Definition of Information Technology
There is no standard or official definition of “Information Technology”. Every author has his own comprehension and interpretation but his illustration is similar with others. I prefer to Professor Rajaraman’s statement that Information Technology may be defined as the technology that is used to acquire, store, organize, process, and disseminate processes data which can be used in specified applications (2013, p. 1).[1] Information Technology system contains four essential components which are hardware, software, data and people (ITL Education Solutions Limited, 2006, p. 178).[2] Therefore, we can infer that the Information Technology (IT) industry is industry which involved in manufacture physical equipment such as computers, routers and mobile devices to make people available to operate, research and develop software to access and process data. For instance, telecommunication entities, telephone and computer manufacturers, internet application developers are considered as members of IT industry.
Current situation of IT industry
In the report of TEKsystems’ Annual IT Forecast 2014 (2014, p.3), [3] IT industry (excluding telecommunications) occupies 29% of the whole industry pie among ten main industries and become the biggest part in 2013. In addition, the ICT industry trade association released news titled “Positives outweigh challenges” and forecasted that the IT industry is likely grows moderate in 2014 (2014). [4]
Inherent risk in IT industry
As the rapid development of information technology, IT industry expands its business to most parts of our life, for example, media, education, publication, manufacturing, mobile computing, public sector, defence services, and so forth. The products ...
... middle of paper ...
...r whether its internal controls are able to address new risks. Monitoring occurs both on an ongoing basis and one-time evaluations. Risk monitoring not only evaluates the performance of risk-reducing measures but also serves as a continuing audit function (Bandyopadhyay, Mykytyn, & Mykytyn, 1999). [13] Internal audit activities can test the design and effectiveness of internal controls and find out potential material misstatements in the financial report.
Conclusion
As an emerging high-tech and wide applied industry, IT industry has relatively high inherent risks even effected by other industries. In the process of development, managers and auditors keep seeking effective and efficient internal controls to reduce the risks as possible. When audit a company operating in IT industry, auditors need to consider the size and complexity, especially the technical risks.
In his article, Nicholas G. Carr discusses the future of information technology and how it will change from something that each individual company will have to produce themselves, to a system where larger companies can purchase it from an outside corporation as a utility. He begins by comparing the future of IT to what happened to electricity and how it underwent a change from a luxury to a commodity. He explained how this transformation underwent its course due to the fact that a single innovator, Samuel Insull, was able to innovate technology in a new way to create a form of mass electrical energy production. Innovations such as him are necessary for the future of the world and specifically information technology,
As good risk management can not only help to keep company’s established value, they can also assist in capitalizing and identifying to create value. According to principle 7 recommend to have an internal audit faction, the role of internal auditor is to help the board monitor and manage risk directly.(ASX 2014).
In his 2003 article ‘IT Doesn’t Matter’, Nicholas Carr charts the evolution of Information Technology from the invention of the microprocessor in 1968 to present day omnipresence of IT solutions. His bone of contention with IT is not concerned with its widespread presence, but the magnified costs involved in the upkeep of IT infrastructure. He wants to bulldoze the myth that increased IT spending will culminate in higher returns and better profits. Acknowledging that though “Information technology has become the backbone of commerce” (Carr, 2003), he notes that its omnipresence works against its strategic advantage.
IT, "Information Technology", refers to anything related to computing technology, such as networking, hardware, software, Internet, or the people that work with these technologies. Many companies have IT departments for managing the computers, networks, and other technical areas of businesses. IT jobs include network administration, computer engineering, Web development, technical support, and many other related occupations. That means "IT" already highly overused, is here to stay.
Assessing audit risk correctly and completely is important to the beginning of a successful audit. Not only should an auditor have an understanding of the individual risk factors of the company itself, but also how those risk factors are affected by external influences. A crucial external influence affecting audit risk is the state of the economy. When an economy enters a recession or an economy bubble bursts, there is a greater likelihood that inherent risk and control risk will increase. These increases are mainly driven by the sudden pressure placed on employees and management to keep the appearance of a positive financial status, which sometimes leads to fraudulent activity.
A good internal audit mechanism helps in detecting the frauds at an early stage so that the financial losses may be minimized. Operational audits can be taken up to review the effectiveness, efficiency, and economy of operation. It helps in identifying the risks faced by the organization and has an opportunity to improve controls. The external auditor should also try to obtain sufficient and appropriate audit evidence to be able to draw reasonable conclusions using which audit evidence is provided. Sudden checks have to be planned by the management to keep the staff alert and updated. The audit unit should be established separately, and proper vigilance and guidance are to be provided to them in order to check the frauds at an early stage. The staff, management and the executive officers of the organization have to work for the common good of all the stakeholders of the organization and should follow moral and ethical values while carrying on their
Auditors have an ethical responsibility to ensure that the financial statements are presented fairly. Auditors are also responsible for “detecting material fraud and reporting it to the board of directors.” (Mintz, p. 152) An assessment of business risk will help auditors to determine if there is confidence that they can trust management to provide the information to adequately complete the audit. If there is too much business risk, there is a good change that the auditor may not be able to meet their ethical obligations.
The first is that the concept of information technology comprises two very distinct economic activities: an all-purpose machine (the PC) and its enabling applications and a medium (the internet). Capital assets as distinct from media assets are governed by different economic principles, should be managed differently and be the subject of different philosophical points of view.
In this approach, the focus will be on the internal control objectives so that the control design can be well assessed. First, the auditor will define the control measures and objectives and then find out which measures already installed meet the objectives (Tyrer, 1994).
Firstly, external auditors need inquiry the tone of the top, because it can affect the culture, ethical behaviors and management of company, and also have an influence on completing expected value and internal budget. The auditors and the company negotiated the audit objectives, including the focus of audit content. The company authorized to audit staff, through a dedicated data port on the system to do real-time monitoring. We found the problem, real-time notification of the Board of Directors. Besides, auditors should estimating the significance and likelihood of occurrence of the risks that mentioned in the last part. Auditors can separately establish a risk control model based on the type of transaction and project data may exist for projects focusing on monitoring. As for the control activities, auditors should check the accuracy and completeness of transactions in information processing and comparing actual finance to budget. When data is present and anticipated significant differences, the company needs to inform the auditor investigation. During the planning phase, called by the auditors customers ' financial information, analyze the customer 's financial status, risk may exist to predict. Entry tickets for all of the company and the project should be documented, to ensure that all are kept in the company safe. For the number of items and bills, funds and stocks, the staff has
Internal control is designed and implemented by an entity's management to provide assurance regarding the achievement of objectives of effectiveness and efficiency of operations, reliability and timeliness of financial reporting, prevention and detection of fraud and error, and compliance with applicable laws and regulations. Besides, internal control plays a vital role in how management meets its stewardship or agency responsibilities. An entity's internal control extends beyond those matters that relate directly to the functions of the accounting system; and it consists of the following five components which are the control environment, the entity's risk assessment process, the information system and related business processes
Information Technology (IT) is a foundation for conducting business today. It plays a critical role in increasing productivity of firms and entire nation. It is proven that firms who invested in IT have experienced continued growth in productivity and efficiency. Many companies' survival and even existence without use of IT is unimaginable. IT has become the largest component of capital investment for companies in the United States and many other countries.
The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.
In today¡¦s advancing technology state, one must be aware of information management systems and how they are shaping lives. Many industries are involved in information technology, and it is that technology which enables them to survive. Five major industries are health, services, manufacturing, finance, and retail. It is hard to say which one is affected more by technology because they all are in their own individual ways. The topics of IT they all share, but the way that information technology is used and introduced in each industry makes them different. In such a highly competitive environment, businesses need to take advantage of all the technology they can in order to survive and gain the upper hand. This semester, I focused on the manufacturing industry because it is how many of products become products and how they are brought to us, the consumer.
Information Technology is a collection of hardware, equipment, and applications which running to store, transfer and sharing data. Information technology has improved and developed the world which we live; it is hard to dispense with the technique, nowadays people cannot live without it because it dramatically affected their lives and the scientific process, people use technology in many areas in life, such as work, education, health and others. So they must understand the mechanism of action of these devices and how to handle them. People need to know more about the technology on computers, also they need to know about mobiles phone technology, in addition people need to know about how the technology affects our lives.