Information systems are one of the most useful tools for organizations because they allow storing, transforming and exposing the data of the different departments as well as the activities that arise day by day, although it is important to consider the audit as a continuous process and point of departure.
auditing-systems-info-organization-targetInformation systems have been the launching point for correct data management and improvement of efficiency and productivity in an organization. These have origin and a strong development in the 50's until today. It is extremely important to mention that with globalization and technological innovation, there is no company, either public or private, that does not record each and every one of its activities using a computer and that exchanges information through this device thanks to the use of the internet. This technological revolution encourages organizations to have the need to back up and protect their information through information systems, hoping that they are specifically reliable in financial information, since it is one of the most protected points by organizations.
But… in reality, what is and what does an Information System encompass? Next, the definition of Information System according to different authors:
"An information system is a set of interrelated elements with the purpose of paying attention to the information demands of an organization, to raise the level of knowledge that allows better support for decision-making and action development."
(Peña, 2006).
“It is a set of elements that interact with each other in order to support the activities of a company or business. Taking into account the necessary computer equipment for the information system to operate and the human resource that interacts with the Information System, which is made up of the people who use the system. ”
(Peralta, 2008).
In accordance with the foregoing, the information system can be defined as a set of elements or data that can be stored and entered between them to be subsequently processed, in order to present structured, accurate and timely information that the company needs the administration, operation, control and decision making.
ELEMENTS OF AN INFORMATION SYSTEM
According to Fuentes (2003, p.17-21), there are different elements that make up an information system, which will be mentioned in detail below:
1. HUMAN RESOURCES
The human resource is the group of people that make up an organization and these interact with the Information System every day, in turn they can be computer and system operators, who are trained and responsible for obtaining information and incorporating it into the system; or information systems specialists, who are analysts and system programmers who develop and operate with such information. This also includes end users, also called clients, who use a previously generated information system and can work in a private and separate office.
2. HARDWARE
Hardware is made up primarily of physical devices used in information processing. The teams are subdivided into Central Processing Units (CPU) and Memory
Principal.
The Central Processing Units, known as central processors, contain microprocessors and constitute the "computer brain".
The Main Memory, is the place where data and programs are stored that will later be processed by the CPU, in turn it is divided into two types of memory, RAM (space where the programs and data are before being executed or processed) and ROM memory (area where the information stored contains information and programs that are run frequently and whose content does not change over time).
3. PERIPHERAL DEVICES
It basically refers to the elements connected to the CPU and that serve as a communication channel between the computer and the user (human resource). It is divided into three devices: the input, storage and output devices.
The input devices are used to enter and enter data and give orders to the computer. The most common are, for example, the keyboard, mouse, scanner and cameras. Storage devices are used to store information that is not lost when the computer is turned off and can be deleted if necessary. The most common are hard drives and the output devices are used to communicate the information obtained to the outside. The most widely used and best known units are monitors and printers.
4. SOFTWARE
It is divided into system and application software. The system software is a set of computer operating system programs, for example Windows MR and the application software are end user programs, they can be first-time and subject to the databases
5. DATA
They are in many ways, including alphanumeric data (composed of letters and numbers), they can also be composed only of texts, sentences or paragraphs, images, number, audio and video.
The data can be divided into communication networks and network support.
Communication networks allow computer equipment to be united and thus share information between them, these include communication means, which can be conductive means that transmit data thanks to electrical impulses or radiated means that transmit data by means of frequencies such as example, radio waves.
Network support, includes the human resources, hardware and software that help manage and use communication networks.
INFORMATION SYSTEM PROCESS
Information systems have basic activities that must be carried out when working with information:
- Information entry: process in which the system takes the data necessary to process the information, through different means such as: keyboard, barcodes, disks, among others. Information storage: it is one of the most important activities that is had on a device such as the computer, since through this property the system can remember the information and save it for long periods of time. Information processing: This quality of information systems allows the transformation of data through different sources of information that can be used for decision-making in the organization. Information output: is the capacity of a system information to get the processed information or input data to the outside.
IMPORTANCE OF AN INFORMATION SYSTEM
It is important for an organization to know the importance and weight of an information system, since this is essential for the correct administration and management of the firm. It is for this great reason that all professionals focused on the areas of business management and administration must have heard and studied this concept. At the same time,It is of utmost importance to have a basic understanding of what an information system as well as the areas of opportunity that may arise in the company to achieve this objective, it is essential to have knowledge and skills in the area of information technology, since all these systems are managed through of data as well as technological equipment and it is very risky for an organization not to move to this stage of change limiting its competition capabilities in the dynamic environment in which successful organizations currently develop.
Therefore, the proper administration of information systems is a major challenge for managers. Thus the function of information systems represents the following:
- Information systems can be adapted to any area that is functional within the company, which is as important to business success as the functions of accounting, finance, operations management, marketing, sales and human resources management, among others. Another important collaboration is located in operational efficiency, productivity, as well as the measurement of customer satisfaction. An important source of information and support for it is of utmost importance since it can be used for effective decision-making by of managers. It is a fundamental part of the development of new competitive products and services that give organizations a strategic advantage over their competitors.
AUDIT
The history of audits is recorded since ancient times when sovereigns demanded maintenance to verify the veracity of financial operations, later with the development of trade, the need for the first audits in England in the year of 1862 arose.
On the other hand, the administrative theory and the contributions of Taylor and Farol, propose five functions that every administrator or manager must possess: planning, organizing, ordering, coordinating and controlling, the foregoing, happened alongside the control function in which The audit is integrated, which allows to accumulate and evaluate data and evidence that have been carried out in certain areas and activities, to subsequently make quantifiable information, in order to finish reporting and thus be able to make correct and optimal decisions.
Here are some definitions of auditing according to different authors:
(Juan Ramón Santilla González (Auditor) in his book audit, 2000)
(ISO, 2011)
“The audit, etymologically, comes from the Latin verb audire, which means 'to hear', which in turn has its origin in the first auditors who exercised their function judging the truth or falsity of what was subjected to their verification, mainly by looking. However, it is also said to come from the English verb to audit, which means 'to review' or 'to intervene'. ”
(Wikipedia, 2018)
It is of utmost importance to understand that auditing is closely related to disciplines that use techniques and methodologies in different areas of knowledge, for example, computing and statistics. On the other hand, the audit in general, is a process with broad features of internal control for the diagnosis of organizations.
There are different types of audits such as internal, administrative and information auditing. This article will explain the audit focused on information systems and the impact it has on organizations .
AUDIT OF INFORMATION SYSTEMS
According to Medelayne L. Vega García, in her article: Information audits in organizations (2006) defines information auditing as “a diagnosis of the use of information within the organization and a management meteorology applicable to any field and institution that establishes the information needs and the resources that correspond to them. Contributing to the establishment of the rendering and evaluation of a corporate information policy, the creation of value and the determination of information for an organization ”
Information auditing is usually very flexible and adaptive for any type of organization and for the use of how, for example, the creation of new services or the evaluation of corporate information policies, among others. This is usually ideal for identifying changes and restructuring the information in the organization, offering adequate solutions, as well as corporate information strategies.
Information auditing can work from two perspectives:
1.- Global
2.- Partial
In the first, the necessary elements related to the information within the organization are foreseen, also known as strategic audit and in the second, the audit is performed in the direct function or process and can be called as operational audit.
OBJECTIVE
The primary objective of an audit is to demonstrate whether internal controls operate effectively and efficiently and that these serve to minimize any risk that threatens the company, it must be carefully checked that the system is reliable and that there is data confidentiality, availability of information system and integrity.
IMPORTANCE
Audits focused on information systems usually have multiple advantages when it comes to their application, since they can range from cost savings to the most rational and effective management of resources, as well as the development of strategies.
AUDIT METHODOLOGY IN INFORMATION SYSTEMS
The audit is usually a continuous process, which requires periodic planning in order to contribute to a follow-up that can measure improvements and detect errors in time. Once organizations adapt to conducting audits, they become faster when it comes to auditing and different methodologies are used since there is currently no single standardized method to implement.
The managers of the different processes in each and every one of the areas of the organization consider the audit as a way of having an external vision that allows them to carefully observe each process and also to be able to identify the areas of opportunity and improvement. The standardized steps for an audit will be outlined below:
STEP 1: PLANNING THE AUDIT PROGRAM.
This is intended to schedule the audit or audits in question. This step is of utmost importance to schedule a global audit in which each and every process can be audited during a specific cycle of the program.
When organizations show the schedule for future audits, they convey a message of reliability to, and support for, their employees, amplifying improvements with the gathering of information needed to schedule the dates of upcoming audits.
STEP 2: PLANNING OF THE PROCESS AUDIT.
Once the overall plan is established, the next step is to plan and confirm the processes to perform the systems audit individually in each process.
The plan that is usually generalized in step one serves as a reference guide to know exactly the frequency in which the information systems will be audited, having a greater collaboration between the human resources in charge of the system and the auditor.
STEP 3: PERFORMING THE AUDIT.
All audits must start with a prior meeting between the auditor and those in charge of the information systems, so that both approve the audit plan.
The auditor may gather the information he needs by means of different elements such as the review of previous records in the system.
With this collection of information, the auditor seeks to verify that the process is effective in producing and that it achieves the previously established objectives.
STEP 4: REPORTING THE AUDIT
Once the review and information gathering process on the information system audit process is complete, a meeting is required. In this meeting, the person in charge of the information system is informed of the areas where problems or opportunities for improvement were presented, as well as those where performance has been optimally achieved.
CONCLUSION
Information systems are one of the most useful tools for organizations because they allow to store, transform and expose the data of the different departments as well as the activities that arise day by day, although it is important to consider the audit as a continuous process and point of departure. The audit focused on information systems gives the possibility of knowing how the human resource works according to the systems and the information, in turn, it is possible to identify areas of opportunity that may need changes or attention to improve them.
Once the audit is performed, the organization is fully prepared to continuously develop and improve management strategies, being able to support its knowledge for decision-making in different areas. It is of utmost importance to consider this tool in the development of the organization according to the information since the audit gives importance to certain fields such as, for example, information management, business intelligence and of course also knowledge management.
THESIS TOPIC
Develop a methodology focused on the accounting information system of the company SANDO SA de CV
THESIS PURPOSE
Detect the areas of improvement of the accounting information system through a methodology to audit the accounting department of the company SANDO SA de CV
BIBLIOGRAPHY
(November 5, 2017). Retrieved on 06 of 05 of 2018, from Gerencie.com:
Ciapagn, JM (2011). The information systems in the organization. 1-26.
Dangel, AD (February 24, 2010). ECOLINK. Retrieved on May 06, 2018, from
Delgado, OG (2007). Organizational Information Systems Audit and its importance. Gestiopolis, 1-12.
EcuRed. (May 06, 2018). Retrieved on May 05, 2018, from
European School of Excellence. (2016). Recovered on 06 of 05 of 2018, from ISO 9001: 5 steps to do an internal audit:
www.escuelaeuropeaexcelencia.com/2016/04/iso-9001-pasospara-hacer-una-auditoria-interna/
Mazahua, NR (2016). Organizational Information Systems Audit and its importance. Gestiopolis, 4-14.
Organizations, LA (2006). Madelayne L. Vega García. Redylac, 1- 14.
ZAMORAR. (2012). Retrieved on 06 of 05 of 2018, from
THANKS
To God, for all his blessings.
To my parents, they have been a fundamental support in every step I take.
My pillar, my livelihood. Infinite thanks!
My sisters, Marilyn, Vicky and Jessy since the responsibility came with you.
To CONACYT and PNPCC for accepting me in their program and allowing me to realize the dream of studying a postgraduate degree.
To the Orizaba Technological Institute for allowing me to face a new challenge, for professionalizing me and obtaining new knowledge.
To Dr. Aguirre y-Hernández, for his interest in training quality professionals, for the motivation, for his classes at 7 in the morning, for his punctuality.
To each and every one of my teachers who taught me so much.
Example of teaching and life.
Download the original file
