Journal of Mobile, Embedded and Distributed Systems - JMEDS

In modern organizations, Information and Communication Technologies are used to support the organizations’ activities. To manage the quality of the organization processes, audit processes are implemented. Also, the audit processes can aim the quality of ICT systems themselves because their involvement in organization processes. The paper investigates the ways in which a quality management can be applied for audit processes in order to obtain a high level of quality for the audit recommendations.

ICT audit, quality management, quality implementation

ASRO, SR EN ISO 190011, Ghid pentru auditarea sistemelor de management al calităţii şi/sau de mediu, (July 2003)

P. Bowen, J. Hash and M. Wilson, Information Security Handbook: A Guide for Managers, National Institute Standards and Technology, October 2006

S. Capisizu, G. Noşca and M. Popa, Informatics Audit, The 37th International Scientific Symposium of METRA, Military Equipment and Technologies Research Agency, Bucharest, 25 – 26 May 2006, electronic format

International Standard ISO/IEC 17799, Information Technology – Security Techniques – Code of Practice for Information Security Management, Second Edition, 2005

IT Governance Institute, COBIT 4.1, 2007

I. Ivan, S. Capisizu and M. Popa, Tehnici şi metode de audit a programelor sursă, Educaţie şi Instruire – Calitate, Etică, Descentralizare, Tehnologia Informaţiei şi a comunicării – Ştiinţe exacte, ştiinţe ale naturii, 10 – 11 March 2006, Defense National University „Carol I” Printing House, Bucharest, 2006, pp. 41 – 46

M. Popa, Characteristics for Development of an Assessment System for Security Audit Processes, Economy Informatics, vol. 9, no. 1, 2009, pp. 55 – 62

M. Popa, Requirements for Development of an Assessment System for IT&C Security Audit, 2nd International Conference on Security for Information Technology and Communication (SECIT&C 2009), Journal of Information Technology & Communication Security, Academy of Economic Studies, Bucharest, 19 – 20 November 2009, ASE Publishing House, Bucharest, Romania, pp. 221 – 230

M. Popa, Framework for Compilers’ Security Audit, 1st International Conference on Security for Information Technology and Communication (SECIT&C 2008), Journal of Information Technology & Communication Security, Academy of Economic Studies, Bucharest, 27 – 28 November 2008, ASE Publishing House, Bucharest, Romania, pp. 93 – 99

M. Popa and F. Alecu, ERP Informatics System Audit, 2nd supplement Informatica Economică, 2006, pg. 109 – 116

M. Popa, F. Alecu and C. Amancei, Characteristics of the Audit Process for Information Systems, The Proceedings of the International Conference Competitiveness and European Integration – Business Information Systems & Collaborative Support Systems in Business, „Babeş-Bolyai” University, Cluj-Napoca, Romania, 26 – 27 October 2007, pp. 295 – 299

M. Popa and S. Capisizu, Using Quantitative Methods as Support for Audit of the Distributed Informatics Systems, Informatica Economică, vol. 14, no. 1(53), 2010, pp. 103 – 112

M. Popa and M. Doinea, Audit Characteristics for Information System Security, Informatica Economică, vol. 11, no. 4, 2007, pp. 103 – 106

M. Popa, M. Florescu and C. Bodea, Information System Quality Evaluation Based on Audit Processes, Proceedings of the 2008 International Conference of Information Engineering, Imperial College London, London, Great Britain, 2 – 4 July 2008, Newswood Limited, International Association of Engineers, 2008, pp. 494 - 496

M. Popa and A. Paraschiv, Premises for Development of an Assessment System for Security Audit of Distributed Information Systems, The Proceedings of the Ninth International Conference on Informatics in Economy – Section 7: Informatics Security, Academy of Economic Studies, Bucharest, Romania 07 – 08 May 2009, ASE Publishing House, Bucharest, pp. 827 – 832

M. Popa and C. Toma, Stages for Development the Audit Processes of the Distributed Informatics Systems, Journal of Applied Quantitative Methods, vol. 4, no. 3, 2009, pp. 359 – 371

M. Popa, C. Toma and C. Amancei, Characteristics of the Audit Processes for Distributed Informatics Systems, Informatica Economică, vol. 13, no. 3(51), 2009, pp. 165 – 178

SANS Institute, A Taxonomy of Information Systems Audits, Assessments and Reviews, 2007

T. W. Singleton, What Every IT Auditor Should Know About Controls: The CDLC, ISACA Journal, vol. 3, 2009

http://en.wikipedia.org/wiki/Quality_management

http://www.iso.org/iso/iso_catalogue/management_standards/iso_9000_iso_14000/qmp

http://en.kioskea.net/contents/qualite/qualite-introduction.php3

http://www.dti.gov.uk/quality/qms

http://www.isixsigma.com