Abstract
M.Comm.
Use of the Internet is currently exploding, with the commercial benefits of trading on the Internet beginning to take off. Management are still responsible for the implementation of adequate and effective controls, and auditors the evaluation thereof. To add to the risk that the auditor faces, at "the click of a button, we can initiate a worldwide transaction that will result in a profitable venture or a financial disaster. The speed of today's electronic communications precludes manual interception" (Bernstein, et al. 1996:21). The objective of this dissertation is to provide guidelines to the information systems auditor (ISA), to audit the controls implemented by management using firewall techniques, and the policies and procedures controlling the firewalls, to ensure the validity of Internet packets passed between the external network and the enterprise's internal network with specific limitations and exclusions.