Role of an auditing and reporting service in compliance management

Ramanathan, Jay; Cohen, Ron; Plassmann, E.; Ramamoorthy, K.

doi:10.1147/sj.462.0305

Cited by 4 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We found that much time is spent by both auditors and their service provider auditees on identifying and perusing documents, and undertaking interviews. Procuring information manually is generally perceived as a time-consuming and effort-intensive task (To et al, 2009;Ramanathan et al, 2007) and the interviews and think-aloud sessions suggest that audits of service providers in cross-organizational settings are no exception. Our research also indicates that satisfying the information needs of auditors is more challenging the greater the number of requirements and the wider the distribution of the IT landscape.…”

Section: Accessing the Information Held By Service Providersmentioning

confidence: 99%

Auditing service providers: supporting auditors in cross-organizational settings

Bachlechner

Thalmann²,

Manhart³

2014

Managerial Auditing Journal

View full text Add to dashboard Cite

If you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service information about how to choose which publication to write for and submission guidelines are available for all. Please visit www.emeraldinsight.com/authors for more information. About Emerald www.emeraldinsight.comEmerald is a global publisher linking research and practice to the benefit of society. The company manages a portfolio of more than 290 journals and over 2,350 books and book series volumes, as well as providing an extensive range of online products and additional customer resources and services.Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee on Publication Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive preservation. AbstractPurpose -The purpose of this paper is to shed light on the particular information needs of external auditors performing information technology (IT) audits at service providers in cross-organizational settings and to promote a software-based approach towards their satisfaction. The approach is intended to supplement the manual approaches currently adopted by auditors to procure information in such settings. Design/methodology/approach -The authors analyzed data collected by means of a series of 16 interviews and four think-aloud sessions with experienced professionals. Findings -Information procurement is perceived as tedious by auditors and largely relies on repeat interviews and perusal of documents. Given the growing complexity of cross-organizational settings, manual approaches to information procurement are reaching their limits. A considerable portion of the information required is often stored by service providers using software that is inaccessible to auditors. The authors argue that a software-based approach providing an interface for auditors to access relevant information held by such software presents an avenue worth exploring. Practical implications -The authors outline how the information stored by service providers using software can be made accessible with reasonable effort. Complementing manual approaches to information procurement with an audit interface would reduce workload and increase quality. Originality/value -The concept of an audit interface represents a novel and promising approach to meeting the information needs of auditors performing IT audits in cross-organizational settings more effectively. Both auditors and service providers would benefit from its implementation.

show abstract

Section: Accessing the Information Held By Service Providersmentioning

confidence: 99%

Auditing service providers: supporting auditors in cross-organizational settings

Bachlechner

Thalmann²,

Manhart³

2014

Managerial Auditing Journal

View full text Add to dashboard Cite

show abstract

“…Another key requirement is support for tamperproof audit-log documenting, which indicates how and when documents are accessed during their life cycle [34]. Besides logging document events, the audit-log component is also responsible for logging system-level events (e.g., node or component failures), configuration events (e.g., policy updates), and query requests submitted through the search interface.…”

Section: Address Compliance Requirements and Provide Securitymentioning

confidence: 99%

Archive storage system design for long-term storage of massive amounts of data

Bradshaw

Brannon

Clark³

et al. 2008

IBM J. Res. & Dev.

View full text Add to dashboard Cite

A dramatic shift is underway in how organizations use computer storage. This shift will have a profound impact on storage system design. The requirement for storage of traditional transactional data is being supplemented by the necessity to store information for long periods. In 2005, a total of 2,700 petabytes of storage was allocated worldwide for information that required long-term retention, and this amount is expected to grow to an estimated 27,200 petabytes by 2010. In this paper, we review the requirements for long-term storage of data and describe an innovative approach for developing a highly scalable and flexible archive storage system using commercial off-the-shelf (COTS) components. Such a system is expected to be capable of preserving data for decades, providing efficient policy-based management of the data, and allowing efficient search and access to data regardless of data content or location.

show abstract

IT-Compliance als Triebkraft von Leistungssteigerung und Wertbeitrag der IT

Böhm

2008

HMD

View full text Add to dashboard Cite

Role of an auditing and reporting service in compliance management

Cited by 4 publications

References 0 publications

Auditing service providers: supporting auditors in cross-organizational settings

Auditing service providers: supporting auditors in cross-organizational settings

Archive storage system design for long-term storage of massive amounts of data

IT-Compliance als Triebkraft von Leistungssteigerung und Wertbeitrag der IT

Contact Info

Product

Resources

About