A decision support system for selecting IT audit areas using a capital budgeting approach
Pieters, Dewald Philip
MetadataShow full item record
Internal audit departments strive to control risk within an organization. To do this they choose specific audit areas to include in an audit plan. In order to select areas, they usually focus on those areas with the highest risk. Even though high risk areas are considered, there are various other restrictions such as resource constraints (in terms of funds, manpower and hours) that must also be considered. In some cases, management might also have special requirements. Traditionally this area selection process is conducted using manual processes and requires significant decision maker experience. This makes it difficult to take all possibilities into consideration while also catering for all resource constraints and special management requirements. In this study, mathematical techniques used in capital budgeting problems are explored to solve the IT audit area selection problem. A DSS is developed which implements some of these mathematical techniques such as a linear programming model, greedy heuristic, improved greedy heuristic and evolutionary heuristic. The DSS also implements extensions to the standard capital budgeting model to make provision for special management requirements. The performance of the mathematical techniques in the DSS is tested by applying different decision rules to each of the techniques and comparing those results. The DSS, empirical experiments and results are also presented in this research study. Results have shown that in most cases a binary 0-1 model outperformed the other techniques. Internal audit management should therefore consider this model to assist with the construction of an IT internal audit plan.
- Engineering