Browsing by Author "van Dyk, Hendrike Olet"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
- ItemDeveloping an audit planning framework at a strategic and operational level for implementing continuous auditing and the corresponding continuous auditing procedures for Oracle database management systems(Stellenbosch : Stellenbosch University, 2017-03) van Dyk, Hendrike Olet; Goosen, Riana; Stellenbosch University. Faculty of Economic and Management Sciences. School of Accountancy.ENGLISH SUMMARY : Information technology (IT) has become imperative to most modern organisations’ strategic and operational activities. It is for this reason that King III clarified the respective responsibilities of risk committees, audit committees and internal audit functions with respect to IT assurance. King III recommends the use of technology to improve audit coverage and audit efficiency, but does not elaborate on this recommendation. In this research study, a modern audit methodology, namely continuous auditing, was explored as a potential solution to address this recommendation made by King III. Continuous auditing is the ongoing assessment of risks and controls which is enabled by technology. Compared to traditional audit methodologies, continuous auditing is considered a cost-effective method to increase audit efficiency and audit coverage. Despite the stated benefits of this audit methodology, internal auditors are yet to optimise the implementation of continuous auditing in practice. The primary objective of this research was to develop an audit planning framework for internal auditors to implement continuous auditing to ensure ongoing assurance for automated IT controls. The framework consists of strategic planning steps to develop an annual audit plan and to identify areas where continuous auditing could be implemented. The operational elements of this framework focus only on developing continuous auditing for automated IT controls. The secondary objective was to apply this planning framework to compile continuous audit procedures for database management systems, using Oracle Database as an example. The degradation of IT controls is often an early-warning indicator of fraud and error. The implementation of this modern audit methodology for database management systems enables internal auditors to report on control deficiencies within a shorter timeframe to provide real-time assurance. Considering that the most valuable information assets are retained in databases and in view of the increase in data breach incidents involving high-profile organisations, the implementation of continuous controls auditing should be a high priority for internal audit functions.