Study on Quality in the Accounting Profession in General, and in Audit, in particular, through the Perspective of Taking Responsibility

Although it is considered a present topic, we can nevertheless notice, after a close analysis of specialized literature, especially of foreign studies, that a lot has been written on the subject of audit and accounting quality, but things are far from being clarified. Even in our country, we could notice papers that dealt with the same issues, but which are not well supported practically. Nevertheless, we can see a diversity of approaches in foreign literature concerning this topic, including the wish to identify or even to suggest indicators, as well as models for quantifying quality in the accounting profession. For the considered studies, the results of statistical analyses reveal the interdependency between the time period when the articles were published, the typology of the examined studies, and their topics. The purpose of this study is to establish correspondences between a series of qualitative factors, which significantly influence both the quality of the financial-accounting information and the quality of the accounting profession. Through this approach, we will attempt to sketch a profile of the scientific level of the materials in the field of audit and accounting quality

Audit Layanan Teknologi Informasi Berbasis Information Technology Infrastructure Library (ITIL)

IT Service Management adalah salah satu cara untuk mengelola layanan teknologi informasi. Layanan teknologi perlu dikelola dengan baik untuk mendapatkan output dalam bentuk informasi yang dibutuhkan oleh manajemen. Untuk meningkatkan layanan teknologi informasi untuk lebih baik, diperlukan audit meliputi audit layanan teknologi informasi. Audit layanan teknologi informasi dilakukan untuk menentukan kelayakan teknologi informasi denngan terkait, dalam hal ini penulis berfokus pada isu-isu keamanan teknologi informasi. Audit keamanan teknologi informasi dibuat untuk menentukan tingkat keamanan untuk layanan teknologi informasi, sejauh mana informasi tersebut bisa sampai kepada yang berhak menerima, apakah informasi tersebut benar-benar tersedia, apakah informasi tersebut bersifat rahasia. Untuk dapat mengukur tingkat keamanan layanan teknologi informasi, penulis memilih untuk menggunakan metode Information Technology Infrastructure Library Versi 3 (ITIL V3). ITIL adalah set yang terdiri dari Layanan Strategi, Jasa Desain, Jasa Transisi, Layanan Operasi, dan terus-menerus Peningkatan Pelayanan. Dalam hal ini penulis berfokus pada layanan desain pada bagian dari manajemen keamanan informasi, pada bagian ini menjelaskan bagaimana layanan dikatakan baik jika memenuhi 8 poin yang telah distandarisasi secara Internasional

Towards Visually Monitoring Multiple Perspectives of Business Process Compliance

A challenge for enterprises is to ensure conformance of their business processes with imposed compliance rules. Usually, the latter may constrain multiple perspectives of a business process, including control flow, data, time, resources, and interactions with business partners. Like in process modeling, visual languages for specifying compliance rules have been proposed. However, business process compliance cannot be completely decided at design time, but needs to be monitored during run time as well. This paper introduces an approach for visually monitoring business process compliance. In particular, this approach covers all relevant process perspectives. Furthermore, compliance violations cannot only be detected, but also be visually highlighted emphasizing their causes. Finally, the approach assists users in ensuring compliant continuations of a running business process

Continuous Auditing: A Practical Maturity Model

Continuous Auditing (CA) is a methodology for issuing audit reports simultaneously with, or a short period of time after, the data is entered into the information system. The possibilities and challenges of CA have been researched previously. However, limited studies focus on the practical application of CA maturity models. In this study, we bridge this gap by developing a maturity model, including measurements to evaluate the current state of an organizations’ CA. To accomplish this goal, we adopted a focus group approach to create the maturity model in multiple iterations. During these iterations, the model was developed in concurrence with three pension funds, one accountancy firm, one mortgagor and two consultancy firms for the pension market. This resulted in a maturity model, which consists out of five maturity levels and four capabilities. The maturity levels are: 1) initial approach, 2) ad hoc approach, 3) defined approach, 4) managed approach, and 5) optimized approach. The four capabilities are: A) systems, B) data, C) organization, and D) people

Visually Monitoring Multiple Perspectives of Business Process Compliance

A challenge for any enterprise is to ensure conformance of its business processes with imposed compliance rules. The latter may constrain multiple perspectives of a business process, including control flow, data, time, resources, and interactions with business partners. However, business process compliance cannot completely be decided at design time, but needs to be monitored during run time as well. This paper introduces a comprehensive framework for visually monitoring business process compliance. As opposed to existing approaches, the framework supports the visual monitoring of all relevant process perspectives based on the extended Compliance Rule Graph (eCRG) language. Furthermore, it not only allows detecting compliance violations, but visually highlights their causes as well. Finally, the framework assists users in monitoring business process compliance and ensuring a compliant continuation of their running business processes

A framework for efficiently mining the organisational perspective of business processes

Process mining aims at discovering processes by extracting knowledge from event logs. Such knowledge may refer to different business process perspectives. The organisational perspective deals, among other things, with the assignment of human resources to process activities. Information about the resources that are involved in process activities can be mined from event logs in order to discover resource assignment conditions, which is valuable for process analysis and redesign. Prior process mining approaches in this context present one of the following issues: (i) they are limited to discovering a restricted set of resource assignment conditions; (ii) they do not aim at providing efficient solutions; or (iii) the discovered process models are difficult to read due to the number of assignment conditions included. In this paper we address these problems and develop an efficient and effective process mining framework that provides extensive support for the discovery of patterns related to resource assignment. The framework is validated in terms of performance and applicability

Effective Compliance Audit Model for Managing Process Safety in Process Industries

US Occupational Safety and Health Administration (OSHA) developed a program called Process Safety Management (PSM) due to the increasing major accidents in the process industries which has resulted in the loss of life, pollution to the environment and also monetary and asset losses. The purpose of process safety management or commonly known as PSM is to prevent unwanted release of highly hazardous chemicals to reduce exposure to employees and other potential hazards to the environmental, property and other living organisms. The PSM program is being used in the US, Europe and other countries which have any related process industries such as Malaysia. PSM covers 14 elements which comply with the OSHA Act. One of the elements in discussion of this research is Compliance Audit. Compliance audit is a technique to verify that the implementation of the PSM program is in compliance with OSHA standards. Besides that, compliance audit is performed to determine potential weakness or deficiencies in the PSM program used. Thus, by performing compliance audit, the implementation of the PSM program can be improved and can reduce the potential occurrence of accidents while working. The main goal of the research is to develop a comprehensive and effective compliance audit model according to OSHA PSM Standards which includes the six essential components of a compliance audit; planning, staffing, format, conducting the audit, evaluation and corrective and documentation. Prior to development of model, a framework is drafted as a guidance.The compliance audit model is a computer database to capture data and analyse the data. The model utilizes the Piping and Instrumentation Diagram (P&ID) as a basis to conduct the audit. Case study based on Operating Procedure and Training elements is performed to verify the effectiveness and also to ensure model compliance with OSHA PSM standards. The implementation of the model in the near future can assist auditors to conduct a systematic and efficient work flow of the audit. The compliance audit model is also beneficial to the employee as the weaknesses in the PSM program can be identified and rectified to prevent any major accidents such as in Bhopal or Flixborough

Compliance validation and diagnosis of business data constraints in business processes at runtime

Business processes involve data that can be modified and updated by various activities at any time. The data involved in a business process can be associated with flow elements or data stored. These data must satisfy the business compliance rules associated with the process, where business compliance rules are policies or statements that govern the behaviour of a company. To improve and automate the validation and diagnosis of compliance rules based on the description of data semantics (called Business Data Constraints), we propose a framework where dataflow variables and stored data are analyzed. The validation and diagnosis process is automated using Constraint Program-ming, to permit the detection and identification of possibly unsatisfiable Business Data Constraints, even if the data involved in these constraints are not all instantiated. This implies that the potential errors can be determined in advance. Furthermore, a language to describe Business Data Constraints is proposed, for the improvement of user-oriented aspects of the business process description. This language allows a business expert to write Business Data Constraints that will be automatically validated in run-time, without the support of an information technology expert.Junta de Andalucía P08-TIC-04095Ministerio de Ciencia y Tecnología TIN2009-1371

An Operational Semantics for the Extended Compliance Rule Graph Language

A challenge for any enterprise is to ensure conformance of its business processes with imposed compliance rules. Usually, the latter may constrain multiple perspectives of a business process, including control flow, data, time, resources, and interactions with business partners. Like for process modeling, intuitive visual languages have been proposed for specifying compliance rules. However, business process compliance cannot completely be decided at design time, but needs to be monitored during run time as well. In previous work we introduced the extended Compliance Rule Graph (eCRG) language that enables the visual monitoring of business process compliance regarding the control flow, data, time, and resource perspectives as well as the interactions a process has with business partners. This technical report introduces an operational semantics of the eCRG language. In particular, the state of a visual compliance rule is reflected through markings and annotations of an eCRG. The proposed operational semantics not only allows detecting compliance violations at run-time, but visually highlights their causes as well. Finally, it allows providing recommendations to users in order to proactively ensure for a compliant continuation of a running business process

Audit Layanan Teknologi Informasi Berbasis Information Technology Infrastructure Library (ITIL)

IT Service Management adalah salah satu cara untuk mengelola layanan teknologi informasi. Layanan teknologi perlu dikelola dengan baik untuk mendapatkan output dalam bentuk informasi yang dibutuhkan oleh manajemen. Untuk meningkatkan layanan teknologi informasi untuk lebih baik, diperlukan audit meliputi audit layanan teknologi informasi. Audit layanan teknologi informasi dilakukan untuk menentukan kelayakan teknologi informasi denngan terkait, dalam hal ini penulis berfokus pada isu-isu keamanan teknologi informasi. Audit keamanan teknologi informasi dibuat untuk menentukan tingkat keamanan untuk layanan teknologi informasi, sejauh mana informasi tersebut bisa sampai kepada yang berhak menerima, apakah informasi tersebut benar-benar tersedia, apakah informasi tersebut bersifat rahasia. Untuk dapat mengukur tingkat keamanan layanan teknologi informasi, penulis memilih untuk menggunakan metode Information Technology Infrastructure Library Versi 3 (ITIL V3). ITIL adalah set yang terdiri dari Layanan Strategi, Jasa Desain, Jasa Transisi, Layanan Operasi, dan terus-menerus Peningkatan Pelayanan. Dalam hal ini penulis berfokus pada layanan desain pada bagian dari manajemen keamanan informasi, pada bagian ini menjelaskan bagaimana layanan dikatakan baik jika memenuhi 8 poin yang telah distandarisasi secara internasional