Audit Teknologi Sistem Informasi Di Era Transformasi Digital: Evaluasi Keamanan, Efektivitas, Dan Kepatuhan
Keywords:
Audit Teknologi Sistem Informasi, Integritas Data, ISACA IS Auditing StandardAbstract
Audit sistem informasi adalah proses pengumpulan dan penilaian bukti – bukti untuk menentukan apakah sistem komputer dapat mengamankan aset, memelihara integritas data, dapat mendorong pencapaian tujuan organisasi secara efektif dan menggunakan sumberdaya secara efisien. Ada beberapa aspek yang diperiksa pada audit sistem informasi yakni audit secara keseluruhan menyangkut efektifitas, efisiensi, availability system, reliability, confidentiality, dan integrity, aspek security, audit atas proses, modifikasi program, audit atas sumber data, dan data file. Audit sistem informasi sendiri merupakan gabungan dari berbagai macam ilmu, antara lain traditional audit, manajemen sistem informasi, sistem informasi akuntansi, ilmu komputer, dan behavioral science. Standar yang digunakan dalam meng audit sistem informasi adalah standar yang diterbitkan oleh ISACA yaitu ISACA IS Auditing Standard. Selain itu ISACA juga menerbitkan IS Auditing Guidance dan IS Auditing Procedure.
References
ISACA. (2014). IS Auditing Standard. ISACA.
Romney, M. B., & Steinbart, P. J. (2014). Accounting Information Systems (13th ed.). Pearson.
Bodnar, G. H., & Hopwood, W. S. (2013). Accounting Information Systems (11th ed.). Pearson.
Laudon, K. C., & Laudon, J. P. (2016). Management Information Systems: Managing the Digital Firm (14th ed.). Pearson.
Hall, J. A. (2015). Accounting Information Systems (9th ed.). Cengage Learning.
Whitman, M. E., & Mattord, H. J. (2018). Principles of Information Security (6th ed.). Cengage Learning.
Gordon, L. A., & Loeb, M. P. (2002). The Economics of Information Security Investment. ACM Transactions on Information and System Security (TISSEC), 5(4), 438-457.
Dhillon, G. (2007). Principles of Information Systems Security: Text and Cases. John Wiley & Sons.
Parker, D. B. (2007). Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare. Wiley.
Stoneburner, G., Goguen, A., & Feringa, A. (2002). Risk Management Guide for Information Technology Systems. NIST Special Publication 800-30.
Stallings, W., & Brown, L. (2015). Computer Security: Principles and Practice (3rd ed.). Pearson.
Leitch, M., & Warren, M. (2011). Information Security Management Handbook. CRC Press.
Debreceny, R. S., & Gray, G. L. (2011). IT Governance and Internal Audits. The CPA Journal, 81(8), 62-64.
Rezaee, Z. (2002). Financial Statement Fraud: Prevention and Detection. John Wiley & Sons.
Schneier, B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. W.W. Norton & Company.
Wallace, P. (2015). Information Systems in Today's Business Environment. Wiley.
Anderson, R. (2008). Security Engineering: A Guide to Building Dependable Distributed Systems (2nd ed.). Wiley.
Van Grembergen, W., De Haes, S., & Guldentops, E. (2004). Structures, Processes, and Relational Mechanisms for IT Governance: Theories and Practices. Idea Group Publishing.
Johnson, E. C. (2006). Security Awareness: Applying Practical Security in Your World. Elsevier.
Ross, S. (2015). Systemic Risk in the Financial System: A Look at the Role of Financial and Non-Financial Institutions in the 2007-2008 Credit Crisis. CFA Institute.
