Information System Audit: E-Governance, IT Performance & Security

Verified

Added on 2023/04/10

AI Summary

This report provides a comprehensive analysis of information system audits, covering various aspects such as the role of external auditors, critical evaluation of e-government systems in Nepal, the importance of IT performance management, and vulnerabilities in wireless technologies. It addresses the responsibilities of external auditors, the evaluation of Nepal's e-government development index, and the business benefits of IT performance management. The report also evaluates the statement that performance measurement metrics should not be copied from similar enterprises and discusses vulnerabilities in wireless technologies, including hacking techniques and mitigation strategies. Furthermore, it includes a case study addressing risk determination and testing program change management related to information technology.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: Information system Audit
Information system Audit
Name of Student:
Name of the University:
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
Information system Audit
Table of Contents
Answer to Task 1.......................................................................................................................2
Answer to question 2..................................................................................................................2
Answer to Task 3.......................................................................................................................3
Answer to Task 4.......................................................................................................................4
Case study question....................................................................................................................6
References..................................................................................................................................7

2
Information system Audit
Answer to Task 1
The Responsibility of the external auditor of a company is to form an opinion on the
financial statement of an enterprise, whether financial statement represent true and fair view,
whether financial statement is free from material misstatement and whether those financial
statement has been prepared using general accounting principles and Auditing standard
(Abomhara 2015).
As per the provision of the AICPA, an auditor does not render certain services like
 Preparation of books of account
 Preparation of the board of the director minutes
 Investment advisory services,
 Selection of appropriate accounting policy
 Investment banking services
 Management services
Therefore, an external auditor will not provide any advice to design management staff of
the organization (Gietzmann and Pettinicchio 2014).
Answer to question 2
Part (a) Critical evaluation of the information system (IS) audit in Nepal
E-government refers to the application information communication technology (ICT)
in order to provide better services to its tax paying citizen at a lower cost (Abomhara 2015).
E-government development index which represent the E-government development of a
country in the world. As per the authors E- government development index (EGDI) and E-

3
Information system Audit
participation index (EPI) of Nepal are extremely low when they are sampled among the 8
SAARC nation. The EGDI and EPI of Nepal is 02344 and .2941 respectively in the world.
Nepal is able to secure7thposition in total of 8 nations. These data of the country are
extremely alarming and the country should focus on the ways to improve them. The country
should work on providing information system audit to provide quality services to the tax
payer of the nation. Providing quality information system audit is prerequisite criteria for the
improvement in the government development index and E- participation index of a country.
Part (b) Importance of information system Audit in light of the Nepal E- government
 Information system audit is important as it provide assurance that the IT system of the
organization is adequately protected against any kind of fraud (Gupta and Shakya
2015).
 Information system audit determine the level of the compliance of the financial
statement of the enterprise with the applicable law.
 Information system audit monitor the performance of an enterprise activity and its
policies and procedure (Jairak and Praneetpolgrang 2013).
Answer to Task 3
Part (a) Business benefit achieved from IT performance management.
Information technology (IT) enable business gains various advantages in terms of
productivity and performance, as compare to the other firm of the same industry (Kerzner
2017). IT helps the business in consistently apply predefined set business rules in the internal
control environment of the organization. This help in boosting the productivity of the
workforce, as their performance is measure using the technology devices.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
Information system Audit
Now a day business is using the business analytics tools to monitor the progress made
by the different department. Organization are also able track any loophole in their system,
which need to rectify in order to achieve operational excellence and performance
management. Thus all these major improvements in the business efficiency is possible due to
the use of technology in business environment.
Part (b) Evaluation of Authors Statement “performance measurement
metrics should not be copied from similar enterprises”.
Every enterprise is different and unique in their way, as they have
different set of objective and goals which need to achieve within a pre-
defined period of time (Rhodes-Ousley 2013). Every business organization
designed their performance measurement metrics based on their
following parameter like enterprise vision, mission, corporate strategy,
work culture, business policy, competition dynamics, and business
strength and weakness (Tingliao and Lianghua 2015). All these factors vary
from enterprise to enterprise, so it would irrelevant to copy the
performance measurement metrics from similar organization.
Answer to Task 4
Part (a)
As per the discussion made by Mr Holman about the Vulnerability of wireless and
other common technology (O’Sullivan 2015). It can be summarised that business or an
individual faces certain threat when they expose any data wirelessly through internet
communication technology. The degree of threat depends upon the materiality of the data
being transmitted wirelessly. These vulnerabilities may range from the exploitation of the

5
Information system Audit
network security or to make a cyber-attack on the organization system. The consequences are
very threatening which need immediate measure to tackle the problem.
Part (b)
As discussed by Mr Holman, the tool for exploiting the network security protocols are
Hacker bot and Sniper Yagi. Hacker bot is a kind a robot that can enter the network security
of an enterprise and its can put some malicious file into system to disrupt the functionality
and drive some important data out of the company. The hacker may attack the company in
order to steal some confidential data of the entity like business strategy, company lender
details, product composition any many others.
Part (c)
A network security hacking is performed by a technically competent person who
knows the network system design and the vulnerability of those system (Chauhan and Panda
2015). These individual first identify their target organization to do the cyber-attack, then
they design a hacking script using the programming language. These hacking script are
allowing to penetrate into the enterprise system to disrupt the functionality of the network
security protocol like firewall.
Part (d)
The particular hack technique as disclose by the Mr Holman like sniper Yagi has
caught my attention. These hacking technique is interesting as using the sniper Yagi a person
can swap the long range password of a Wi-Fi users in a wireless technology. These
passwords can be stolen using password sniffing tool or by penetrating some encrypted code
into the system. The technique can be used for both the ethical as well unethical purpose.
Part (e)

6
Information system Audit
In order to mitigate the effect of the effect of the vulnerability caused the hacking. A
firm should deploy proper security control into the system. The system should be reviewed
periodically on a regular basis to identify any security breach. The entity should deploy the
network security protocol, which will monitor the organization system for any kind malicious
activities on the system network. The entity should use anti- virus software, anti-spy
software, egress filtering, fire wall to protect the system against attack.
Case study question
Answer to question 1
Answer is option (a)
Reasons: the auditor should first of all determine the risk that are caused by the use
of information technology (IT). The auditor should ensure that those Control which are
imposed by the IT system are reliable and working effectively.
Answer to question 2
Answer is option (c)
Reasons: the testing program change management should be based on the appropriate
examination of the system criticality.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
Information system Audit
References
[1].L Tingliao and C Lianghua The IT Audit Objective Research Based on The
Information System Success Model under The Big Data Environment. In 5th
International Symposium on Knowledge Acquisition and Modeling (KAM 2015).
Atlantis Press(June, 2015)
[2]. M Rhodes-Ousley. Information security: the complete reference. McGraw Hill
Education.(2013).
[3].H O’Sullivan. Security Vulnerabilities of Bluetooth Low Energy Technology
(BLE). Tufts University (2015).
[4].H, Kerzner. Project management metrics, KPIs, and dashboards: a guide to
measuring and monitoring project performance. John Wiley & Sons (2017).
[5].K, Jairak and P, Praneetpolgrang Applying IT governance balanced scorecard and
importance-performance analysis for providing IT governance strategy in
university. Information Management & Computer Security, 21(4), pp.228-249 (2013).
[6].A, Gupta and S, Shakya Information system audit an overview study in e-Government
of Nepal. In 2015 International Conference on Green Computing and Internet of
Things (ICGCIoT) (pp. 827-831). IEEE.(2015)
[7].M.B,Gietzmann, and A.K Pettinicchio External auditor reassessment of client
business risk following the issuance of a comment letter by the SEC. European
Accounting Review, 23(1), pp.57-85.(2014)
[8].S. Chauhan and N.K Panda, Hacking Web Intelligence: Open Source Intelligence and
Web Reconnaissance Concepts and Techniques. Syngress(2015)