Developing IT Controls Testing for Enterprise Environment

Nowadays enterprises are highly dependent on Information Technology (IT) for accomplishing their objectives. In order to try to ensure that IT is aligned with the business objectives, an enterprise should ensure that it has effective IT controls for supporting its IT environment. Therefore, for checking the effectiveness of its IT environment, the enterprise’s IT environment is tested against the enterprise’s IT controls. So it is correct to state IT controls testing plays a crucial role in trying to ensure that the IT environ-ment of an enterprise is reliable for achieving the business goals. But it should be kept in mind that IT controls testing is a very challenging process. For instance, some of the challenges are the work effort required to complete the test, the speed of the test, accuracy, etc. Another challenge is the high cost of IT controls testing. During the accomplishment of the thesis, it has been observed that to solve the above-mentioned challenges, a lot of enterprises rely on Computer-Assisted Audit Techniques (CAAT) tools available in the market. After analyzing some of the most popular and widely used CAAT tools, it has been found out that such tools are helpful, but they are having their own challenges. For in-stance, they are not able to address all the requirements of IT controls testing. Further-more, CAAT tools are capable of performing specific tasks; they are not able to address all the issues related to IT controls testing. Their main challenge is the insufficient use of existing Enterprise Resource Planning (ERP) data. The solution for having an effective IT controls testing process could be the appropriate use of enterprise’s existing ERP data which is of high quality. In fact, the data should be measured and analyzed appropriately, and it should be mapped to the IT controls in a correct way. Actually, it might be challenging and even expensive to implement such a system, but if such system is implemented once, and it could be used for several years with minor updates, then it would be worthy to implement it for a reliable IT controls testing in an enterprise environment

A personalidade e a utilização de TAACS em auditoria interna

Mestrado Bolonha em Contabilidade, Fiscalidade e Finanças EmpresariaisA utilização das tecnologias de informação (TI), no mundo empresarial, tem sido cada vez mais notória, afetando o exercício da atividade de auditoria, através do uso das Técnicas de Auditoria Assistidas por Computador (TAACs). Apesar disso, a literatura refere que o recurso às TAACs tem ficado aquém do esperado em auditoria interna. Esta dissertação procura analisar o impacto da personalidade dos auditores internos na intenção do uso das TAACs e se essa intenção influencia a sua real utilização e, por fim, perceber se as TAACs melhoram a sustentabilidade empresarial através das atividades de auditoria interna. No estudo, foram utilizados os dados recolhidos, junto de 62 auditores internos portugueses através de um questionário, tendo as hipóteses de investigação sido analisadas através do Partial Least Squares – Structural Equation Modelling. Os resultados mostram que apenas o traço da consciência se mostrou relevante na intenção da utilização das TAACs. Por sua vez, a intenção de uso das TAACs influencia a sua real utilização por parte dos auditores internos. Por fim, obtivemos a evidência de que a utilização das TAACs está positivamente associada com o risco de fraude, pelo que estas são um instrumento importante para a melhoria da sustentabilidade das organizações.The use of information technologies (IT) in the business world has been increasingly notorious, affecting the exercise of the auditing activity through the use of Computer Assisted Audit Techniques (CAATs). Despite this, the literature shows that the use of CAATs has been less than expected in internal auditing. This dissertation seeks to analyze the effect of personality of internal auditors on the intention of using CAATs and whether this intention influences its actual use and finally to understand if CAATs improves the corporate sustainibility through internal audit activies. The study used data collected from 62 Portuguese internal auditors through a questionnaire, and the research hypotheses were analyzed using Partial Least Squares – Structural Equation Modelling. The results show that only the conscientiousness trait proved to be relevant in the intention of using CAATs. On the other hand, the intention of using CAATs influences their actual use by internal auditors. Finnally, we obtained evidence that the use of CAATs is positively associated with the risk of fraud, so they are an important instrument for improving the sustainability of organizations.info:eu-repo/semantics/publishedVersio