The auditing information system is a very vital tool necessary for auditors working in; external auditing, internal auditing, system auditing, and finally date security. This tool has proved to be handy in the improvement of audit quality and rationalization of audit methods and consists of the audit report tree. In most cases it is a structured preconfigured collection of SAP standard programs. The earlier mentioned auditing tree is modeled on the auditing process itself and evaluations with default control variants being defined for each type of auditing function.There are those functions that are normally referred to as the drilldown functions that normally enable an individual to access summarized data right down to individual documents with each auditing field being comprehensively documented. The individual inquiries for information from the SAP database are usually managed by the query with the exported data being further executed by the use of external tools such as the ACL/IDEA.The Auditing Information System was developed with the issue in mind being the fact that all companies recognize the need to have books of account set up so as to obtain an overview of a third party expert concerning the firm's financial position within a reasonable amount of time. Currently the world over, accounting is exercised in an even more complex and dynamic EDP world and with increased risks. For this reason, the audit information systems now comprise of modern new auditing methods that improve the audit process quality. This is achieved through the use of modern information and communications technology that is in place today.For organizations to compete effectively and sustain themselves effectively in the current business world they are required to assess the financial stability of the vendor organizations with which they do business and thereafter provide a high level approach to perform such assessments(Champlain 2003).These organizations are also required to discuss and establish keys that would assist in examining contracts and agreements that organizations may enter into with various vendor organizations. To effectively make use of the auditing information systems, there should be a clear standard of measuring the effectiveness of the system together with the subsequent computer hardware and software (Champlain 2003).
In any business environment, service organizations and application vendors normally offer services that are very vital to the success of their client organizations (Champlain 2003). For this reason, any disruptions or interferences that may occur has the capability of significantly affecting the ability of client organizations negatively towards the process of serving or rather meeting the needs of the clients.In the event that a disruption or business interference of any kind lasts for an extended period of time, the client organization could find itself in a situation whereby it would start loosing customers and as a result, eventually suffer significant revenue losses (Champlain 2003). These kinds of disruptions that I am talking about could be as a direct result of the poor operating procedures that are being implemented within an organization, some outside competition, or even poor management decisions that may have been made at the vendor organization (Champlain 2003). At the end, these problems are likely to surface in the financial statements of these organizations. For these reasons, proper auditing systems and procedures have to be adopted by an organization to be able to attain its full potential especially in terms of monetary gains (Choi 2003).An auditing information system forms an integrated part of the SAP system whereby auditors work online in a production environment. To be able to use the system therefore all the relevant and required data has to be accessible online in a productive manner. This system was designed in a way that it has capability of meeting the auditing standards and requirements for both internal and external auditing (Cascarino 2007).Just as the auditing regulations dictate, the focus of the auditing information system is the general ledger. This is both the complete record of all business transactions and at the same time the basis on which yearly financial statements are prepared and published. The system allows each individual transaction to be accessed at any time through; the balance sheet, account figures, and line items (Cascarino 2007).
The audit information system has an acknowledged global international compatibility standard. SAP software boosts of an international implementation mechanism and therefore the auditing information system was therefore developed with focus being on meeting the auditing requirements that exist in various countries (Cascarino 2007).With time, it has been noticed that there is an increased and desperate need for auditors, information security professionals, managers, and audit committees. This group of professionals is very important to an organization since they are the ones in the best position to assess the risks and perform appropriate evaluation process of the controls over the computer information systems in any type of an organization (Champlain 2003).Many times these stakeholders find themselves in a situation whereby they are not quite informed and familiar with the various techniques they are supposed to use to be able to efficiently and effectively establish whether information systems are appropriately protected. In such a situation, auditing information system, second edition offers an easy and practical guide to auditing information systems that are applicable to all the computing environments that are available today (Champlain 2003).This second edition system offers the auditors with a mechanism very instrumental in the process of examining an organization's hardware, software, data protection and last but not least the processing methods (Champlain 2003). This examination process is very useful in ensuring that adequate controls and security are in place and at the same time it is quite important to note that prerequisite technical know-how is required for this process (Champlain 2003).According to Champlain, the basics of any computer system (i.e. the central processing unit, the operating system and the application programs) are what actually provide the tools that are required by every auditor to start the auditing process (Champlain 2003). The next phase of this process is therefore setting up and following a systematic approach for conducting information systems audit as well as detailing specific methods that the auditors can readily apply to their own institutions.It is important at this point to note that the audit information system, second edition focuses special attention towards the issues that are of most concern to the information managers today. In so doing it avails more than 80 case studies that demonstrate the way by which concepts can be applied in real-world situations.In the current business environment under which most organizations operate, information system integrity has become even more and more important than ever (Champlain 2003). This is despite the fact that network and enterprise resource planning (ERP) systems bring resources together and at the same time increased levels of privacy violations and international political volatility seem to threaten many organizations. In such environments, the auditing information system, second edition proves to be a very important invention. This is because of the fact that it empowers auditors, managers, audit committees, and information security personnel to effectively predict the how much the information systems control can adequately and effectively support the functions of an organization in terms security (Champlain 2003).The Audit Information System, second edition, provides a very clear and precise explanation concerning the appropriate method of auditing controls and security over all types of information systems environment. It equips the information security professionals, audit committee members and the managers who every skill level with the knowledge relevant to determine appropriately whether a computer system is safe.Auditing information system, second edition also provides the auditing personnel with the relevant equipments necessary to ensure that their job is done right. It provides insight into the current security certifications. At the same time, it also provides very important information on the importance of physical security controls, adequate insurance and digital surveillance systems.In any organization, auditors are usually tasked with the responsibility of reporting significant weaknesses to the applicable and relevant organization management and departments and thereafter providing or rather recommending appropriate solutions that can be applicable.