Position Paper: Cybercommerce: A Risk Perspective
POSITION PAPER on:
Information Technology Auditing and Cybercommerce: A Risk Perspective by: Catherine L. Talita
I. SUMMARY OF ARTICLE
______________________________________________________________________________
Exponential growth of the Internet and the transmission bandwidth of the communication carrier is transforming the way businesses operate and communicate. In this technology-centric world, customers, partners, suppliers and employees are demanding unparalleled levels of service, collaboration and communications, to compete in the emerging market place. Technology has become so advanced and IT auditing advances as well. However, the fact still remains that even if technology has become very advanced risks and potential harm to integrity and accuracy of the data still remains especially in cyber commerce. Cyber commerce has three categories which are business-to-business (B2B), business-to-customers (B2C) and mobile commerce (m-commerce). Today, the term “e-commerce” includes all commercial activities performed through information technology and communication engineering, such as the Internet, virtual private networks (VPNs), automated teller machines (ATMs), electronic fund transfers (EFTs), electronic data interchange (EDI), e-supply chain management (e-SCM) and e-customer relationship management. E-commerce is now a trend and IT auditors must audit them to minimize the threats and risks that come with it. IT auditors look into existing internal controls, which might not have been optimized for the best results. There are several reasons why internal control cannot provide absolute assurance that objectives will be achieved: cost-benefit realities, collusion among employees and external events beyond an organization’s control.
To be able to provide ample assurance, the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accounts (CICA) comply organizations to obtain and maintain the
Information Technology Auditing and Cybercommerce: A Risk Perspective by: Catherine L. Talita
I. SUMMARY OF ARTICLE
______________________________________________________________________________
Exponential growth of the Internet and the transmission bandwidth of the communication carrier is transforming the way businesses operate and communicate. In this technology-centric world, customers, partners, suppliers and employees are demanding unparalleled levels of service, collaboration and communications, to compete in the emerging market place. Technology has become so advanced and IT auditing advances as well. However, the fact still remains that even if technology has become very advanced risks and potential harm to integrity and accuracy of the data still remains especially in cyber commerce. Cyber commerce has three categories which are business-to-business (B2B), business-to-customers (B2C) and mobile commerce (m-commerce). Today, the term “e-commerce” includes all commercial activities performed through information technology and communication engineering, such as the Internet, virtual private networks (VPNs), automated teller machines (ATMs), electronic fund transfers (EFTs), electronic data interchange (EDI), e-supply chain management (e-SCM) and e-customer relationship management. E-commerce is now a trend and IT auditors must audit them to minimize the threats and risks that come with it. IT auditors look into existing internal controls, which might not have been optimized for the best results. There are several reasons why internal control cannot provide absolute assurance that objectives will be achieved: cost-benefit realities, collusion among employees and external events beyond an organization’s control.
To be able to provide ample assurance, the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accounts (CICA) comply organizations to obtain and maintain the