Tuesday, January 14, 2014

Definition of Information System Audit

Definition of Information System Audit
Ron Weber ( 1999.10 ) suggests that audit information system are :" Information systems auditing is the process of collecting and evaluating evidence to Determine Whether a computer system safeguards assets , maintains data integrity , Allows organizational goals to be Achieved effectively , and uses resources efficiently " ." Auditing is the process of gathering information systems and assessment of evidence - the evidence to determine whether the computer system can safeguard assets , maintain data integrity , to encourage the achievement of organizational goals in an effective and efficient use of resources " .

 
Objectives of Information Systems Audit
Information Systems Audit Objectives can be grouped into two major aspects of IT ketatakelolaan , namely :a. Conformance ( Compliance ) - In the group 's goals focused information systems audit to obtain conclusions on the suitability aspects , namely : Confidentiality ( Confidentiality ) , Integrity ( Integrity ) , Availability ( Availability ) and Compliance ( Compliance ) .b . Performance ( Performance ) - At the destination group focused information systems audit to obtain conclusions on aspects of performance , namely : Effectiveness ( Effectiveness ) , Efficiency ( Efficiency ) , Reliability ( reliability ) .

According to Weber (1999 , pp106 - 107 ) AuditSistem types of information can be divided into three , namely :1 . Audit In Together ( Concurrent Audit )The auditor is a member of the team pengembangansistem , they assist the team in improving the quality of development for the specific system to be all that they wake up and implemented .

2 . After Implementation Audit ( Audit Postimplementation )Auditor helps organizations to learn from the experience of the development of the application system . Merekaakan evaluate whether the system needs to be stopped , continued or modified .

3 . General Audit ( General Audit )Auditors evaluate the overall control system development . They perform an audit to determine whether they can reduce the time of substantive testing needs to be done to provide an audit opinion on the financial statements ( as the demands of management ) or on the effectiveness and efficiency of the system.

According Wibowo , et.al. ( 2007) , IT governance ( IT Governance ) is the authority ( right ) and the decision -making structure of the organization leaders and managers to optimize and control the use of IT resources starting from the planning , implementation and monitoring / evaluation to achieve organizational goals by using certain mechanisms . While Weill (2004 ) defines IT governance as a specific framework for decision rights and accountability to encourage desirable behavior in the use of IT . IT governance is about systematically determining who makes each type of decision (the right to decide ) , who has input to a decision ( the right to provide input ) , and how these people ( the group ) are responsible for their respective roles . In line with the definition issued by ITGI ( IT Governance Institute ) , IT governance is the responsibility of the board of directors and executive management . IT governance is an integral part of corporate governance ( corporate governance ) which consists of leadership (leadership ) , strukturstruktur organization , and processes that ensure that the IT organization to support and expand the organization's strategies and goals ( Grembergen , et.al. , 2004) . Of the three definitions , we can conclude that governance emphasizes on anyone involved in the decision-making and the right as well as the processes that ensure optimal use of IT resources and in accordance with what the organization wants .
According to Peterson ( 2003) , IT governance broader in scope than the IT Management ( IT Management ) . IT management is focused on providing IT services and products effectively to the internal organization and management of IT operations today . Meanwhile , IT governance focus on the display and transforming IT to meet business needs ( internal focus ) current and future , and to meet customer needs ( external focus ) . Therefore , IT governance aims to maximize the potential of existing resources , and avoid overlapping allocation of time , cost and human resources , as well as reducing the risk in the development of IT in order to ensure IT investments can provide optimal results .
One of the IT resources are IT infrastructure . According to Weill (2004 ) , in the implementation of IT governance there are five areas of decisions that must be considered , one of which decisions about IT infrastructure ( IT infrastructure decisions ) . Making the right decisions about IT infrastructure that is used on this organization can be supported by the IT infrastructure governance is good ( good IT infrastructure governance) . With the implementation of good governance IT infrastructure will encourage the achievement of good governance ( good governance IT ) on the organization .
IT Governance Focus AreasAs for the area of ​​focus in the management of information technology governance , divided into five main areas ( ITGI , 2007) :• Strategic Alignment , focusing on how to achieve the vision and mission of an organization that is aligned with the business goals of the organization.• Value Delivery , focuses on how to optimize the added value of information technology in achieving the vision and mission of an organization .• Resources Management , focusing on how the resources and infrastructure to meet the optimal use , relating to the optimal investment of the use of existing IT . Perform appropriate management , information technology resources as for critical , include : applications , information , infrastructure and human resources . And important matters relating to the optimization of existing knowledge and infrastructure .• Risk Management , focusing on how to perform the identification of possible risks that exist , and how to cope with the impact of these risks .• Performance Measurement , focuses on how to measure and monitor performance of information technology and adjust the use of IT in accordance with the business needs of the organization .The purpose of IT GovernanceIT governance is the responsibility of management in an organization , so how IT can become more efficient and effective in supporting the business processes are executed . So the goal of IT governance is to control the use of IT in ensuring that performance meets and in accordance with the objectives , as follows :• Aligning IT with corporate strategy and the realization of the benefits that have been promised from the application of IT .• Use of information technology enables companies take the opportunities that exist , as well as maximizing the use of IT to maximize the benefits of the application of IT .• Responsible for the use of IT resources .• Management of existing risks related to information technology appropriately .

Artikel Terkait

0   komentar

Post a Comment

Cancel Reply

Google+ Followers

Demo