Computer auditing

The 1990s takes us into the third age of computer auditing - the age of mature theory, recognized best practice and distinctive professional qualifications. The third edition of "Computer Auditing" which incorporates an extensive rewrite of many sections, a large amount of new material and a major change in presentation - reflects the maturity of the state of the art. The book is primarily addressed to the auditor who is not a technical specialist - but who, being an auditor, needs to be a computer auditor. However, the text addresses the relevant technical issues to the necessary extent. No auditor, being a computer auditor, can avoid them, or should wish to do so. We can at last say that all auditors are indeed computer auditors - though some do still need to be more technically specialized than others. This third edition reflects the increasing pace of implementation of information technology. New material covers such subjects as: trends in IT and their impact on auditors; audit of forward planning; developments in networks, electronic data interchange and multi-user systems; automated auditing procedures; use of packages (either on their own or in conjunction with systems developed in-house); variety in methods of developing systems; user developing and implementing their own systems with limited (if any) recourse to technical specialists; legal developments. We have also sought to include more material in the form of checklists and questionnaires. We believe that audit is, above all, a set of practical tasks rather than theoretical exercises.

• Part 1 State of the art: overall management objectives - overview
• computer auditing - overview
• trends in IT and their impact on auditors. Part 2 Audit objectives and approach: internal and external audit objectives
• competence of auditors
• integration of audit work
• auditing the forward planning of IT
• risk analysis techniques in computer auditing
• computer crime fraud and misuse. Part 3 Automating the audit process: audit automation - overview
• expert systems. Part 4 Control and audit of computer installations: computer installations - general principles of control
• systems software
• control of computer bureau and time-sharing services. Part 5 Controls and audit of systems development, acquisition and maintenance: control of system development - overview
• control of system development - "classical" procedures
• control of system . development. and supplementary procedures. Part 6 Control and audit of commputer applications: computer applications - general principles of conntrol
• control of networks and teleprocessing
• control of microcomputer systems. Part 7 Computer-assisted audit techniques: computer-assisted audit techniques
• audit enquiry programs
• evaluation and selection of enquiry programs
• enquiry program case study
• other computer-assisted audit techniques
• test data method.