History of information technology auditing

From Wikipedia, the free encyclopedia

Information Technology Auditing (IT auditing) began as Electronic Data Process (EDP) Auditing and developed largely as a result of the rise in technology in accounting systems, the need for IT control, and the impact of computers on the ability to perform attestation services. The last few years have been an exciting time in the world of IT auditing as a result of the accounting scandals and increased regulation. IT auditing has had a relatively short yet rich history when compared to auditing as a whole and remains an ever changing field.

Contents

[edit] Beginning

The introduction of computer technology into accounting systems changed the way data was stored, retrieved and controlled. It is believed that the first use of a computerized accounting system was at General Electric in 1954. During the time period of 1954 to the mid-1960s, the auditing profession was still auditing around the computer. At this time only mainframe computers were used and few people had the skills and abilities to program computers. This began to change in the mid-1960s with the introduction of new, smaller and less expensive machines. This increased the use of computers in businesses and with it came the need for auditors to become familiar with EDP concepts in business. Along with the increase in computer use, came the rise of different types of accounting systems. The industry soon realized that they needed to develop their own software and the first of the generalized audit software (GAS) was developed. In 1968, the American Institute of Certified Public Accountants (AICPA) had the Big Eight (now the Big Four) accounting firms participate in the development of EDP auditing. The result of this was the release of Auditing & EDP. The book included how to document EDP audits and examples of how to process internal control reviews.

Around this time EDP auditors formed the Electronic Data Processing Auditors Association (EDPAA). The goal of the association was to produce guidelines, procedures and standards for EDP audits. In 1977, the first edition of Control Objectives was published. This publication is now known as Control Objectives for Information and related Technology (CobiT). CobiT is the set of generally accepted IT control objectives for IT auditors. In 1994, EDPAA changed its name to Information Systems Audit and Control Association (ISACA). The period from the late 1960s through today has seen rapid changes in technology from the microcomputer and networking to the internet and with these changes came some major events that change IT auditing forever.

The formation and rise in popularity of the Internet and E-commerce have had significant influences on the growth of IT audit. The Internet influences the lives of most of the world and is a place of increased business, entertainment and crime. IT auditing helps organizations and individuals on the Internet find security while helping commerce and communications to flourish.

[edit] Major Events

There are four major events in U.S. history have had significant impact on the growth of IT auditing. These are the Equity Funding scandal, the development of the Internet and E-commerce, the 1998 IT failure at AT&T, and the Enron and Arthur Andersen LLP scandal.

These events have not only heightened the need for more reliable, accurate, and secure systems but have brought a much needed focus to the importance of the accounting profession. Accountants certify the accuracy of public company financial statements and add confidence to financial markets. The heightened focus on the industry has brought improved control and higher standards for all working in accounting, especially those involved in IT auditing.

that's why IT has brought a lot of changes in the foirld of science and technology.

[edit] Equity Funding Corporation of America

The first known case of misuse of information technology occurred at Equity Funding Corporation of America. Beginning in 1964 and continuing on until 1973, managers for the company booked false insurance policies to show greater profits, thus boosting the price of the stock of the company. If it wasn’t for a whistle blower, the fraud may have never been caught. After the fraud was discovered, it took the auditing firm Touche Ross two years to confirm that the insurance policies were not real. This was one of the first cases where auditors had to audit through the computer rather than around the computer.

[edit] AT&T

In 1998 AT&T suffered an IT failure that impacted worldwide commerce and communication. A major switch failed due to software and procedural errors and left many credit card users unable to access funds for upwards of 18 hours. Events such as this bring to the forefront our reliance in IT services and remind us of the need for assurance in our computer systems.

[edit] Enron and Arthur Andersen

The Enron and Arthur Andersen LLP scandal led to the demise of a foremost Accounting firm, an investor loss of more than 60 billion dollars and the largest bankruptcy in U.S. history. Arthur Andersen was recently found guilty of obstruction of justice for their role in the collapse of the energy giant. This scandal had a significant impact on the Sarbanes-Oxley Act and was a major self-regulation violation.

[edit] September 11th Terrorist Attacks

The terrorist attacks of September 11, 2001 left the americans feeling vulnerable and afraid. The economic market began to fall and all realized the most powerful nation in the world was susceptible to attack. September 11th paved the way for The Homeland Security Act and the increased regulation and security of the electronic infrastructure.

[edit] Future

IT auditing is future of the accounting profession. We no longer live in a world where company dynamics and financial state can be determined without the use of computers. The rapid rise in information technology cannot be denied and must be utilized in order to succeed. IT auditing adds security, reliability and accuracy to the information systems integral to our lives. Without IT auditing we would be unable to safely shop on the internet or control our identities. The role IT auditors play maybe unknown to most but it impacts the lives of all. As history continues we will continue to see the rise of this up and coming profession.

[edit] References

  • Senft, Sandra; Manson, Danial P. PhD; Gonzales, Carol; Gallegos, Frederick (2004). Information Technology Control and Audit (2nd Ed.). Auerbach Publications. ISBN 0-8493-2032-1

[edit] See also

[edit] External links