As per the recommendations the State Revenue should
update the policy and associated processes related to information security so that user access
management can be handled in a better way. They should establish certain processes and
related checks to land ownership as well as occupancy as per the Act. There should be
processes established to update system user support documentation (Zaiceanu, Hlaciuc, and
Lucan 2015). State Revenue should make improvisations in the management processes to
identify as well as address the weaknesses. The Office of State Revenue accepted the stated
recommendations and these were considered to be achievable within the specific timeframes.
The New Land Registry- Tiles (NLR-T) is the application that is made use of by
Western Australian Land Information Authority, and helps in managing property ownership
as well as informations regarding location for the region of Western Australia. The
application automates paper-based land registration processes that are already present. The
NLR-T application permits Landgate to maintain the land transactions. The management
related to user access and associated information needs improvisations in order to safeguard
the integrity of the applications data (Blake 2015). Landgate is considered to be the one
among the oldest entities of state government. It is responsible to manage the informations
related to land as well as property. The findings of the audit revealed that the changes been
done to land information were not reviewed. Unauthorized access can happen as there were
and it is involved in collecting duties as well as taxes. This also administers various grants
and subsidies been paid to the society (Guo, Ten, Hu and Weaver 2015). This is also involved
in managing local government claims in accordance with Rates and Charges. The audit
findings suggest that there are high risks of the payments being paid to the persons who are
not eligible as the State Revenue does not perform essential land ownership as well as
occupancy checks. The informations can be accessed by unauthorized persons as there is no
such adequate control. The vulnerabilities related to security are mismanaged that leaves PRS
and PRX exposed to various attacks. As per the recommendations the State Revenue should
update the policy and associated processes related to information security so that user access
management can be handled in a better way. They should establish certain processes and
related checks to land ownership as well as occupancy as per the Act. There should be
processes established to update system user support documentation (Zaiceanu, Hlaciuc, and
Lucan 2015). State Revenue should make improvisations in the management processes to
identify as well as address the weaknesses. The Office of State Revenue accepted the stated
recommendations and these were considered to be achievable within the specific timeframes.
The New Land Registry- Tiles (NLR-T) is the application that is made use of by
Western Australian Land Information Authority, and helps in managing property ownership
as well as informations regarding location for the region of Western Australia. The
application automates paper-based land registration processes that are already present. The
NLR-T application permits Landgate to maintain the land transactions. The management
related to user access and associated information needs improvisations in order to safeguard
the integrity of the applications data (Blake 2015). Landgate is considered to be the one
among the oldest entities of state government. It is responsible to manage the informations
related to land as well as property. The findings of the audit revealed that the changes been
done to land information were not reviewed. Unauthorized access can happen as there were
6IT AUDIT AND CONTROL
no adequate means to control access of the users. Lack in the external network penetration
testing has the highest possibility to result in various vulnerabilities that generally go
undetected. Data such as credit card details are exposed to data breaches owing to the
insecure methods. In order to overcome the prevalent weaknesses Landgate requires to make
certain revisions in its policies and procedures related to access controls and they should
ensure that these are implemented effectively (Foster et al. 2016). It should establish proper
controls to safeguard vital information specially credit card details. Landgate needs to review
its delivery as well as the costs related to the services as per the Master Agreement. Landgate
considered the recommendations and implemented certain changes to its business processes
as well. Its security framework has been extended to strengthen the infrastructure and has
also taken some extra steps to resolve the identified weaknesses.
The report includes audit performed on general computer controls (GCC) and the
main purpose of this audit is to find out whether the computer controls are effective in
supporting the integrity as well as confidentiality of the informations stored in these systems.
GCC includes control over the environment of information technology, access to programs,
program development as well as program alterations. The audit was conducted at 47 state
government entities and 39 of these entities were provided with the capability of assessing
and they were asked to return completed forms at the end of the audit. An audit scale ranging
from 0-5 was used to evaluate the capability maturity level of the entities in case of each of
GCC control categories (Axelsen, Green and Ridley 2017). This specific model provides a
certain baseline for making comparisons in the results of the entity and case studies have also
been included where the weaknesses of the information security system have been revealed.
The audit findings reveal that entities are required to establish better controls for managing
security of information, continuity in business and related risks of IT. The entities were
expected to get a rating equal to or better than level 3 in all the categories. In case of
no adequate means to control access of the users. Lack in the external network penetration
testing has the highest possibility to result in various vulnerabilities that generally go
undetected. Data such as credit card details are exposed to data breaches owing to the
insecure methods. In order to overcome the prevalent weaknesses Landgate requires to make
certain revisions in its policies and procedures related to access controls and they should
ensure that these are implemented effectively (Foster et al. 2016). It should establish proper
controls to safeguard vital information specially credit card details. Landgate needs to review
its delivery as well as the costs related to the services as per the Master Agreement. Landgate
considered the recommendations and implemented certain changes to its business processes
as well. Its security framework has been extended to strengthen the infrastructure and has
also taken some extra steps to resolve the identified weaknesses.
The report includes audit performed on general computer controls (GCC) and the
main purpose of this audit is to find out whether the computer controls are effective in
supporting the integrity as well as confidentiality of the informations stored in these systems.
GCC includes control over the environment of information technology, access to programs,
program development as well as program alterations. The audit was conducted at 47 state
government entities and 39 of these entities were provided with the capability of assessing
and they were asked to return completed forms at the end of the audit. An audit scale ranging
from 0-5 was used to evaluate the capability maturity level of the entities in case of each of
GCC control categories (Axelsen, Green and Ridley 2017). This specific model provides a
certain baseline for making comparisons in the results of the entity and case studies have also
been included where the weaknesses of the information security system have been revealed.
The audit findings reveal that entities are required to establish better controls for managing
security of information, continuity in business and related risks of IT. The entities were
expected to get a rating equal to or better than level 3 in all the categories. In case of
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IT AUDIT AND CONTROL
information security only 47% of the entities reached the benchmark and prove to have been
managing the information security properly in the year 2018. This showed that it had
declined by 3% from that of the year 2017. An updated business continuity plan, disaster
recovery plan as well as incident response plan is required to ensure continuity in the
businesses. The audit revealed that there had been an increment of only 13% from what the
value was in the last year. 50% of entities still lacked in appropriate business continuity plan.
69% of the entities achieved the expectations of managing the IT risks and it had improved
by 33%. The IT practices along with the service level performance of the entities increased
by 7% compared to the previous year (Omoteso 2016). In the change control category 9%
decrease was seen in the performance but slow improvement was seen as almost 70% of the
entities achieved level 3 or a rating higher than that (Hall 2015). In case of physical security
76% of the entities achieved the expectations for managing physical security. A 14%
decrease was seen from that of the last year in this case. As per the report majority of the
findings required immediate action. Some recommendations in this case are that the
executive managers should see to it that the security practices implemented must be up-to-
date and regularly tested. The entities should update their business continuity plan and the
disaster recovery plan. The processes involved in change control should be well developed as
well as consistent (Elefterie and Badea 2016). Unauthorized access should be prevented by
developing and implementing certain physical control mechanism and environmental control
mechanisms.
information security only 47% of the entities reached the benchmark and prove to have been
managing the information security properly in the year 2018. This showed that it had
declined by 3% from that of the year 2017. An updated business continuity plan, disaster
recovery plan as well as incident response plan is required to ensure continuity in the
businesses. The audit revealed that there had been an increment of only 13% from what the
value was in the last year. 50% of entities still lacked in appropriate business continuity plan.
69% of the entities achieved the expectations of managing the IT risks and it had improved
by 33%. The IT practices along with the service level performance of the entities increased
by 7% compared to the previous year (Omoteso 2016). In the change control category 9%
decrease was seen in the performance but slow improvement was seen as almost 70% of the
entities achieved level 3 or a rating higher than that (Hall 2015). In case of physical security
76% of the entities achieved the expectations for managing physical security. A 14%
decrease was seen from that of the last year in this case. As per the report majority of the
findings required immediate action. Some recommendations in this case are that the
executive managers should see to it that the security practices implemented must be up-to-
date and regularly tested. The entities should update their business continuity plan and the
disaster recovery plan. The processes involved in change control should be well developed as
well as consistent (Elefterie and Badea 2016). Unauthorized access should be prevented by
developing and implementing certain physical control mechanism and environmental control
mechanisms.
8IT AUDIT AND CONTROL
References
Axelsen, M., Green, P. and Ridley, G., 2017. Explaining the information systems auditor role
in the public sector financial audit. International Journal of Accounting Information
Systems, 24, pp.15-31.
Blake, D., 2015. Issues in Pension Funding (Routledge Revivals). Routledge.
Byrnes, P.E., Al-Awadhi, A., Gullvist, B., Brown-Liburd, H., Teeter, R., Warren Jr, J.D. and
Vasarhelyi, M., 2018. Evolution of Auditing: From the Traditional Approach to the Future
Audit 1. In Continuous Auditing: Theory and Application (pp. 285-297). Emerald Publishing
Limited.
Chou, D.C., 2015. Cloud computing risk and audit issues. Computer Standards &
Interfaces, 42, pp.137-142.
Dzuranin, A.C. and Mălăescu, I., 2015. The current state and future direction of IT audit:
Challenges and opportunities. Journal of Information Systems, 30(1), pp.7-20.
Elefterie, L. and Badea, G., 2016. The impact of information technology on the audit
process. Economics, Management and Financial Markets, 11(1), p.303.
Foster, S., Hooper, P., Knuiman, M., Bull, F. and Giles-Corti, B., 2016. Are liveable
neighbourhoods safer neighbourhoods? Testing the rhetoric on new urbanism and safety from
crime in Perth, Western Australia. Social science & medicine, 164, pp.150-157.
Guo, Y., Ten, C.W., Hu, S. and Weaver, W.W., 2015. Preventive maintenance for advanced
metering infrastructure against malware propagation. IEEE Transactions on Smart Grid, 7(3),
pp.1314-1328.
Hall, J.A., 2015. Information technology auditing. Cengage Learning.
References
Axelsen, M., Green, P. and Ridley, G., 2017. Explaining the information systems auditor role
in the public sector financial audit. International Journal of Accounting Information
Systems, 24, pp.15-31.
Blake, D., 2015. Issues in Pension Funding (Routledge Revivals). Routledge.
Byrnes, P.E., Al-Awadhi, A., Gullvist, B., Brown-Liburd, H., Teeter, R., Warren Jr, J.D. and
Vasarhelyi, M., 2018. Evolution of Auditing: From the Traditional Approach to the Future
Audit 1. In Continuous Auditing: Theory and Application (pp. 285-297). Emerald Publishing
Limited.
Chou, D.C., 2015. Cloud computing risk and audit issues. Computer Standards &
Interfaces, 42, pp.137-142.
Dzuranin, A.C. and Mălăescu, I., 2015. The current state and future direction of IT audit:
Challenges and opportunities. Journal of Information Systems, 30(1), pp.7-20.
Elefterie, L. and Badea, G., 2016. The impact of information technology on the audit
process. Economics, Management and Financial Markets, 11(1), p.303.
Foster, S., Hooper, P., Knuiman, M., Bull, F. and Giles-Corti, B., 2016. Are liveable
neighbourhoods safer neighbourhoods? Testing the rhetoric on new urbanism and safety from
crime in Perth, Western Australia. Social science & medicine, 164, pp.150-157.
Guo, Y., Ten, C.W., Hu, S. and Weaver, W.W., 2015. Preventive maintenance for advanced
metering infrastructure against malware propagation. IEEE Transactions on Smart Grid, 7(3),
pp.1314-1328.
Hall, J.A., 2015. Information technology auditing. Cengage Learning.
9IT AUDIT AND CONTROL
Han, S., Rezaee, Z., Xue, L. and Zhang, J.H., 2015. The association between information
technology investments and audit risk. Journal of Information Systems, 30(1), pp.93-116.
Okeke-Uzodike, O.E. and Subban, M., 2015. Public sector recruitment policies: efficiency,
effectiveness and consequences. Problems and Perspectives in Management, 13(1), pp.26-34.
Omoteso, K., 2016. Audit effectiveness: Meeting the IT challenge. Routledge.
Raphael, J., 2017. Rethinking the Audit: Innovation Is Transforming How Audits Are
Conducted-and Even What It Means to Be an Auditor. Journal of Accountancy, 223(4), p.28.
Senft, S., Gallegos, F. and Davis, A., 2016. Information technology control and audit.
Auerbach publications.
Zaiceanu, A.M., Hlaciuc, E. and Lucan, A.N.C., 2015. Methods for risk identification and
assessment in financial auditing. Procedia Economics and Finance, 32, pp.595-602.
Han, S., Rezaee, Z., Xue, L. and Zhang, J.H., 2015. The association between information
technology investments and audit risk. Journal of Information Systems, 30(1), pp.93-116.
Okeke-Uzodike, O.E. and Subban, M., 2015. Public sector recruitment policies: efficiency,
effectiveness and consequences. Problems and Perspectives in Management, 13(1), pp.26-34.
Omoteso, K., 2016. Audit effectiveness: Meeting the IT challenge. Routledge.
Raphael, J., 2017. Rethinking the Audit: Innovation Is Transforming How Audits Are
Conducted-and Even What It Means to Be an Auditor. Journal of Accountancy, 223(4), p.28.
Senft, S., Gallegos, F. and Davis, A., 2016. Information technology control and audit.
Auerbach publications.
Zaiceanu, A.M., Hlaciuc, E. and Lucan, A.N.C., 2015. Methods for risk identification and
assessment in financial auditing. Procedia Economics and Finance, 32, pp.595-602.
1 out of 10
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.