Over the time, IT systems have constantly evolved and for this reason IT systems must undergo periodic audit procedures to see if they enable the achievement of a company's strategic objectives and the efficient use of IT resources. The main purpose of the paper is to investigate how the audit mission is carried out on IT systems (ERP systems) within a company that provides accounting, consulting, payroll and audit services. The role of these IT systems (ERP systems) is to ensure the correct and complete integration of information within a company. ERP systems provide the perfect maintenance of the internal control system, but also the ability of managers to analyse the information provided by these IT systems as correctly as possible. In this article, the author made a case study, analysing the risks of an IT system of a company that offers accounting services using the MEHARI technique. The results obtained showed that the systems are effective and would withstand cyber-attacks, but could be less resistant in terms of specialized attacks (well-equipped hackers, professional spies).
Read full abstract