Description

The design of accounting systems and the design of auditing procedures and programs have generally been looked at as independent challenges. Accounting systems deal with recording of transactions while auditing focuses on test compliance. Consequently, the design of accounting systems and the design of auditing programs have been considered almost orthogonal processes. The development of databases and data processing systems have made this view of the world untenable because commonsense controls that make manual accounting systems amenable to efficient audits are not available in accounting systems. It is imperative that one unified model form the basis for the design of accounting systems and auditing programs. We present the criteria for such a model with illustration of Petrinet. The model is informed by developments in databases, workflow modeling in Information Engineering, Role Based Access Control modeling in computer systems, and the principles of mandatory and discretionary controls in security systems.

Share

COinS
 

On the Modeling of Accounting Information Systems and Auditing

The design of accounting systems and the design of auditing procedures and programs have generally been looked at as independent challenges. Accounting systems deal with recording of transactions while auditing focuses on test compliance. Consequently, the design of accounting systems and the design of auditing programs have been considered almost orthogonal processes. The development of databases and data processing systems have made this view of the world untenable because commonsense controls that make manual accounting systems amenable to efficient audits are not available in accounting systems. It is imperative that one unified model form the basis for the design of accounting systems and auditing programs. We present the criteria for such a model with illustration of Petrinet. The model is informed by developments in databases, workflow modeling in Information Engineering, Role Based Access Control modeling in computer systems, and the principles of mandatory and discretionary controls in security systems.