CIMA Official Learning System P3 — Performance Strategy （9）Information Systems Control and Auditing

L EARNING O UTCOMES
After completing this chapter you should be able to:
? Recommend improvements to the control of information systems.
? Evaluate specifi c problems and opportunities associated with the audit and con-
trol of systems which use information technology.
9.1 Introduction
Following from Chapter 8, the main purpose of this chapter is to describe methods of
internal control and auditing in an information systems environment. The chapter begins
with the framework of information security and reviews models of internal control in an
IS environment. It also considers various control strategies and classifi cations, focusing on
general controls, application controls, software controls and network controls. The chap-
ter then considers internal controls and methods of auditing computer systems including
computer assisted auditing techniques.