Title :
Constructing auditing rules from ERP system: a business process flow approach
Author_Institution :
Inf. Syst. Lab., Inst. for Inf. Ind., Taipei, Taiwan
Abstract :
Fraudulence cases have happened all the time in business environments. The responsibilities of auditors are to prevent the swindling cases and to ensure that every operation conforms to regulations. In recent years, IT is adopted in business environments. Traditional approaches with paper operation using papers to be audit trails should be changed to EDP auditing. Typically, since auditors come from nonIT backgrounds, it´s difficult for them to involve the area of EDP auditing. Furthermore, enterprise resource planning (ERP) is adopted competing with other opponents around the world. ERP makes the enterprise systems more complicate. Hence, auditors face an even big problem about how to audit in ERP environment. We propose a mechanism to structure rules of auditing information by mapping from business processes to data flow and data model. With our mechanism, auditors can directly obtain auditing information based on business process and containing data changing process.
Keywords :
auditing; business data processing; data models; enterprise resource planning; EDP auditing; ERP system; auditing; business process flow approach; data model; enterprise resource planning; Command languages; Computer crime; Computerized monitoring; Control systems; Data models; Databases; Enterprise resource planning; Information systems; Management information systems; Power system management;
Conference_Titel :
Security Technology, 2003. Proceedings. IEEE 37th Annual 2003 International Carnahan Conference on
Print_ISBN :
0-7803-7882-2
DOI :
10.1109/CCST.2003.1297583
