Methods and Techniques of Quality Management for ICT Audit Processes
Keywords:
ICT audit, quality management, quality implementationAbstract
In modern organizations, Information and Communication Technologies are used to support the organizations’ activities. To manage the quality of the organization processes, audit processes are implemented. Also, the audit processes can aim the quality of ICT systems themselves because their involvement in organization processes. The paper investigates the ways in which a quality management can be applied for audit processes in order to obtain a high level of quality for the audit recommendations.References
ASRO, SR EN ISO 190011, Ghid pentru auditarea sistemelor de management al calităţii şi/sau de mediu, (July 2003)
P. Bowen, J. Hash and M. Wilson, Information Security Handbook: A Guide for Managers, National Institute Standards and Technology, October 2006
S. Capisizu, G. Noşca and M. Popa, Informatics Audit, The 37th International Scientific Symposium of METRA, Military Equipment and Technologies Research Agency, Bucharest, 25 – 26 May 2006, electronic format
International Standard ISO/IEC 17799, Information Technology – Security Techniques – Code of Practice for Information Security Management, Second Edition, 2005
IT Governance Institute, COBIT 4.1, 2007
I. Ivan, S. Capisizu and M. Popa, Tehnici şi metode de audit a programelor sursă, Educaţie şi Instruire – Calitate, Etică, Descentralizare, Tehnologia Informaţiei şi a comunicării – Ştiinţe exacte, ştiinţe ale naturii, 10 – 11 March 2006, Defense National University „Carol I” Printing House, Bucharest, 2006, pp. 41 – 46
M. Popa, Characteristics for Development of an Assessment System for Security Audit Processes, Economy Informatics, vol. 9, no. 1, 2009, pp. 55 – 62
M. Popa, Requirements for Development of an Assessment System for IT&C Security Audit, 2nd International Conference on Security for Information Technology and Communication (SECIT&C 2009), Journal of Information Technology & Communication Security, Academy of Economic Studies, Bucharest, 19 – 20 November 2009, ASE Publishing House, Bucharest, Romania, pp. 221 – 230
M. Popa, Framework for Compilers’ Security Audit, 1st International Conference on Security for Information Technology and Communication (SECIT&C 2008), Journal of Information Technology & Communication Security, Academy of Economic Studies, Bucharest, 27 – 28 November 2008, ASE Publishing House, Bucharest, Romania, pp. 93 – 99
M. Popa and F. Alecu, ERP Informatics System Audit, 2nd supplement Informatica Economică, 2006, pg. 109 – 116
M. Popa, F. Alecu and C. Amancei, Characteristics of the Audit Process for Information Systems, The Proceedings of the International Conference Competitiveness and European Integration – Business Information Systems & Collaborative Support Systems in Business, „Babeş-Bolyai” University, Cluj-Napoca, Romania, 26 – 27 October 2007, pp. 295 – 299
M. Popa and S. Capisizu, Using Quantitative Methods as Support for Audit of the Distributed Informatics Systems, Informatica Economică, vol. 14, no. 1(53), 2010, pp. 103 – 112
M. Popa and M. Doinea, Audit Characteristics for Information System Security, Informatica Economică, vol. 11, no. 4, 2007, pp. 103 – 106
M. Popa, M. Florescu and C. Bodea, Information System Quality Evaluation Based on Audit Processes, Proceedings of the 2008 International Conference of Information Engineering, Imperial College London, London, Great Britain, 2 – 4 July 2008, Newswood Limited, International Association of Engineers, 2008, pp. 494 - 496
M. Popa and A. Paraschiv, Premises for Development of an Assessment System for Security Audit of Distributed Information Systems, The Proceedings of the Ninth International Conference on Informatics in Economy – Section 7: Informatics Security, Academy of Economic Studies, Bucharest, Romania 07 – 08 May 2009, ASE Publishing House, Bucharest, pp. 827 – 832
M. Popa and C. Toma, Stages for Development the Audit Processes of the Distributed Informatics Systems, Journal of Applied Quantitative Methods, vol. 4, no. 3, 2009, pp. 359 – 371
M. Popa, C. Toma and C. Amancei, Characteristics of the Audit Processes for Distributed Informatics Systems, Informatica Economică, vol. 13, no. 3(51), 2009, pp. 165 – 178
SANS Institute, A Taxonomy of Information Systems Audits, Assessments and Reviews, 2007
T. W. Singleton, What Every IT Auditor Should Know About Controls: The CDLC, ISACA Journal, vol. 3, 2009
http://en.wikipedia.org/wiki/Quality_management
http://www.iso.org/iso/iso_catalogue/management_standards/iso_9000_iso_14000/qmp
http://en.kioskea.net/contents/qualite/qualite-introduction.php3
Downloads
Published
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
- The author(s) is responsible for the correctness and legality of the paper content.
- Papers that are copyrighted or published will not be taken into consideration for publication in JMEDS It is the author(s) responsibility to ensure that the paper does not cause any copyright infringements and other problems.
- It is the responsibility of the author(s) to obtain all necessary copyright release permissions for the use of any copyrighted materials in the paper prior to the submission.
- The Author(s) retains the right to reuse any portion of the paper, in future works, including books, lectures and presentations in all media, with the condition that the publication by JMEDS is properly credited and referenced.
JMEDS articles by Journal of Mobile, Embedded and Distributed Systems (JMEDS) is licensed under a Creative Commons Attribution 4.0 International License.
Based on a work at http://jmeds.eu.
Permissions beyond the scope of this license may be available at http://jmeds.eu/index.php/jmeds/about/submissions#copyrightNotice.