Formalization of the IT Audit Management Process

Author

Rosario, T. ; Pereira, Rui ; da Silva, Miguel Mira

Author_Institution

Inst. Super. Tecnico, Univ. Tec. de Lisboa, Lisbon, Portugal

fYear

2012

fDate

10-14 Sept. 2012

Firstpage

1

Lastpage

10

Abstract

Audit is an independent activity that employs standardized methods to evaluate and improve the effect in the process of compliance and control in order to help the organization achieve its goals. Nowadays, the current audit management process is costly and requires a high effort since there is a high amount of resources and used assets needed. This happens due to the large number of regulations with which it is crucial to comply. However, there are several frameworks which bring uncertainty and complexity to an organization. We intend to analyze the most important frameworks, elicit the needed requirements and use them to formalize the IT audit management process. Our work is important since a formalization of the IT audit management process is still missing and organizations keep struggling with so many frameworks in the market. Thus, organizations can achieve an improvement in their audits performance and an improvement on the analyses of their internal controls and compliance requirements.

Keywords

DP management; auditing; formal specification; BPMN; IT audit management process; audit performance; business process model notation; compliance process; compliance requirement; control process; internal control; standardized method; ISO standards; Organizations; Process control; Proposals; Standards organizations; Business Process Model; Compliance; Formal Process; IT Audit Management; Petri Nets;

fLanguage

English

Publisher

ieee

Conference_Titel

Enterprise Distributed Object Computing Conference Workshops (EDOCW), 2012 IEEE 16th International

Conference_Location

Beijing

Print_ISBN

978-1-4673-5005-1

Type

conf

DOI

10.1109/EDOCW.2012.11

Filename

6406246