Information systems auditing – legislation and standards

Dimitrova, Janka and Andonovski, Miroslav and Temjanovski, Riste and Dimitrova, Eftimija (2016) Information systems auditing – legislation and standards. International Balkan and near eastern social sciences conference series (IBANESS). ISSN 978-9989-695-56-8

[thumbnail of Information systems auditing - legislation and standards.pdf]
Information systems auditing - legislation and standards.pdf

Download (385kB) | Preview
[thumbnail of janka.pdf]

Download (1MB) | Preview


The second half of the 20-th and early 21-st century, marked the expansive growth of ICT and software solutions that invaded all spheres of everyday life and work. Effective management of ICT is essential not only for the successful execution of daily activities and processes, but also in achieving the strategic goals of each company. ICT management is not only management costs incurred in doing business operations but also control of their efficiency and security, since advances in technology may result in increased exposure to operational risks. Enterprises should have an adequate system of internal control which is consistent with the nature, complexity and risk profile of operations.
According to the legislation, it is mandatory the establishment of internal audit service as an independent department within the internal organizational structure, and conducting an external audit to verify the information presented in the financial statements. The Internal Audit provides objective and independent assessment of the adequacy and effectiveness of the internal control system, the accuracy of accounting records and financial statements, compliance with internal policies and procedures, and with laws and regulations that are in force, as well as general efficiency operations. As an indispensable part of the operation or the scope of the internal audit is an evaluation of the adequacy and effectiveness of processes and control mechanisms in information systems. Also and the external audits, which are mandatory and are performed annually, among other should provide opinion and assessment of the information security in terms of its compliance with the work and objectives of the company, data protection and established control systems.

Keywords: audit, control, information systems, information technology, management

Item Type: Article
Subjects: Social Sciences > Economics and business
Divisions: Faculty of Economics
Depositing User: Janka Dimitrova
Date Deposited: 16 Dec 2016 11:05
Last Modified: 16 Dec 2016 11:05

Actions (login required)

View Item View Item