The auditing of the accounting information systems, just a good behaviour certificate?
Author:
PhD. Adrian MUNTEANU
JEL:
DOI:
Keywords:
review, assessment, data, risk, applications control, practices, electronic signature
Abstract:
There is no Romanian tradition of IT system development and thus no certain specific practice of their control. We notice that until mid-2003 there was no mention of information system auditing in Romania. Certified public accountants and financial auditors should also cover this field during their accounting tasks due to the auditing standards adopted.\r\n\r\nFor most of the domestic financial audit tasks, the focus is on financial statements control and not on the means through which these results were achieved. In 2003, Order no. 1077 was issued, concerning the conditions in which the fiscal invoices with special printing, number assigning status, used in accounting and finance, shall be edited in single copy. 1077 is the first normative act which makes reference to information systems auditing, even though it is limited to the third-party audit of the system security plan of a company by a Computer Information Systems Auditor (CISA). To put it differently, this is a conformity audit and not a security one!