What Every Auditor Should Know About Computer Information Systems

GAO provided auditors with an overview of current computer information systems to assist them in understanding a company's operations. GAO found that: (1) information systems operations must be coordinated with various business activities; (2) human errors, omissions, and malicious acts by computer hackers and dishonest employees threaten data integrity; (3) electronic data processing (EDP) auditors safeguard software, trace computer transactions, review the systems development cycle, and monitor adherence to administrative policy to limit the opportunity for unauthorized access to a system; and (4) EDP auditors must be knowledgeable about financial and technical applications as well as related security controls.