The evaluation of information systems: a protocol for assembling information auditing packages

摘要

This paper asserts that information auditing has a distinct and increasingly important role in information systems management. It re-examines the nature of auditing and identifies a variety of features which an information auditing methodology should contain and standards which audits should demonstrably attain. Descriptions of auditing techniques are examined for these features; it is noted that many do not include all of the identified features. The necessary breadth of auditing techniques, required to fulfil a wide variety of objectives, is noted. It is argued that the wider acceptance of auditing requires each application to explicitly show that its elements are coherent and relevant. A protocol is proposed by which existing techniques can be used to assemble coherent and purposeful audits in a wide variety of applications.