An audit approach of the information systems auditor in an electronic commerce environment with emphasis on internet payment security

Show simple item record

dc.contributor.advisor Gloeck, Juergen D. (Juergen Dieter), 1956- en
dc.contributor.postgraduate Bezuidenhout, Pieter Stefan en
dc.date.accessioned 2013-09-07T11:33:35Z
dc.date.available 2005-08-24 en
dc.date.available 2013-09-07T11:33:35Z
dc.date.created 2003-04-01 en
dc.date.issued 2006-08-24 en
dc.date.submitted 2005-08-22 en
dc.description Dissertation (MCom (Computer Auditing))--University of Pretoria, 2006. en
dc.description.abstract Electronic Commerce (EC) is a growing business option and due to the “openness” of the underlying technologies used for EC, introduces new risks and new technologies that require sophisticated and sometimes very technical controls to be implemented. The role of the IS auditors is to ensure that they are technically competent to understand the impact of new technologies on the control environment and at the same time IS auditors need to be able to communicate the audit results to non-technical management. In this study the following framework, supported by detailed information and procedures for each step, is provided to assist the IS auditor to formulate an appropriate audit approach for an EC payment security audit: <ul> <li>-- Gathering of background information related to EC payment security.</li> <li>-- Highlighting the risks in this environment.</li> <li>-- Identifying possible controls that will minimise the risks.</li> <li>-- Attending to various audit considerations that should be addressed by the IS auditor (these considerations are based on the underlying technologies, general controls, and ED-specific issues e.g., PKI, digital certificates, etc.</li> </ul> The study highlighted the fact that the IS auditors should understand that they can not be experts in all the different technologies related to EC payment security. They should, however, equip themselves with the knowledge to understand the risks involved with new technologies and they should have a sufficiently in depth background exposure to technology to understand the controls required to address the risks. Results of previous audit procedures also play a significant role in shaping the IS auditor’s approach when auditing in an EC payment security environment. This thesis provides the IS auditor with a holistic approach to an EC payment security audit. After considering and implementing the elements of the framework developed in this study in an EC payment security audit, the IS auditor has to perform the actual audit tests, evaluate the results, and report the finding. Detailed audit considerations have also been provided to assist the IS auditor in collecting information and in developing an audit program. Copyright 2002, University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. Please cite as follows: Bezuidenhout, PS 2002, An audit approach of the information systems auditor in an electronic commerce environment with emphasis on internet payment security, MCom dissertation, University of Pretoria, Pretoria, viewed yymmdd < http://upetd.up.ac.za/thesis/available/etd-08222005-120314/ > en
dc.description.availability unrestricted en
dc.description.department Auditing en
dc.identifier.citation Bezuidenhout, P 2003, An audit approach of the information systems auditor in an electronic commerce environment with emphasis on internet payment security, MCom dissertation, University of Pretoria, Pretoria, viewed yymmdd < http://hdl.handle.net/2263/27451 > en
dc.identifier.upetdurl http://upetd.up.ac.za/thesis/available/etd-08222005-120314/ en
dc.identifier.uri http://hdl.handle.net/2263/27451
dc.language.iso en
dc.publisher University of Pretoria en_ZA
dc.rights © 2003, University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. en
dc.subject Electronic commerce security measures en
dc.subject Electronic commerce auditing en
dc.subject UCTD en_US
dc.title An audit approach of the information systems auditor in an electronic commerce environment with emphasis on internet payment security en
dc.type Dissertation en


Files in this item

This item appears in the following Collection(s)

Show simple item record