由於近年來政府推動商業自動化政策,鼓勵企業電腦化及大力推展電子化政府,我國工商企業使用電腦有隨企業規模擴大而增加的趨勢,企業電腦化雖提供快速、有效率及一致性的效益,但其隱含錯誤或舞弊的風險亦比人工作業處理更加複雜,為確保控制系統的正常運作,企業亦需建立健全的稽核制度。本研究有鑑於電腦稽核日益重要,但甚少有關電腦稽核人員應如何進行稽核工作的相關研究,因此本研究以現有文獻為基礎,嘗試發展出一份適用於國內一般組織的電腦稽核檢查表,一方面提供稽核人員在執行實地稽核查訪時的參考,稍減稽核人員不知從何開始與不知應查核那些項目的困擾;另一方面亦提供給組織內的資訊部門用以自行檢查與評估其現有安全控管措施的執行狀況。此外,並根據調查資料之統計結果將電腦稽核執行程度分為三等級,同時分析各等級可能會有的風險與改善現況的建議。 As the government was moving for business automation of recent years, the use of computers was on the increase. Computerization provides business with quickness, efficiency and consistency, even though it may contains more complex mistakes or maladies then artificial operations. Since computers play such a large part in assisting us process data, it is important that their use be controlled. It is tried to develop an audit checklist to evaluate control of computer use in the study, and applied to investigate the current situation of EDP auditing environment in Taiwan. In addition, this study can provide auditors a deeper understanding about how to audit in computerized environment, also the security audit and field evaluation can be carried out quickly, effectively, and economically by in-house personnel. It will classify the companies into three levels and analysis possible risks of them.
關聯:
第十屆國際資訊管理學術研討會論文集(第二冊)=Proceedings of Tenth International Conference on Information Management (Vol. 2),頁1135-1142