14
2.2.2
Manfaat Audit Sistem Informasi
According
to
Dube
and
Gulati
(2005,
p12), the
importance
of
control
in
an
organization cannot be ignored at any given point of time. IS Auditors are regarded as
control advocates in the entire lifecycle of the software and hardware, auditors perform
important duties, which benefit the organization in several ways. Some
of
the
benefits
organizations receive are:
1. Mapping business control
with IT application
An IS auditor can help the organization in ensuring that the necessary business
controls are mapped into the application control. Whether the IS auditor should be
involved at the project stage of the application or not is a matter of debate, but from
the perspective of control it is advisable to involve the internal auditor at the project
stage.
This
way,
he/she
can
help
in
ensuring
that
necessary
controls
are
built
into
the system at the development stage itself. It must, however, be ensured that the same
auditor
is
not
allowed
to
conduct
a
post implementation
review/audit
of
that
application.
2. Business Process Re-engineering (BPR)
The
basic
difference
between
automation
and computerization
is
that
while
in
the
case
of
automation,
the
existing
manual
process
is
automated
using
computers,
in
the
case
of
computerization;
the
manual
process
is
re-engineered
and
then
automated
using
computers.
In
the
latter
case, while
the
absorption of
IT
is
more
effectively achieved, there is every likelihood that some basic control may be missed
or
forgotten
in
the
computerization
process,
which
can
have
serious
ramifications
for
the
organization.
For
this
reason,
the
IS
auditor
should
be
a
part
of
the
BPR
 |