This paper summarizes the contents of course CIS7006-8 ‘Foundations of Computer Network Auditing’ at Northcentral University. The course covers information technology (IT) audits and control, IT governance, the IT legal environment, and IT risks. The course also outlines the significant impact on the development of the audit profession by the passage of the Sarbanes-Oxley Act (SOX) in 2002. As the profession continues to evolve, IT auditing has become a segment of the auditing profession that involves attesting to automated controls and compliance with the legal and regulatory environment. The audit profession also contributes to the strengthening of the corporate governance regime within publicly traded business entities. The huge responsibilities of the modern auditor calls for technical competencies and training. Using peer-reviewed articles as a basis of the discussions, this current paper posits that IT is ubiquitous in every business, and the successful implementation and effective management of the IT audit function calls for a thorough understanding of the legal environment.
Signature Assignment
Northcentral University’s course number CIS7006-8 called ‘Foundations of Computer Network Auditing,’ is a Doctoral level course at the School of Business and Technolgy. The course covers the audit profession with particular references to the internal auditor (IA) and the IT auditor. CIS7006-8 outlines IT audits and control, IT governance, the IT legal environment, and IT risks. Additionally, the course involves the discussion of the significance of the passage of the Sarbanes-Oxley Act (SOX) in 2002, in response to failures in corporate governance in several multinational organizations, including Enron, WorldCom, He...
... middle of paper ...
...nal Auditor, 70(2), 7.
Schneider, A. (2009). The nature, impact and facilitation of external auditor reliance on internal auditing. Academy of Accounting and Financial Studies Journal, 13(4), 41-53. Retrieved from http://search.proquest.com.proxy1.ncu.edu/docview/213973798?accountid=28180
Schneider, G. P., & Bruton, C. M. (2007). Sarbanes-Oxley compliance: new opportunities for information technology professionals. Academy of Information and Management Sciences Journal, 10(2), 79-89. Retrieved from http://search.proquest.com.proxy1.ncu.edu/docview/214627282?accountid=28180
Senft, S., Gallegos, F., & Davis, A. (2013). Information technology control and audit. (Fourth Ed.). Boca Raton, FL. Auer Bach Publications.
Susmanschi, G. (2012). Internal audit as an attribute of management during the economic crisis. Centre for European Studies (CES) Working Papers, 4(3), 419.
A Guide to the Sarbanes-Oxley Act of 2002 (2006). Retrieved December 16, 2009 from www.soxlaw.com
It has been a decade since the Sarbanes-Oxley Act became in effect. Obviously, the SOX Act which aimed at increasing the confidence in the US capital market really has had a profound influence on public companies and public accounting firms. However, after Enron scandal which triggered the issue of SOX Act, public company lawsuits due to fraud still emerged one after another. As such, the efficacy of the 11-year-old Act has continually been questioned by professionals and public. In addition, the controversy about the cost and benefit of Sarbanes-Oxley Act has never stopped.
Consistent accounting and financial frauds in the U.S. alerted the SEC to the imperative need for policy and corporate governance changes. The Sarbanes-Oxley Act in 2002 was enacted to encourage financial disclosures, enhance corporate responsibility, and combat fraudulent behaviour. This Act also helped create the PCAOB, which oversees the auditing practice (Stanwick & Stanwick 2009).
Dey, A. (2010). The Chilling Effect of Sarbanes-Oxley: A Discussion of Sarbanes-Oxley and Corporate Risk-Taking. Journal of Accounting And Economics, 49(1-2), 53-57. doi:http://proxy.ulib.csuohio.edu:2279/10.1016/j.jacceco.2009.06.003
In 2002, Congress passed the Sarbanes-Oxley Act (SOX) to strengthen corporate governance and restore investor confidence. The act’s most important provision, §404, requires management and independent auditors to evaluate annually a firm’s internal financial-reporting controls. In addition, SOX tightens disclosure rules, requires management to certify the firm’s periodic reports, strengthens boards’ independence and financial-literacy requirements, and raises auditor-independence standards.
Throughout the past several years major corporate scandals have rocked the economy and hurt investor confidence. The largest bankruptcies in history have resulted from greedy executives that “cook the books” to gain the numbers they want. These scandals typically involve complex methods for misusing or misdirecting funds, overstating revenues, understating expenses, overstating the value of assets or underreporting of liabilities, sometimes with the cooperation of officials in other corporations (Medura 1-3). In response to the increasing number of scandals the US government amended the Sarbanes Oxley act of 2002 to mitigate these problems. Sarbanes Oxley has extensive regulations that hold the CEO and top executives responsible for the numbers they report but problems still occur. To ensure proper accounting standards have been used Sarbanes Oxley also requires that public companies be audited by accounting firms (Livingstone). The problem is that the accounting firms are also public companies that also have to look after their bottom line while still remaining objective with the corporations they audit. When an accounting firm is hired the company that hired them has the power in the relationship. When the company has the power they can bully the firm into doing what they tell them to do. The accounting firm then loses its objectivity and independence making their job ineffective and not accomplishing their goal of honest accounting (Gerard). Their have been 379 convictions of fraud to date, and 3 to 6 new cases opening per month. The problem has clearly not been solved (Ulinski).
Recently, IT governance has been a mainly factor for fulfill business need from investing in IT area. In addition, Sarbanes-Oxley Act (SOX) mentioned IT governance issues for enhancing internal contro...
List and briefly describe the elements of the 7 Component Framework Industry Standards for Auditing and Monitoring
Web. The Web. The Web. 26 Jan. 2014. Corporate Accountability International.
Corporate governance changed drastically after the case of Andersen Auditors, Enron’s auditing service showed that they contributed to the scandal. Andersen was originally founded in 1913, and by taking tough stands against clients, quickly gained a national reputation as a reliable keeper of the people’s trust (Beasley, 2003). Andersen provided auditing statements with a ‘clean’ approval stamp from 1997 to 2001, but was found guilty of obstructing justice by shredding evidence relating to the Enron scandal on the 15th June 2002. It agrees to cease auditing public companies by 31 August (BBC News, 2002).
The evolution of auditing is a complicated history that has always been changing through historical events. Auditing always changed to meet the needs of the business environment of that day. Auditing has been around since the beginning of human civilization, focusing mainly, at first, on finding efraud. As the United States grew, the business world grew, and auditing began to play more important roles. In the late 1800’s and early 1900’s, people began to invest money into large corporations. The Stock Market crash of 1929 and various scandals made auditors realize that their roles in society were very important. Scandals and stock market crashes made auditors aware of deficiencies in auditing, and the auditing community was always quick to fix those deficiencies. The auditors’ job became more difficult as the accounting principles changed, and became easier with the use of internal controls. These controls introduced the need for testing; not an in-depth detailed audit. Auditing jobs would have to change to meet the changing business world. The invention of computers impacted the auditors’ world by making their job at times easier and at times making their job more difficult. Finally, the auditors’ job of certifying and testing companies’ financial statements is the backbone of the business world.
Threats to Auditor Independence: The Impact of Relationship and Economic Bonds. By: Ping Ye; Carson, Elizabeth; Simnett, Roger. Auditing, Feb2011, Vol. 30 Issue 1, p121-148, 28p, 1 Diagram, 6 Charts; DOI: 10.2308/aud.2011.30.1.121
The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.
Audit is a process to evaluate and review the accounts and financial statement objectively. We can divide it into internal auditors and external auditors. Internal auditors have a inner knowledge of business process. Auditor has access to the much confidential information and all levels of management. But they may lose their judgement and they are not acceptable by the shareholder. “The overall objective of the external auditors is to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to report on the financial statements in acco...
The major characters of the tradition audit are all information what is needed by auditors are on the paper and the manual calculators and without high communication technology. Auditors usually were limited by the place in the paper time. When a several people are working on the same auditing project for a client with offices in cities across the country, even worldwide, it takes a lots all time those auditors get the information which they need from the client, even there is risk paper information disappear for many reasons. on the another hand, mail paper information increase the auditing cost. The mistake caused by the manual calculators inevitably, no matter how fixed auditors concentrate on recalculate is, after all auditors are human. The global business become major in the modern business world, some example, several auditors who are in different locations are working a same auditing project, or auditors are in different city even country with the client, when there is issue among these auditors or between auditors and client, they only can communicate with each other by phone or be together and have meeting. Phone call can not make sure information been watched in the same time when the voice is talking about the issue, but having a meeting takes time and money make all people together, it increases auditing cost.