Showing items 1 - 20 of 29

Your selections:

A control model for the evaluation and analysis of control facilities in a simple path context model in a MVS/XA environment

  • Authors: Damianides, Marios
  • Date: 2014-07-28
  • Subjects: Computer security , Computers - Access control , Auditing - Data processing
  • Type: Thesis
  • Identifier: uj:11839 , http://hdl.handle.net/10210/11571
  • Description: M.Com. (Computer Auditing) , The need to evaluate today's complex computer environments from an audit perspective has increased, particularly in viewof the disappearance of a paper audit trail and the inefficiencies of auditing "around" the computer in these environments. By making use of the Access Path and the Path Context Models, it was possible to carry out an evaluation of the MVS/XA environment. This evaluation was carried out using the methodology developed in this research essay. This methodology may have universal applicability in the evaluation of computer security. The concept of each layer in the access path being a "net", which only allows authorised users to drop to the next layer, was applied. It was found that each systems software component had sufficient facilities to meet the control objectives. The operating system itself, however, was found to present the installation with more risk factors than controls. It was therefore concluded that an external access control software package needs to be implemented to supplement the controls in this environment, if the control objectives are to be met. It was also concluded that the implementation of this package would not, in itself, solve all the security issues, and that the matrices developed should be used in the implementation of this package. This is a further indication of the usefulness of the model and the methodology. The applicability of the Access Path and the Path Context Models in the evaluation of the predefined environment has therefore been established.
  • Full Text:

A model for the evaluation of control with reference to a simple path context model in a UNIX environment

A model for the evaluation of risks and control features in ORACLE 7

  • Authors: Snyman, Elisna
  • Date: 2015-09-08
  • Subjects: ORACLE 7 (Computer system) , Database management , Auditing - Data processing
  • Type: Thesis
  • Identifier: uj:14059 , http://hdl.handle.net/10210/14475
  • Description: M.Com. , The proliferation of computers and the advances in technology introduced a number of new and additional management and control considerations. The inherent complexity of these environments has also increased the need to evaluate the adequacy of controls from an audit perspective. Due to the increasing use of database management systems as the backbone of information processing applications and the inherent complexities and diversity of these environments, the auditor is faced with the challenge of whether and to what extent reliance may be placed on the data contained in these databases...
  • Full Text:

A taxonomy of risks in rapid application development (RAD) projects

An audit perspective of data quality

An audit perspective of document management systems

  • Authors: Le Roux, Carl Francois
  • Date: 2014-02-18
  • Subjects: Electronic data processing - Management , Electronic data processing - Auditing
  • Type: Thesis
  • Identifier: uj:4103 , http://hdl.handle.net/10210/9450
  • Description: M.Com. (Computer Auditing) , Electronic document management has become an integral part of many modem organisations. This means that the auditor will have to come to grips with electronic document management and assess the risks the new technology will create and the impact this will have on his work and the achievement of his audit objectives. The main objective of this research will be to assess the impact of electronic document management on the auditors traditional audit procedures used to meet his objectives and how the auditor can ensure that his audit objectives of completeness, accuracy, validity and maintenance can still be achieved.
  • Full Text:

An evaluation of integrity control facilities in an AS/400 environment

  • Authors: Bosman, Michael Louis
  • Date: 2014-09-23
  • Subjects: Software protection - Evaluation , Auditing - Access control
  • Type: Thesis
  • Identifier: uj:12353 , http://hdl.handle.net/10210/12139
  • Description: M.Com. (Computer Auditing) , Both the auditor, faced with the task of determining an effective and efficient audit approach, as well as management, charged with implementing and monitoring need purer security, need to evaluate integrity controls. This need to evaluate integrity controls is increasing, due to the growing complexity of computer environments, the breakdown of the paper audit trail, and the replacement of application controls by integrity controls. By applying the Access Path and Path Context Models, an evaluation was performed of integrity controls and risks in an AS/400 environment. The operating system (08/400) was delineated into functional categories to assist in the evaluation, in a manner consistent with that outlined in the Access Path Model. It was found that sufficient integrity control facilities exist in an AS/400 environment to meet the control objectives, although several risks were identified which could only be addressed by application controls.
  • Full Text:

Application of the access path model with specific reference to the SAP R/3 environment

  • Authors: Pretorius, Maria Rebecca
  • Date: 2014-10-07
  • Subjects: Computer security , Data protection , Computers - Access control
  • Type: Thesis
  • Identifier: uj:12534 , http://hdl.handle.net/10210/12328
  • Description: M.Com. (Computer Auditing) , The management and control of modern day computer systems are becoming more and more trying due to the complexity of systems. This renders the traditional approach to evaluating controls in complex computer systems, inadequate and heightens the need for an alternative audit approach. The complex SAP R/3 environment will be evaluated in terms of security and validity of users and processes. This will be achieved through the use of an alternative audit approach namely, the application of the Access Path and Path Context Models (Boshoff 1985, 1990). The research methodology used during this research may indicate universal application implications for similar complex environments, although this has not yet been proved. The research showed that there are many control features available in the different software c.omponents of the SAP R/3 environment, that can be applied to control access and validity of users and processes. The duplication of control features provided by the software components, requires a global approach to security inthe defined environment. Only when evaluating the environment as a whole, will it be able to make the most effective security decisions. The use of the control matrices developed during this research will ease the global evaluation of the SAP R/3 environment. Although further research is required, the above has proven the usefulness of both the research methodology and the resultant model and matrices.
  • Full Text:

Audit and control of the teleprocessing monitor with specific reference to IBM's customer information control system (CICS)

Audit considerations in neural net based knowledge systems

  • Authors: Oosthuizen, Wouter
  • Date: 2014-05-08
  • Subjects: Expert systems (Computer science) , Neural networks (Computer science) , Audutung - Data processing
  • Type: Thesis
  • Identifier: uj:10956 , http://hdl.handle.net/10210/10529
  • Description: M.Com. (Computer Auditing) , Knowledge-based systems (KBS's) is one of the new and emerging technologies, and it is expected to impact dramatically on the information systems of the 1990's. As many of these systems impact business operations and have significant financial influence, auditors should be involved in the implementation of this emerging technology and should review it for the presence and continued operation of effective controls. Because this technology up to now has been tried only in limited environments, the relevant risk, control and audit issues are not always clearly defined. The objective of this essay will be to identify the risks, controls and audit considerations in a knowledge-based system environment, with special reference to neural networks. As neural networks have got the ability to modify themselves without any human intervention, this can have major audit implications - a topic which has not been dealt with before by the audit community.
  • Full Text:

Audit evaluation of the controls in the Adabas database management system

Audit risks in a database environment with specific reference to Oracle7

  • Authors: Wiid, Liné Cornette
  • Date: 2014-02-13
  • Subjects: Auditing - Data processing , Financial statements - South Africa , Risk management - Data processing , ORACLE 7 (Computer system)
  • Type: Thesis
  • Identifier: uj:3954 , http://hdl.handle.net/10210/9314
  • Description: M.Com. (Computer Auditing) , The objective of an independent audit of financial statements is to express an opinion on the fair presentation of the financial statements. The auditor should obtain sufficient audit evidence to enable him to draw conclusions to support the content of his report. The auditor should obtain an understanding of the entity's accounting system and related internal controls to assess their adequacy as a basis for the preparation of financial information and to assist in the designing of his audit procedures. If the auditor intends to rely on any internal controls, he should study and evaluate those controls. If a database system is used, it is logical that all the financial data reside in the database. In order for an auditor to express an opinion on the financial statements, he has to determine to what extent he can rely on the integrity of the financial data that resides in the database. The objective of this research was to identify the risks and controls present in a general database environment as well as those present in the Oracle? database management system environment, to develop a comparison table between these environments and to develop an Oracle? internal control questionnaire.
  • Full Text:

Audit risks when using CASE tools

Auditing analysis of IBM's information management system/virtual storage data-base/data communication (DB/DC) system

Auditing database integrity with special reference to UNIX and INFORMIX

Authorisation as audit risk in an information technology environment

Change management in a distributed data processing environment

Computer audit concerns in the client-server environment

  • Authors: Streicher, Rika
  • Date: 2014-02-13
  • Subjects: Client/server computing , Electronic data processing , Auditing - Data processing
  • Type: Thesis
  • Identifier: uj:3990 , http://hdl.handle.net/10210/9347
  • Description: M. Com. (Computer Auditing) , and peer-to-peer have taken the world by storm. Dramatic changes have taken place in the information technology of organisations that have opted to follow this trend in the quest for greater flexibility and access to all those connected. Though technology has already had far-reaching effects on business, many changes are yet to be seen. The threats associated with the continuing developments in computer technology have resulted in many traditional internal control processes changing forever. Although, according to the above, it is fairly common that the client-server technology brings with it new threats and risks with internal control processes having to change to address these threats and risks, not all areas have been addressed yet. It is therefore clear that computer audit has a role to play. The main objective of this short dissertation is to shed some light on the problem described above: How will the changes wrought by the client-server technology affect the traditional audit approach? In other words, how will the computer auditor narrow the gap that has originated between traditional established audit procedures and an audit approach that meets the new challenges of the client-server environment? This will be achieved by pinpointing the audit concerns that arise due to the fundamental differences between the traditional systems environment and the new client-server environment...
  • Full Text:

Fraud detection using data mining

  • Authors: Pienaar, Abel Jacobus
  • Date: 2014-02-10
  • Subjects: Computer crimes , Forensic accounting , Data mining
  • Type: Thesis
  • Identifier: uj:3733 , http://hdl.handle.net/10210/9112
  • Description: M.Com. (Computer Auditing) , Fraud is a major problem in South Africa and the world and organisations lose millions each year to fraud not being detected. Organisations can deal with the fraud that is known to them, but undetected fraud is a problem. There is a need for management, external- and internal auditors to detect fraud within an organisation. There is a further need for an integrated fraud detection model to assist managers and auditors to detect fraud. A literature study was done of authoritative textbooks and other literature on fraud detection and data mining, including the Knowledge Discovery Process in databases and a model was developed that will assist the manager and auditor to detect fraud in an organisation by using a technology called data mining which makes the process of fraud detection more efficient and effective.
  • Full Text:

Internal control and systems software, including analysis of MVS/XA SP 2.2

  • Authors: Boessenkool, Marnix Guillaume
  • Date: 2014-03-27
  • Subjects: Auditing - Data processing
  • Type: Thesis
  • Identifier: uj:4536 , http://hdl.handle.net/10210/9872
  • Description: M.Com. (Computer Auditing) , In this chapter the actual topic will be presented. The reason for this study will be motivated with reference to current audit developments. This chapter will also highlight the constraints of the study. This is necessary to clearly identify the application of this essay in practice. The reader of this essay should be able to identify the relevance and possible applications of this study after having read chapter 1. In the past few years substantial attention has been given to auditing aspects of system software. The way system software operates and interacts, and the impact on the auditability of computer based systems were issues discussed in the EDP auditing environment. Auditors are now concentrating on using technology to assist in the performance of their audit procedures. The reasons for this are multiple, but for the purposes of this document only the major reasons will be highlighted.
  • Full Text:
  • Disclaimer
  • Privacy
  • Copyright
  • Contact