A control model for the evaluation and analysis of control facilities in a simple path context model in a MVS/XA environment
- Authors: Damianides, Marios
- Date: 2014-07-28
- Subjects: Computer security , Computers - Access control , Auditing - Data processing
- Type: Thesis
- Identifier: uj:11839 , http://hdl.handle.net/10210/11571
- Description: M.Com. (Computer Auditing) , The need to evaluate today's complex computer environments from an audit perspective has increased, particularly in viewof the disappearance of a paper audit trail and the inefficiencies of auditing "around" the computer in these environments. By making use of the Access Path and the Path Context Models, it was possible to carry out an evaluation of the MVS/XA environment. This evaluation was carried out using the methodology developed in this research essay. This methodology may have universal applicability in the evaluation of computer security. The concept of each layer in the access path being a "net", which only allows authorised users to drop to the next layer, was applied. It was found that each systems software component had sufficient facilities to meet the control objectives. The operating system itself, however, was found to present the installation with more risk factors than controls. It was therefore concluded that an external access control software package needs to be implemented to supplement the controls in this environment, if the control objectives are to be met. It was also concluded that the implementation of this package would not, in itself, solve all the security issues, and that the matrices developed should be used in the implementation of this package. This is a further indication of the usefulness of the model and the methodology. The applicability of the Access Path and the Path Context Models in the evaluation of the predefined environment has therefore been established.
- Full Text:
- Authors: Damianides, Marios
- Date: 2014-07-28
- Subjects: Computer security , Computers - Access control , Auditing - Data processing
- Type: Thesis
- Identifier: uj:11839 , http://hdl.handle.net/10210/11571
- Description: M.Com. (Computer Auditing) , The need to evaluate today's complex computer environments from an audit perspective has increased, particularly in viewof the disappearance of a paper audit trail and the inefficiencies of auditing "around" the computer in these environments. By making use of the Access Path and the Path Context Models, it was possible to carry out an evaluation of the MVS/XA environment. This evaluation was carried out using the methodology developed in this research essay. This methodology may have universal applicability in the evaluation of computer security. The concept of each layer in the access path being a "net", which only allows authorised users to drop to the next layer, was applied. It was found that each systems software component had sufficient facilities to meet the control objectives. The operating system itself, however, was found to present the installation with more risk factors than controls. It was therefore concluded that an external access control software package needs to be implemented to supplement the controls in this environment, if the control objectives are to be met. It was also concluded that the implementation of this package would not, in itself, solve all the security issues, and that the matrices developed should be used in the implementation of this package. This is a further indication of the usefulness of the model and the methodology. The applicability of the Access Path and the Path Context Models in the evaluation of the predefined environment has therefore been established.
- Full Text:
Packaged software : security and controls audit review
- Authors: Van Heerden, Chris
- Date: 2015-09-15
- Subjects: Auditing - Data processing , Software protection , Database security
- Type: Thesis
- Identifier: uj:14103 , http://hdl.handle.net/10210/14536
- Description: M.Com. , In recent years large organisations that developed mainframe application software in-house are now purchasing software packages to replace these applications. These advanced packages incorporate a high level of integration and include security and control features to ensure that the integrity of input, processing, output and storage are maintained. Computer auditors are required to evaluate these advanced packaged software to ensure that the security and control features are adequate and comply with organisational standards. Furthermore, they must ensure that the integrity of information systems programs and data are maintained ...
- Full Text:
- Authors: Van Heerden, Chris
- Date: 2015-09-15
- Subjects: Auditing - Data processing , Software protection , Database security
- Type: Thesis
- Identifier: uj:14103 , http://hdl.handle.net/10210/14536
- Description: M.Com. , In recent years large organisations that developed mainframe application software in-house are now purchasing software packages to replace these applications. These advanced packages incorporate a high level of integration and include security and control features to ensure that the integrity of input, processing, output and storage are maintained. Computer auditors are required to evaluate these advanced packaged software to ensure that the security and control features are adequate and comply with organisational standards. Furthermore, they must ensure that the integrity of information systems programs and data are maintained ...
- Full Text:
Authorisation as audit risk in an information technology environment
- Authors: Kruger, Willem Jacobus
- Date: 2014-02-05
- Subjects: Auditing - Access control. , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:3679 , http://hdl.handle.net/10210/9062
- Description: M.Comm. , Please refer to full text to view abstract
- Full Text:
- Authors: Kruger, Willem Jacobus
- Date: 2014-02-05
- Subjects: Auditing - Access control. , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:3679 , http://hdl.handle.net/10210/9062
- Description: M.Comm. , Please refer to full text to view abstract
- Full Text:
The need to audit executive information systems
- Authors: Van den Berg, Marius
- Date: 2014-05-13
- Subjects: Management information systems - Auditing , Decision making - Management
- Type: Thesis
- Identifier: uj:11035 , http://hdl.handle.net/10210/10607
- Description: M.Comm. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
- Authors: Van den Berg, Marius
- Date: 2014-05-13
- Subjects: Management information systems - Auditing , Decision making - Management
- Type: Thesis
- Identifier: uj:11035 , http://hdl.handle.net/10210/10607
- Description: M.Comm. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
An audit perspective of document management systems
- Authors: Le Roux, Carl Francois
- Date: 2014-02-18
- Subjects: Electronic data processing - Management , Electronic data processing - Auditing
- Type: Thesis
- Identifier: uj:4103 , http://hdl.handle.net/10210/9450
- Description: M.Com. (Computer Auditing) , Electronic document management has become an integral part of many modem organisations. This means that the auditor will have to come to grips with electronic document management and assess the risks the new technology will create and the impact this will have on his work and the achievement of his audit objectives. The main objective of this research will be to assess the impact of electronic document management on the auditors traditional audit procedures used to meet his objectives and how the auditor can ensure that his audit objectives of completeness, accuracy, validity and maintenance can still be achieved.
- Full Text:
- Authors: Le Roux, Carl Francois
- Date: 2014-02-18
- Subjects: Electronic data processing - Management , Electronic data processing - Auditing
- Type: Thesis
- Identifier: uj:4103 , http://hdl.handle.net/10210/9450
- Description: M.Com. (Computer Auditing) , Electronic document management has become an integral part of many modem organisations. This means that the auditor will have to come to grips with electronic document management and assess the risks the new technology will create and the impact this will have on his work and the achievement of his audit objectives. The main objective of this research will be to assess the impact of electronic document management on the auditors traditional audit procedures used to meet his objectives and how the auditor can ensure that his audit objectives of completeness, accuracy, validity and maintenance can still be achieved.
- Full Text:
A model for the evaluation of risks and control features in ORACLE 7
- Authors: Snyman, Elisna
- Date: 2015-09-08
- Subjects: ORACLE 7 (Computer system) , Database management , Auditing - Data processing
- Type: Thesis
- Identifier: uj:14059 , http://hdl.handle.net/10210/14475
- Description: M.Com. , The proliferation of computers and the advances in technology introduced a number of new and additional management and control considerations. The inherent complexity of these environments has also increased the need to evaluate the adequacy of controls from an audit perspective. Due to the increasing use of database management systems as the backbone of information processing applications and the inherent complexities and diversity of these environments, the auditor is faced with the challenge of whether and to what extent reliance may be placed on the data contained in these databases...
- Full Text:
- Authors: Snyman, Elisna
- Date: 2015-09-08
- Subjects: ORACLE 7 (Computer system) , Database management , Auditing - Data processing
- Type: Thesis
- Identifier: uj:14059 , http://hdl.handle.net/10210/14475
- Description: M.Com. , The proliferation of computers and the advances in technology introduced a number of new and additional management and control considerations. The inherent complexity of these environments has also increased the need to evaluate the adequacy of controls from an audit perspective. Due to the increasing use of database management systems as the backbone of information processing applications and the inherent complexities and diversity of these environments, the auditor is faced with the challenge of whether and to what extent reliance may be placed on the data contained in these databases...
- Full Text:
Application of the access path model with specific reference to the SAP R/3 environment
- Authors: Pretorius, Maria Rebecca
- Date: 2014-10-07
- Subjects: Computer security , Data protection , Computers - Access control
- Type: Thesis
- Identifier: uj:12534 , http://hdl.handle.net/10210/12328
- Description: M.Com. (Computer Auditing) , The management and control of modern day computer systems are becoming more and more trying due to the complexity of systems. This renders the traditional approach to evaluating controls in complex computer systems, inadequate and heightens the need for an alternative audit approach. The complex SAP R/3 environment will be evaluated in terms of security and validity of users and processes. This will be achieved through the use of an alternative audit approach namely, the application of the Access Path and Path Context Models (Boshoff 1985, 1990). The research methodology used during this research may indicate universal application implications for similar complex environments, although this has not yet been proved. The research showed that there are many control features available in the different software c.omponents of the SAP R/3 environment, that can be applied to control access and validity of users and processes. The duplication of control features provided by the software components, requires a global approach to security inthe defined environment. Only when evaluating the environment as a whole, will it be able to make the most effective security decisions. The use of the control matrices developed during this research will ease the global evaluation of the SAP R/3 environment. Although further research is required, the above has proven the usefulness of both the research methodology and the resultant model and matrices.
- Full Text:
- Authors: Pretorius, Maria Rebecca
- Date: 2014-10-07
- Subjects: Computer security , Data protection , Computers - Access control
- Type: Thesis
- Identifier: uj:12534 , http://hdl.handle.net/10210/12328
- Description: M.Com. (Computer Auditing) , The management and control of modern day computer systems are becoming more and more trying due to the complexity of systems. This renders the traditional approach to evaluating controls in complex computer systems, inadequate and heightens the need for an alternative audit approach. The complex SAP R/3 environment will be evaluated in terms of security and validity of users and processes. This will be achieved through the use of an alternative audit approach namely, the application of the Access Path and Path Context Models (Boshoff 1985, 1990). The research methodology used during this research may indicate universal application implications for similar complex environments, although this has not yet been proved. The research showed that there are many control features available in the different software c.omponents of the SAP R/3 environment, that can be applied to control access and validity of users and processes. The duplication of control features provided by the software components, requires a global approach to security inthe defined environment. Only when evaluating the environment as a whole, will it be able to make the most effective security decisions. The use of the control matrices developed during this research will ease the global evaluation of the SAP R/3 environment. Although further research is required, the above has proven the usefulness of both the research methodology and the resultant model and matrices.
- Full Text:
Computer audit concerns in the client-server environment
- Authors: Streicher, Rika
- Date: 2014-02-13
- Subjects: Client/server computing , Electronic data processing , Auditing - Data processing
- Type: Thesis
- Identifier: uj:3990 , http://hdl.handle.net/10210/9347
- Description: M. Com. (Computer Auditing) , and peer-to-peer have taken the world by storm. Dramatic changes have taken place in the information technology of organisations that have opted to follow this trend in the quest for greater flexibility and access to all those connected. Though technology has already had far-reaching effects on business, many changes are yet to be seen. The threats associated with the continuing developments in computer technology have resulted in many traditional internal control processes changing forever. Although, according to the above, it is fairly common that the client-server technology brings with it new threats and risks with internal control processes having to change to address these threats and risks, not all areas have been addressed yet. It is therefore clear that computer audit has a role to play. The main objective of this short dissertation is to shed some light on the problem described above: How will the changes wrought by the client-server technology affect the traditional audit approach? In other words, how will the computer auditor narrow the gap that has originated between traditional established audit procedures and an audit approach that meets the new challenges of the client-server environment? This will be achieved by pinpointing the audit concerns that arise due to the fundamental differences between the traditional systems environment and the new client-server environment...
- Full Text:
- Authors: Streicher, Rika
- Date: 2014-02-13
- Subjects: Client/server computing , Electronic data processing , Auditing - Data processing
- Type: Thesis
- Identifier: uj:3990 , http://hdl.handle.net/10210/9347
- Description: M. Com. (Computer Auditing) , and peer-to-peer have taken the world by storm. Dramatic changes have taken place in the information technology of organisations that have opted to follow this trend in the quest for greater flexibility and access to all those connected. Though technology has already had far-reaching effects on business, many changes are yet to be seen. The threats associated with the continuing developments in computer technology have resulted in many traditional internal control processes changing forever. Although, according to the above, it is fairly common that the client-server technology brings with it new threats and risks with internal control processes having to change to address these threats and risks, not all areas have been addressed yet. It is therefore clear that computer audit has a role to play. The main objective of this short dissertation is to shed some light on the problem described above: How will the changes wrought by the client-server technology affect the traditional audit approach? In other words, how will the computer auditor narrow the gap that has originated between traditional established audit procedures and an audit approach that meets the new challenges of the client-server environment? This will be achieved by pinpointing the audit concerns that arise due to the fundamental differences between the traditional systems environment and the new client-server environment...
- Full Text:
The impact on information systems controls within an organisation when making use of an EDI VAN
- Authors: Rorbye, Trevor Wayne
- Date: 2014-05-08
- Subjects: Electronic data processing , Auditing - Data processing
- Type: Thesis
- Identifier: uj:10944 , http://hdl.handle.net/10210/10517
- Description: M.Com. (Computer Auditing) , The implementation of EDI into South Africa business has only started in the recent past. The main reason for this is the fact that the huge benefits in terms of faster processing of business transactions, reduced costs of processing and the formation of strategic business alliances with key business partners, is only now being accepted by management. The other reason is due to the fact that large, commercially operated Value Added Networks (VANs) have only been in existence in this country during the last two years. The primary objective of this short dissertation can be summarised as follows: a) To provide a brief overview of the developments which are currently taking place in South Africa in the Electronic Data Interchange (EDI) environment and the Value Added Network (VAN) environment; b) To highlight how EDI is currently being implemented in South Africa; c) To develop a simplistic framework of key information systems controls which an auditor should consider when evaluating the information systems at a client; and d) To apply this controls framework to the EDI and VAN environments in order to derive lists of the information systems controls which should be reviewed by the auditor when their client makes use of an EDI VAN.
- Full Text:
- Authors: Rorbye, Trevor Wayne
- Date: 2014-05-08
- Subjects: Electronic data processing , Auditing - Data processing
- Type: Thesis
- Identifier: uj:10944 , http://hdl.handle.net/10210/10517
- Description: M.Com. (Computer Auditing) , The implementation of EDI into South Africa business has only started in the recent past. The main reason for this is the fact that the huge benefits in terms of faster processing of business transactions, reduced costs of processing and the formation of strategic business alliances with key business partners, is only now being accepted by management. The other reason is due to the fact that large, commercially operated Value Added Networks (VANs) have only been in existence in this country during the last two years. The primary objective of this short dissertation can be summarised as follows: a) To provide a brief overview of the developments which are currently taking place in South Africa in the Electronic Data Interchange (EDI) environment and the Value Added Network (VAN) environment; b) To highlight how EDI is currently being implemented in South Africa; c) To develop a simplistic framework of key information systems controls which an auditor should consider when evaluating the information systems at a client; and d) To apply this controls framework to the EDI and VAN environments in order to derive lists of the information systems controls which should be reviewed by the auditor when their client makes use of an EDI VAN.
- Full Text:
Auditing analysis of IBM's information management system/virtual storage data-base/data communication (DB/DC) system
- Authors: Pretorius, Gideon Joubert
- Date: 2014-02-11
- Subjects: Auditing - Data processing.
- Type: Thesis
- Identifier: uj:3756 , http://hdl.handle.net/10210/9133
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
- Authors: Pretorius, Gideon Joubert
- Date: 2014-02-11
- Subjects: Auditing - Data processing.
- Type: Thesis
- Identifier: uj:3756 , http://hdl.handle.net/10210/9133
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
A taxonomy of risks in rapid application development (RAD) projects
- Authors: Dunseith, Roy H.
- Date: 2014-04-16
- Subjects: Auditing - Data processing , Computer auditing
- Type: Thesis
- Identifier: uj:10786 , http://hdl.handle.net/10210/10294
- Description: M. Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
- Authors: Dunseith, Roy H.
- Date: 2014-04-16
- Subjects: Auditing - Data processing , Computer auditing
- Type: Thesis
- Identifier: uj:10786 , http://hdl.handle.net/10210/10294
- Description: M. Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
The computer auditor's involvement in IT strategic planning
- Authors: Brown, Ronald Arden
- Date: 2014-08-19
- Subjects: Information technology , Strategic planning
- Type: Thesis
- Identifier: uj:12097 , http://hdl.handle.net/10210/11842
- Description: M.Com. (Computer auditing) , 1. Overview of Topic This dissertation deals with the question of the computer auditor's involvement in IT (Information Technology) strategic planning. Increasingly, organizations have come to value IT for the competitive or strategic advantage that it can provide in the modern marketplace. IT has thus moved from being an administrative function to being of strategic importance to an organization. The IT strategic plan expresses an organization's beliefs and goals relating to the use of information technology and the use of IT for strategic purposes. The IT strategic plan should ideally support the organizational goals and the principles identified in the organizational strategic plan. 2. Research Problem and Methodology The purpose of this research project is to identify whether a computer auditor should be involved in IT strategy planning. It is contended that the involvement would normally be that of auditing an IT strategy, but could also extend to providing input into the development of such a strategy. This dissertation suggests that the IT strategy is a risk area in the organization and as such should be examined by the computer auditor. In addition, the concept of IT strategy being a key control system within the organization is introduced. A survey of literature is used to justify the above. Based on points gleaned from the literature survey, a suggested guideline for auditing an IT strategy is proposed. 3. Results of the Research Although a comprehensive survey of literature was performed. no indication was found that this topic had been dealt with in the past. The literature survey. however, proved to be of value in defining IT strategy and identifying it's risk areas. In addition, some of the literature did imply that there was scope for the involvement of the computer auditor in IT strategy planning. The literature survey also indicated that the topic of IT strategy was of importance to South African companies. Based on the literature survey it was concluded that, because IT strategy represented a risk area to the organization, the computer auditor should be involved in the audit thereof. The following guidelines were drawn up: one to assist in identifying when an IT strategy should be audited, one to identify control objectives relating to IT strategy and a corresponding audit guideline for each control objective. 4. Conclusion The literature surveyed indicated that there was a definite need for the computer auditor to become involved in the audit of IT strategy. The guideline presented for the audit of an IT strategy should prove to be useful to the computer auditor in identifying when and how an IT strategy should be audited. Investigating the actual involvement of the computer auditor in IT strategic planning was identified as an area for possible future research.
- Full Text:
- Authors: Brown, Ronald Arden
- Date: 2014-08-19
- Subjects: Information technology , Strategic planning
- Type: Thesis
- Identifier: uj:12097 , http://hdl.handle.net/10210/11842
- Description: M.Com. (Computer auditing) , 1. Overview of Topic This dissertation deals with the question of the computer auditor's involvement in IT (Information Technology) strategic planning. Increasingly, organizations have come to value IT for the competitive or strategic advantage that it can provide in the modern marketplace. IT has thus moved from being an administrative function to being of strategic importance to an organization. The IT strategic plan expresses an organization's beliefs and goals relating to the use of information technology and the use of IT for strategic purposes. The IT strategic plan should ideally support the organizational goals and the principles identified in the organizational strategic plan. 2. Research Problem and Methodology The purpose of this research project is to identify whether a computer auditor should be involved in IT strategy planning. It is contended that the involvement would normally be that of auditing an IT strategy, but could also extend to providing input into the development of such a strategy. This dissertation suggests that the IT strategy is a risk area in the organization and as such should be examined by the computer auditor. In addition, the concept of IT strategy being a key control system within the organization is introduced. A survey of literature is used to justify the above. Based on points gleaned from the literature survey, a suggested guideline for auditing an IT strategy is proposed. 3. Results of the Research Although a comprehensive survey of literature was performed. no indication was found that this topic had been dealt with in the past. The literature survey. however, proved to be of value in defining IT strategy and identifying it's risk areas. In addition, some of the literature did imply that there was scope for the involvement of the computer auditor in IT strategy planning. The literature survey also indicated that the topic of IT strategy was of importance to South African companies. Based on the literature survey it was concluded that, because IT strategy represented a risk area to the organization, the computer auditor should be involved in the audit thereof. The following guidelines were drawn up: one to assist in identifying when an IT strategy should be audited, one to identify control objectives relating to IT strategy and a corresponding audit guideline for each control objective. 4. Conclusion The literature surveyed indicated that there was a definite need for the computer auditor to become involved in the audit of IT strategy. The guideline presented for the audit of an IT strategy should prove to be useful to the computer auditor in identifying when and how an IT strategy should be audited. Investigating the actual involvement of the computer auditor in IT strategic planning was identified as an area for possible future research.
- Full Text:
An evaluation of integrity control facilities in an AS/400 environment
- Authors: Bosman, Michael Louis
- Date: 2014-09-23
- Subjects: Software protection - Evaluation , Auditing - Access control
- Type: Thesis
- Identifier: uj:12353 , http://hdl.handle.net/10210/12139
- Description: M.Com. (Computer Auditing) , Both the auditor, faced with the task of determining an effective and efficient audit approach, as well as management, charged with implementing and monitoring need purer security, need to evaluate integrity controls. This need to evaluate integrity controls is increasing, due to the growing complexity of computer environments, the breakdown of the paper audit trail, and the replacement of application controls by integrity controls. By applying the Access Path and Path Context Models, an evaluation was performed of integrity controls and risks in an AS/400 environment. The operating system (08/400) was delineated into functional categories to assist in the evaluation, in a manner consistent with that outlined in the Access Path Model. It was found that sufficient integrity control facilities exist in an AS/400 environment to meet the control objectives, although several risks were identified which could only be addressed by application controls.
- Full Text:
- Authors: Bosman, Michael Louis
- Date: 2014-09-23
- Subjects: Software protection - Evaluation , Auditing - Access control
- Type: Thesis
- Identifier: uj:12353 , http://hdl.handle.net/10210/12139
- Description: M.Com. (Computer Auditing) , Both the auditor, faced with the task of determining an effective and efficient audit approach, as well as management, charged with implementing and monitoring need purer security, need to evaluate integrity controls. This need to evaluate integrity controls is increasing, due to the growing complexity of computer environments, the breakdown of the paper audit trail, and the replacement of application controls by integrity controls. By applying the Access Path and Path Context Models, an evaluation was performed of integrity controls and risks in an AS/400 environment. The operating system (08/400) was delineated into functional categories to assist in the evaluation, in a manner consistent with that outlined in the Access Path Model. It was found that sufficient integrity control facilities exist in an AS/400 environment to meet the control objectives, although several risks were identified which could only be addressed by application controls.
- Full Text:
Audit risks when using CASE tools
- Authors: Moolla, M.I
- Date: 2015-03-17
- Subjects: Computer-aided software engineering
- Type: Thesis
- Identifier: uj:13435 , http://hdl.handle.net/10210/13472
- Description: M.Com. , Please refer to full text to view abstract
- Full Text:
- Authors: Moolla, M.I
- Date: 2015-03-17
- Subjects: Computer-aided software engineering
- Type: Thesis
- Identifier: uj:13435 , http://hdl.handle.net/10210/13472
- Description: M.Com. , Please refer to full text to view abstract
- Full Text:
Option dealing strategies and the related risk management procedures
- Authors: Viljoen, Carel Braam
- Date: 2014-02-11
- Subjects: Risk management - South Africa , Strategic planning - South Africa
- Type: Thesis
- Identifier: uj:3786 , http://hdl.handle.net/10210/9160
- Description: M.Com. (Financial Management) , During the last decade, options, which are financial instruments used for trading and hedging, have shown greater development than any other financial instrument over the same period of time. Because option dealing is perceived in the market-place as an instrument which is technically advanced, innovative and, complex, many potential option players do not take part in trading. This process' of withdrawal is fuelled by constant negative publicity given to option trading, but very seldom are reports written on success stories relating to option trading. Current option-trading participants are also constantly reminded by the press; other companies, senior management, board members and shareholders that they run the risk of losing vast sums of money and could take the company down with one reckless transaction. What is unfortunate is that they will not be able to prevent or detect transactions that could lead to such losses. Trading risk is further increased by the fact that quality risk management staff are also very difficult to acquire as this function is perceived to be not as glamorous as being an option dealer. Given the above scenario of what is really happening out there in the world of option trading, the question arises whether option trading activities should be embarked upon by Institutions who have never dealt in options and whether current option trading participants should continue trading or should discontinue trading activities as soon as possible.
- Full Text:
- Authors: Viljoen, Carel Braam
- Date: 2014-02-11
- Subjects: Risk management - South Africa , Strategic planning - South Africa
- Type: Thesis
- Identifier: uj:3786 , http://hdl.handle.net/10210/9160
- Description: M.Com. (Financial Management) , During the last decade, options, which are financial instruments used for trading and hedging, have shown greater development than any other financial instrument over the same period of time. Because option dealing is perceived in the market-place as an instrument which is technically advanced, innovative and, complex, many potential option players do not take part in trading. This process' of withdrawal is fuelled by constant negative publicity given to option trading, but very seldom are reports written on success stories relating to option trading. Current option-trading participants are also constantly reminded by the press; other companies, senior management, board members and shareholders that they run the risk of losing vast sums of money and could take the company down with one reckless transaction. What is unfortunate is that they will not be able to prevent or detect transactions that could lead to such losses. Trading risk is further increased by the fact that quality risk management staff are also very difficult to acquire as this function is perceived to be not as glamorous as being an option dealer. Given the above scenario of what is really happening out there in the world of option trading, the question arises whether option trading activities should be embarked upon by Institutions who have never dealt in options and whether current option trading participants should continue trading or should discontinue trading activities as soon as possible.
- Full Text:
Audit evaluation of the controls in the Adabas database management system
- Authors: Van Schalkwyk, R.
- Date: 2014-02-11
- Subjects: Auditing - Data processing
- Type: Thesis
- Identifier: uj:3906 , http://hdl.handle.net/10210/9270
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
- Authors: Van Schalkwyk, R.
- Date: 2014-02-11
- Subjects: Auditing - Data processing
- Type: Thesis
- Identifier: uj:3906 , http://hdl.handle.net/10210/9270
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
Auditing database integrity with special reference to UNIX and INFORMIX
- Authors: Johnstone, Arno
- Date: 2015-03-17
- Subjects: UNIX (Computer file) , INFORMIX (Computer operating system)
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/373877 , uj:13437 , http://hdl.handle.net/10210/13474
- Description: M.Com. , Please refer to full text to view abstract
- Full Text:
- Authors: Johnstone, Arno
- Date: 2015-03-17
- Subjects: UNIX (Computer file) , INFORMIX (Computer operating system)
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/373877 , uj:13437 , http://hdl.handle.net/10210/13474
- Description: M.Com. , Please refer to full text to view abstract
- Full Text:
Audit risks in a database environment with specific reference to Oracle7
- Authors: Wiid, Liné Cornette
- Date: 2014-02-13
- Subjects: Auditing - Data processing , Financial statements - South Africa , Risk management - Data processing , ORACLE 7 (Computer system)
- Type: Thesis
- Identifier: uj:3954 , http://hdl.handle.net/10210/9314
- Description: M.Com. (Computer Auditing) , The objective of an independent audit of financial statements is to express an opinion on the fair presentation of the financial statements. The auditor should obtain sufficient audit evidence to enable him to draw conclusions to support the content of his report. The auditor should obtain an understanding of the entity's accounting system and related internal controls to assess their adequacy as a basis for the preparation of financial information and to assist in the designing of his audit procedures. If the auditor intends to rely on any internal controls, he should study and evaluate those controls. If a database system is used, it is logical that all the financial data reside in the database. In order for an auditor to express an opinion on the financial statements, he has to determine to what extent he can rely on the integrity of the financial data that resides in the database. The objective of this research was to identify the risks and controls present in a general database environment as well as those present in the Oracle? database management system environment, to develop a comparison table between these environments and to develop an Oracle? internal control questionnaire.
- Full Text:
- Authors: Wiid, Liné Cornette
- Date: 2014-02-13
- Subjects: Auditing - Data processing , Financial statements - South Africa , Risk management - Data processing , ORACLE 7 (Computer system)
- Type: Thesis
- Identifier: uj:3954 , http://hdl.handle.net/10210/9314
- Description: M.Com. (Computer Auditing) , The objective of an independent audit of financial statements is to express an opinion on the fair presentation of the financial statements. The auditor should obtain sufficient audit evidence to enable him to draw conclusions to support the content of his report. The auditor should obtain an understanding of the entity's accounting system and related internal controls to assess their adequacy as a basis for the preparation of financial information and to assist in the designing of his audit procedures. If the auditor intends to rely on any internal controls, he should study and evaluate those controls. If a database system is used, it is logical that all the financial data reside in the database. In order for an auditor to express an opinion on the financial statements, he has to determine to what extent he can rely on the integrity of the financial data that resides in the database. The objective of this research was to identify the risks and controls present in a general database environment as well as those present in the Oracle? database management system environment, to develop a comparison table between these environments and to develop an Oracle? internal control questionnaire.
- Full Text:
An audit perspective of data quality
- Authors: Ramabulana, Territon
- Date: 2014-11-20
- Subjects: Database management , Database security , Auditing - Data processing
- Type: Thesis
- Identifier: uj:13087 , http://hdl.handle.net/10210/12965
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
- Authors: Ramabulana, Territon
- Date: 2014-11-20
- Subjects: Database management , Database security , Auditing - Data processing
- Type: Thesis
- Identifier: uj:13087 , http://hdl.handle.net/10210/12965
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
Security features on IBM AS/400 processors : a practical study for implementation at Impala Platinum Limited
- Van Rooyen, Nicolaas Gustavus Appelgryn
- Authors: Van Rooyen, Nicolaas Gustavus Appelgryn
- Date: 2014-04-10
- Subjects: Management information systems , Computer security
- Type: Thesis
- Identifier: uj:10584 , http://hdl.handle.net/10210/10108
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text:
- Authors: Van Rooyen, Nicolaas Gustavus Appelgryn
- Date: 2014-04-10
- Subjects: Management information systems , Computer security
- Type: Thesis
- Identifier: uj:10584 , http://hdl.handle.net/10210/10108
- Description: M.Com. (Computer Auditing) , Please refer to full text to view abstract
- Full Text: