- Title
- Information technology audits in South African higher education institutions
- Creator
- Angus, Lynne
- ThesisAdvisor
- Bradshaw, Karen
- Subject
- Electronic data processing -- Auditing
- Subject
- Delphi method
- Subject
- Education, Higher -- Computer networks -- Security measures
- Subject
- Information technology -- Security measures
- Subject
- COBIT (Information technology management standard)
- Subject
- IT infrastructure library
- Subject
- International Organization for Standardization
- Date
- 2013
- Date
- 2013-09-11
- Type
- Thesis
- Type
- Masters
- Type
- MSc
- Identifier
- vital:4615
- Identifier
- http://hdl.handle.net/10962/d1006023
- Identifier
- Electronic data processing -- Auditing
- Identifier
- Delphi method
- Identifier
- Education, Higher -- Computer networks -- Security measures
- Identifier
- Information technology -- Security measures
- Identifier
- COBIT (Information technology management standard)
- Identifier
- IT infrastructure library
- Identifier
- International Organization for Standardization
- Description
- The use of technology for competitive advantage has become a necessity, not only for corporate organisations, but for higher education institutions (HEIs) as well. Consequently, corporate organisations and HEIs alike must be equipped to protect against the pervasive nature of technology. To do this, they implement controls and undergo audits to ensure these controls are implemented correctly. Although HEIs are a different kind of entity to corporate organisations, HEI information technology (IT) audits are based on the same criteria as those for corporate organisations. The primary aim of this research, therefore, was to develop a set of IT control criteria that are relevant to be tested in IT audits for South African HEIs. The research method used was the Delphi technique. Data was collected, analysed, and used as feedback on which to progress to the next round of data collection. Two lists were obtained: a list of the top IT controls relevant to be tested at any organisation, and a list of the top IT controls relevant to be tested at a South African HEI. Comparison of the two lists shows that although there are some differences in the ranking of criteria used to audit corporate organisations as opposed to HEIs, the final two lists of criteria do not differ significantly. Therefore, it was shown that the same broad IT controls are required to be tested in an IT audit for a South African HEI. However, this research suggests that the risk weighting put on particular IT controls should possibly differ for HEIs, as HEIs face differing IT risks. If further studies can be established which cater for more specific controls, then the combined effect of this study and future ones will be a valuable contribution to knowledge for IT audits in a South African higher education context.
- Format
- 125 leaves, pdf
- Publisher
- Rhodes University, Faculty of Science, Computer Science
- Language
- English
- Rights
- Angus, Lynne
- Hits: 2490
- Visitors: 2584
- Downloads: 193
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details | SOURCEPDF | 1 MB | Adobe Acrobat PDF | View Details |