![]() | Only 14 pages are availabe for public view |
Abstract Nowadays, information technology plays an important role in developing business organizations and support virtually all aspects of operations. In particular, it captures, stores, analyzes, and processes tremendous amounts of data and information. This rapid advancement and sheer volume of electronic transactions simply indicate that traditional auditing techniques are no longer either applicable or efficacious. In other words, they are no longer capable of keeping the integrity of an organization’s transactions. According to the importance of auditing the computerized information systems, this thesis proposes to develop a framework of comparison between auditing methodologies of computer based information systems in order to recommend a suitable auditing methodology matching the development of information technology and appropriate to the Generally Accepted Auditing Standards (GAAS).The implementation of comparison between auditing methodologies depends on a group of selected criteria; auditing criteria which includes the field work standards (Adequate planning, understanding of internal control and Sufficient Evidential matter). And IT criteria that contains, IS security and risks, audit feasibility, electronic disclosure, Audit software techniques and information quality. This thesis merged the theoretical contents with the practitioner’s responds from the field study during implementation of the comparison between auditing methodologies to give more results. In addition, the thesis introduced a practical solution to determine the information system reliability by testing and evaluating the IT controls that include general controls, application controls and security controls. This was conducted through designing and implementing audit software to help auditors in making decisions to complete the audit procedures by relying on information system controls or withdrawing from auditing process. |