The role of informational systems audit within financial audit

Author:University professor, PhD. Pavel NĂSTASE



Keywords:IS audit, confidentiality, integrity, availability, digital signature, Public Key Infrastructure (PKI), digital certificate

The Management Information Systems become today the core of business proceses because it involves any commercial or business activity that takes place by means of electronic facilities(buy and selling online), including on the Internet, proprietary networks and home banking, instead of through direct physical exchange or contact. This system creates an environment that operates at a much greater speed than traditional methods and involves much less paper–based evidence of activities. \r\nThis paper tries to present the role of IS auditing in the financial auditing in order to minimize the audit risk. Risks may include ensuring system confidentiality, reliability and integrity as well as the availability of technical expertise to manage the information technology environment, how regulatory changes may impact on operations, privacy and potential fraud considerations. \r\nAppropriate security mechanisms must be implemented to ensure the confidentiality and the integrity of data, whether stored or in transit, including: firewalls to restrict access to the network, encryption technology to prevent unauthorized interpretation of data, monitoring of activities through audit logs, virus protection, change control procedures, physical security measures to prevent unauthorized access to information stored on computer hardware and the maintenance of secure backup facilities for data and critical computer software. \r\nAn effective Public Key Infrastructure (PKI), incorporating digital certificates and signatures, or other viable security alternatives should be used to ensure both authentication and non-repudiation of the transactions.\r\n