The Foreign Corrupt Practices Act of 1977, coupled with growing demands for corporate accountability, have forced both auditors and computer administrators to evaluate computer based controls. Computer administrators can benefit from both a knowledge of an auditor's approaches to evaluating controls and his/her recommendations for control improvements. Here, a survey of the control evaluation practices and desirable control features identified by computer auditors is presented, along with recommendations to ease the burden of the auditor's review. The authors' suggestions should ease the tasks of internal control analysis and of preparation for possible public reports on an organization's system of internal control.
The Latest from CACM
Shape the Future of Computing
ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.
Get InvolvedCommunications of the ACM (CACM) is now a fully Open Access publication.
By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.
Learn More
Join the Discussion (0)
Become a Member or Sign In to Post a Comment