Chapter 12 - Monitoring and auditing AIS. After completing this chapter, students will be able to: Understand the risks involved with computer hardware and software, understand and apply computer-assisted audit techniques, explain continuous auditing in AIS. | Chapter 12 Monitoring and Auditing AIS Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education. Learning Objectives LO#1 Understand the risks involved with computer hardware and software. LO#2 Understand and apply computer-assisted audit techniques. LO#3 Explain continuous auditing in AIS. 12-2 2 Computer hardware and Software Operating System (OS) (the most important system software) Database Systems Local Networks (LANs) Wide Area Networks (WANs) Virtual Private Networks (VPNs) Wireless Networks Remote Access LO# 1 12-3 Operating System (OS) To ensure the integrity of the system To control the flow of multiprogramming and tasks of scheduling in the computer To allocate computer resources to users and applications To manage the interfaces with the computer LO# 1 12-4 Operating System (OS) (Contd.) Five fundamental control objectives: Protect itself from users Protect users from each other Protect users from themselves Be protected from itself Be protected from its environment Operating system security should be included as part of IT governance in establishing proper policies and procedures for IT controls. LO# 1 12-5 Database Systems A database is a shared collection of logically related data which meets the information needs of a firm. A data warehouse is a centralized collection of firm-wide data for a relatively long period of time. Operational databases is for daily operations and often includes data for the current fiscal year only. Data mining is the process of searching for patterns in the data in a data warehouse and data analyzing these patterns for decision making. (OLAP) Data governance is the convergence of data quality, data management, data policies, business process management, and risk management surrounding the handling of data in a firm. LO# 1 12-6 LANs A local area network (LAN): a group of computers, printers, and other devices connected to the . | Chapter 12 Monitoring and Auditing AIS Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education. Learning Objectives LO#1 Understand the risks involved with computer hardware and software. LO#2 Understand and apply computer-assisted audit techniques. LO#3 Explain continuous auditing in AIS. 12-2 2 Computer hardware and Software Operating System (OS) (the most important system software) Database Systems Local Networks (LANs) Wide Area Networks (WANs) Virtual Private Networks (VPNs) Wireless Networks Remote Access LO# 1 12-3 Operating System (OS) To ensure the integrity of the system To control the flow of multiprogramming and tasks of scheduling in the computer To allocate computer resources to users and applications To manage the interfaces with the computer LO# 1 12-4 Operating System (OS) (Contd.) Five fundamental control objectives: Protect itself from users Protect users from each .