Auditing SAP R/3 - Control risk assessment

Australian Accounting Review

Volumn 10, Issue 22, 2000, Pages 31-42

  Best, Peter ^a  

^a QUEENSLAND UNIVERSITY OF TECHNOLOGY   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 80055052043     PISSN: 10356908     EISSN: 18352561     Source Type: Journal    
DOI: 10.1111/j.1835-2561.2000.tb00068.x     Document Type: Article

References (28)

1. Abdolmohammadi, M.J., 1987, “Decision Support and Expert Systems in Auditing: A Review and Research Directions”, Accounting and Business Research, Vol. 17, No. 66: 173-85.
2. Albrecht, W., K. Howe., and M. Romney., 1984, Deterring Fraud: The Internal Auditor’s Perspective, The Institute of Internal Auditors Research Foundation, Altamonte Springs, Florida.
3. Arens, A.A., P.J. Best., G.E.P. Shailer., and J. K. Loebbecke., 1997, Auditing in Australia: an Integrated Approach, Fourth Edition, Prentice-Hall, Sydney.
4. ASAP World Consultancy, 1997, Using SAP R/3, 2nd edn., Que, Henley on Thames.
5. Ashton, R., 1974, “An experimental study of internal control judgements”, Journal of Accounting Research, Vol. 12, No. 1, Spring: 143-57.
6. Ashton, R., and R. Brown., 1980, “Descriptive modelling of auditor’s internal control judgements: replication and extension”, Journal of Accounting Research, Vol. 18, No. 1, Spring: 269-77.
7. Australian National Audit Office, 1998, Security and Control for SAP R/3, Commonwealth of Australia.
8. Best, P.J., G. Mohay., and A. Anderson., 1997, “MIATA: A Machine Independent Audit Trail Analyser”, Australian Computer Journal, Vol. 29, No. 2, May: 57-63.
9. Connell, N.A.D., 1987, “Expert Systems in Accountancy: A Review of Some Recent Applications”, Accounting and Business Research, Vol. 17, No. 67: 221-33.
10. Daniels, T.E., and E.H. Spafford., 1999, “Identification of Host Audit Data to Detect Attacks on Low-Level IP Vulnerabilities”, Journal of Computer Security, Vol. 7, No. 1: 3-35.
11. Denning, D.E., 1987, “An Intrusion Detection Model”, IEEE Transactions on Software Engineering, Vol. SE-13, No. 2: 222-32.
12. Ernst & Young, 1995, Audit, Control, and Security Features of SAP R/3.
13. Gilbert, A., 2000, “ERP Vendors Look at Rebound After Slowdown”, Informationweek, No. 773, 14 February: 98-100.
14. Hamilton, R., and W. Wright., 1982, “Internal control judgments and effects of experience: replications and extensions”, Journal of Accounting Research, Vol. 20, No. 2, Autumn: 756-65.
15. Hellerstein, J.L., D.A. Klein., and K.R. Milliken., 1990, Expert Systems in Data Processing, Addison-Wesley, Reading, MA.
16. Institute of Internal Auditors, 1997, SAP R/3: Its Use, Control, and Audit, Institute of Internal Auditors Research Foundation, Altamonte Springs, Florida.
17. Jagannathan, R., T. Lunt., D. Anderson., C. Dodd., F. Gilham., C. Jalali., H. Javitz., P. Neumann., A. Tamaru., and A. Valdes., 1993, “System Design Document: Next-Generation Intrusion Detection Expert System (NIDES)", technical report, SRI International, Menlo Park, CA.
18. McAuliffe, N., D. Wolcott., L. Schaefer., N. Kelem., B. Hubbard., and T. Haley., 1990, “Is Your Computer Being Misused? A Survey of Current Intrusion Detection System Technology”, proceedings of 6th Annual Computer Security Applications Conference, IEEE Computer Society Press, Tucson, Arizona: 260-72.
19. Metzger, S.M., and S. Roehrs., 2000, SAP R/3 Change and Transport Management: The Official SAP Guide, Sybex, London.
20. Mounji, A., and B. Le Charlier., 1997, “Continuous Assessment of a Unix Configuration: Integrating Intrusion Detection and Configuration Analysis”, proceedings of the ISOC’97 Symposium on Network and Distributed System Security, San Diego, California.
21. Norris, G., I. Wright., J.R. Hurley., J. Dunleavy., and A. Gibson., 1998, SAP: An Executive’s Comprehensive Guide, Wiley, New York.
22. Quinlan, J.R., (ed.), 1989, Applications of Expert Systems: Volume 2, Addison-Wesley, Sydney.
23. Smaha, S.E., 1988, “Haystack: An Intrusion Detection System”, 4th Aerospace Computer Security Applications Conference.
24. Srinidhi, B., 1994, “The influence of segregation of duties on internal control judgements”, Journal of Accounting, Auditing & Finance, Vol. 9, No. 3: 423-44.
25. van Dijk, J.C., and P. Williams., 1990, Expert Systems in Auditing, Stockton Press, New York.
26. Watney, D.A., and P.B.B. Turney., 1990, Auditing EDP Systems, 2nd edn., Prentice-Hall, Englewood Cliffs, NJ.
27. Weber, R., 1999, Information Systems Control and Audit, Prentice-Hall, Upper Saddle River, NJ.
28. Wright, M., 1999, Audit Guide No. 5 Auditing in an IT Systems Environment, Australian Accounting Research Foundation, Caulfield, Victoria.