Aplicación de un Modelo de Auditoría Continua Utilizando JD Edwards EnterpriseOne
Contenido principal del artículo
Resumen
Comúnmente los departamentos de Auditoría de Sistemas, en su plan anual asignan un alto número de horas y recursos para la revisión de la información generada por los módulos del ERP de la empresa, esto conlleva a dejar aspectos fundamentales en términos de riesgos tecnológicos, como son: EvAaluación del Gobierno TI, Revisión de Cuentas Privilegiadas, Análisis del DBMS, Revisión de DRP y BCM. En este artículo, se implementa un modelo de auditoría continua a cuatro empresas de Guayaquil que utilizan JD Edwards EnterpriseOne como ERP y se evalúa los resultados obtenidos en comparación a una auditoría tradicional de sistemas. Como resultado se obtuvo que el modelo de auditoría continua realiza una revisión completa del ERP, presentando resultados confiables, optimizando tiempo y recursos humanos.
Descargas
Detalles del artículo
Esta obra está bajo una licencia internacional Creative Commons Atribución-NoComercial 4.0.
INVESTIGATIO es de acceso abierto y el contenido está disponible de manera gratuita a través de su sitio web: http://revistas.uees.edu.ec/index.php/IRR/.
Para reforzar nuestra política de acceso abierto, la revista INVESTIGATIO se publica bajo una licencia Creative Commons Reconocimiento-No Comercial 4.0 Internacional (CC-BY-NC 4.0), la cual permite compartir (copiar y redistribuir el material en cualquier medio o formato) y adaptar (remezclar, transformar y crear a partir del material), bajo la condición de que se den los créditos correspondientes y no se haga uso comercial de los materiales.
Citas
AlDurgam, M. M., & Duffuas, S. 0.2013. Optimal joint maintenance and operation policies to maximise overall systems effectiveness. International Journal of Production Research, 1319-1330.
Alles, M., Kogan, A., & Vasarhelyi, M. A. (2002). Feasibility and economics of continuous assurance. Auditing: A Journal of Practice & Theory. 125-138.
Alles, M. G., Kogan, A., & Vasarhelyi, M. A. (2004). Restoring auditor credibility: Tertiary monitoring and logging of continuous assurance systems. International Journal of Accounting Information Systems 183-202.
Alles, M. G., Kogan, A., & Vasarhelyi, M. A. (2008). Putting continuous auditing theory into practice: Lessons from two pilot implementations. Journal of lnformation Systems 195-214.
Alles, M., Kogan, A. (2004). PrincipIes of analytic monitoring for continuous assurance. Journal of Emerging Technologies in Accounting 1-21.
Alles, M., Brennan, G., Kogan, A., & Vasarhelyi, M. A. (2006). Continuous monitoring of business process controls: A pilot implementation of a continuous auditing system at Siemens. International Journal of Accounting Information Systems 137-161.
Association of certified fraud Examiners (ACFE). (2012). Report to the Nations on occupational fraud and abuse. Obtenido de http://www.acfe.com/rttn-highlights.aspx
Behn, B. K., Searcy, D. L., & Woodroof, J. B. 2006. A within firm analysis of current and expected future audit lag determinants. Journal of lnformation Systems 65-86.
Best, P J., Rikhardson, P. & Toleman, M. (2009). Continuous fraud detection in enterprise systems through audit trail analysis. Journal of Digital Forensics, Security and Law 4.
Braun, R. L., & Davis, H. E. (2003). Computer-assisted audit tools and techniques: analysis and perspectives. Managerial Auditing Journal 725-731.
Cruz, J. E. (2014). Auditoria Continua como herramienta de control fiscal: Bases conceptuales para su aplicación en Fundacite-Lara. TEACS, 67-80.
Daigle, R. J., & Lampe, J. C. (2004). The impact of the risk of consequence on the relative demand for continuous online assurance. International Journal of Accounting Information Systems 313-340.
Debreceny, R. S., Jun-Jin Ng, J., Siow-Ping Lee, K., & Yau, W. (2005). Embedded audit modules in enterprise resource planning systems: Implementation and functionality. Journal of Information Systems 7-27.
Deloitte. (2010). Continuous monitoring and continuous auditing. Recuperado el 7 deciembre del 2015, de file:///C:/PAPER%20AUDITORJA%2OCONTINUA/deloitte%20us-aers-continuous-monitoring-and-continuous-auditing-whitepaper-102910.pdf.
Dzeng, S. C. (1994). A comparison of analytical procedures expectation models using both aggregate and disaggregate data. Auditing: A Journal of Practice y Theory 1-24.
Endurance America. (2015). Selecting and ERP System: a facts and figures case study. Obtenido de http://www.enduranceamerica.com/pdf/SelectingAnERPSystem.pdf.
Fogarty, J. (2005). Continuous Auditing: Can it Become a Reality and What is its Impact on Auditing Standards. Rutgers Tenth Continuous Auditing and Reporting Symposia. Newark, November.
Groomer, S. M., & Murthy, U. S. (1989). Continuous auditing of database applications: An embedded audit module approach. Journal of Information Systems 53-69.
Halper F. B. (1991). The continuous audit of online systems. Auditing: A Journal of Practice & Theory 110-125.
Henrickson, R. (2009). Practitioner Discussion of Principles and Problems of Audit Automation as a Precursor for Continuous Auditing. University of Waterloo Centre for Information Integrity and Information Systems Assurance. 6th Bi-Annual Research Symposium. Toronto, October.
Hirst, E., & Koonce, L. (1996). Audit analytical procedures: A field investigation. Contemporary Accounting Research.
Hunton, J. E., Mauldin, E. G., & Wheeler, P. R. (2008). Potential functional and dysfunctional effects of continuous monitoring. The Accounting Review 1551-1569.
Jans, M.,Alles, M., & Vasarhelyi, M. (2013). The case for process mining in auditing: Sources of value added and areas of application. International Journal of Accounting Information Systems 1-20.
Jans, M., Lybaert, N. & Vanhoof, K. (2010). Internal fraud risk reduction: Results of a data mining case study. International Journal of Accounting Informatiori Systems.
Knechel, W. R. (1986). Applications and implementation: A simulation study of the relative effectiveness of alternative analytical review procedures. Decision Sciences 376-394.
Knechel, W. R. (1988). The effectiveness of statistical analytical review as a substantive auditing procedure: A simulation analysis. The Accounting Review 74-95.
Kogan, A., Sudit, E. F, & Vasarhelyi. M. A. (1999). Continuous online auditing: A program of research. Journal of Information Systems 87-103.
Murthy, U. S., & Groomer, M. S. (2004). A continuous auditing web services model for XML-based accounting systems. International .Journal of Accounting Information Systems 139-163.
Murthy, U. 5. (2004). An analysis of the effects of continuous monitoring controls on e-commerce system performance. Journal of lnformation Systems 29-47.
Nucleus Research. (junio del 2011). Anatomy of a decision:SAP versus Oracle Jd Edwards Enterprise One. Obtenido de http://www.oracle.com/us/corporate/analystreports/enterprise-application/nucleus-sap-vs-jde-444844.pdf.
Organ, J., & Stapleton, L. (2015). Technologist engagement with risk management practices during systems development? Approaches, effectiveness and challenges. Al And Society, 13.
Pathak, J., Chaouch, B., & Sriram, R. (2005). Minimizing cost of continuous audit: Counting and time dependent strategies', Journal of Accounting and Public Policy, 61-75.
Pricewaterhousecoopers. (marzo del 2014). 2014 state of the internal audit profession study. Recuperado el 07 de diciembre del 2015, de http://www.pwc.com/m1/en/publications/documents/pwc-state-of-the-internal-audit-profession-2014.pdf.
Rourke, J. & Hickman, T. (2011). Bridge to Fusion Oracle Applications, Oracle.
Schwimer, C. & Green, J. (2012). Financial Consolidation, Reporting, and Analysis Solutions using JD Edwards, Oracle.
Singh, K. H., Best, P J. & Mula, J. M. (2013). Automating vendor fraud detection in enterprise systems. Journal of Digital Forensics, Security and Law.
The Institute of Internal Auditors. (2007). Memoria del año 2007. Recuperado el 08 de diciembre del 2015, de https://na.theiia.org/translations/PublicDocuments/2007%20Annual%20Report%20in%20Spanish.pdf.
Wettemann, R., & Moxie, A. (abril del 2015). Technology value matrix ERP Nucleus Research. Obtenido de http://www.oracle.com/us/corporate/analystreports/nucleus-tech-value-matrix-erp-2519623.pdf .