Full Program »
Modelo de evaluación de metodologías de auditoría informática basadas en riesgo inherente
Computer auditing has become a fundamental piece to ensure the success and use of computer systems in organizations. The success or failure of an audit depends on several factors: the IT auditor, based on their knowledge and experience, chooses expertise, tools and methodologies, each of these elements. Incorrect selection of these components may result in subjective audit results and financial losses for the organization. For this, an analysis of computer audit methodologies was proposed, to determine the level of inherent risk that its application would imply. We worked with our own research methodology of quantitative exploratory type, based on the deductive method for selection of parameters related to inherent risk, with a critical perspective for the quantification and interpretation of statistical data. The research was validated with the Delphi method, through surveys with non-comparative scales, applied to expert auditors to confirm the objectivity and impartiality of the evaluation model. The procedures performed demonstrated that it is possible to quantify the level of inherent risk, through occurrence, compliance and prioritization tables. The analysis of the occurrence of parameters associated with the inherent risk will be transparent and impartial to maintain the integrity of the analysis performed.