Information Auditing Internal auditors are one group that can play a very important role when developing computer ethics. Companies of all sizes rely on external auditors from outside the organisation to verify the accuracy of accounting records. Larger companies have a separate staff of internal auditors, who perform the same analyses as external auditors but have broader responsibilities. Not only internal auditors, but some external auditors also perform some types of internal audits and oversee the work of internal auditors. However, due to the Enron incident, this did not continue. This practice was one of Arthur Andersen's failures with Enron.The Securities and Exchange Commission has set limits on the amount of internal auditing that can be performed by external audit.The appropriate way to place internal audit in the organisation with the board of directors includes an audit committee, which defines the responsibilities of the internal audit department and receives most of the audit reports.Also, a director of internal audit is in charge of managing the internal audit department and usually reports to the CEO or finance director.Internal audit's high-level position in the organisation keeps it respected as an important activity and gains the cooperation of managers at all levels. The Importance of Objectivity The unique thing internal auditors offer is objectivity, in that they operate independently of the company's business units and have no relationships with other individuals or groups within the company. Their only involvement is with the board, CEO, and CFO. In order for auditors to maintain objectivity, they must declare that they do not want operational responsibility for the systems they help develop, working only in an advisory capacity. In addition, they also make recommendations to management and management decides whether to implement those recommendations. Types of Audit Activities There are four basic types of internal audit activities, namely: 1) Financial audit which is tasked with verifying company records and is the type of activity that external auditors perform. In some tasks, internal auditors work closely with external auditors. On other tasks, internal auditors perform all audit work themselves. 2) Operational audit Operational audits are not performed to verify the accuracy of records, but rather to validate the effectiveness of procedures. This type of audit is the type of work performed by system analysts at the analysis stage of the system design cycle. The system being studied is always virtual rather than physical, but does not necessarily involve computers.When internal auditors conduct operational audits, they look for three basic system features:
- Adequacy of controls - Efficiency - Compliance with company policy 3) Concurrent Audit For example, internal auditors can randomly select employees and give them pay slips without using the company's correspondence system. Internal Control System Design In both operational and concurrent audits, internal auditors study the existing system. Auditors should not wait until the system is implemented to influence the system. Internal auditors should actively participate in system design for two reasons: because the cost of correcting system weaknesses increases dramatically over the system's life cycle and because involving internal auditors in system design offers expertise that can improve the quality of the system. Internal Audit Subsystem A typical architecture includes an input subsystem that feeds data into the database. Involving internal auditors in the system design team is one good step towards having a well-controlled information system, and it is a good step towards giving information management what they need to achieve and manage ethical business operations. Implementing Ethics in Information Technology Assistance in the form of codes of conduct and ethics education programmes can provide the foundation for such a culture. Education programmes can help establish a company credo and put ethics programmes in place. Codes of conduct can be used as is or customised to suit the company. Code of Ethics The Association for Computing Machinery (ACM) is the oldest computer organisation in the country, founded in 1947.