دانلود رایگان مقاله انگلیسی حسابرسی مستمر برنامه های پایگاه داده - امرالد 2018

Abstract

This paper demonstrates an approach to address the unique control and security concerns in database environments by using audit modules embedded into application programs. Embedded audit modules (EAM) are sections of code built into application programs that capture information of audit significance on a continuous basis. The implementation of EAMs is presented using INGRESS a relational database management system. An interface which enables the auditor to access audit-related information stored in the database is also presented. The use of EAMs as an audit tool for compliance and substantive testing is discussed. Advantages and disadvantages of employing EAMs in database environments and future directions in this line of research are discussed.

Conclusion

The approach described above, using EAMs in database environments, is important in that it demonstrates the feasibility of addressing the idiosyncratic control and security concerns relative to DBMS-driven applications. In addition, the approach illustrates how audits of such applications can be performed in an efficient manner. A superior approach would be to use the DDL to specify permits and integrity constraints, if information on violations could be captured as they occur. Future developments in database definition and manipulation languages may incorporate such features, which would obviate the need to embed audit modules in application programs. Further research should investigate whether auditors are more attuned now to the special control and security problems present in database environments. The cost-benefit aspect of using EAMs should also be addressed. Specifically, the impact on system performance of incorporating audit modules should be investigated. There are suggestions in the literature that auditors should be more involved in the design of accounting systems [e.g., Grabski, 1986]. As indicated in the previous section, we suggest that auditors should propose the implementation of EAMs in application programs to capture and store information of audit significance on a continuous basis. Further research could investigate whether the utilization of more efficient concurrent auditing techniques (i.e., EAMs) leads to decreased audit risk in the environment of complex database accounting systems.