The information audit : principles and guidelines

Abstract

Auditing is a recognised management technique. It provides managers with an overview of the present situation regarding specific resource(s) and services within an organisation. Many different types of audits currently exist in the commercial world. Over the last number of years the focus of audits has shifted from a purely financial one to an interest in all activities performed in organisations, including information resources. Currently, as far as the researcher could determine, there exists no single accepted methodology for performing an information audit. Methodologies differ from organisation to organisation, depending on the purpose of the specific audit. In view of this researcher investigates whether it is possible (and desirable) to develop a standardised methodology for information auditing, by investigating the nature and characteristics of a typical information audit as well as a number of other audit types, e.g. the financial audit, which is a very good example of a standardised audit methodology. Furthermore, the researcher discusses a number of terms and processes that have some connection to the process of information auditing, to a lesser or greater extent. These types of audits and processes are discussed with a view to indicating their applicability to designing an information audit methodology. These include the communication audit because of its focus on organisational information flow patterns; Information mapping, because of its focus on the identification and use of information resources; the information systems audit for its focus on the way in which technological tools are used to manage information resources (although implicitly); the knowledge audit follows logically on information management and information auditing (cf. explanation at the beginning of Chapter 3); and the intelligence audit for its relationship with both information and knowledge management. The researcher concludes that none of these is the same as the information audit, though similarities exist. The information audit is discussed by focusing on its aims, the benefits derived from performing an information audit, and the role of the information audit in the information management process. Various information audit methodologies are discussed, evaluated and classified. The researcher comes to the conclusion that even though the principles of the financial audit cannot be used to develop a standardised methodology for information auditing, information professionals can look towards the accounting profession to support them in developing a standardised, universally accepted method for accurately determining the value of information entities. In conclusion, guidelines for a standardised information audit methodology are listed.