INFORMATION AUDITING - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

INFORMATION AUDITING

Description:

INFORMATION AUDITING INTRODUCTION Information exists in all agencies in many forms: as paper records, in computer databases, in libraries, in personal journals and ... – PowerPoint PPT presentation

Number of Views:148
Avg rating:3.0/5.0
Slides: 23
Provided by: opiniWiki
Category:

less

Transcript and Presenter's Notes

Title: INFORMATION AUDITING


1
INFORMATION AUDITING
2
INTRODUCTION
  • Information exists in all agencies in many forms
    as paper records, in computer databases, in
    libraries, in personal journals and business
    records.
  • All agencies depend heavily on the collection and
    use of information.
  • Information Audit is an element of Information
    Management, a discipline which seeks to ensure
    that information is managed as an integrated
    business resource.

3
MANAGEMENT TOOL
  • Auditing is a management tool. There are two main
    categories of audit
  • Compliance audits
  • Advisory audits

4
COMPLIANCE AUDIT
  • Compliance audits are implemented to check that
    procedures are being followed properly and that
    standards are being adhered to. A compliance
    audit is an inspection.

5
ADIVISORY AUDIT
  • Advisory audits inform management about the
    problems and appropriateness of systems and
    practices to the organization. There is a close
    link between advisory auditing and strategic
    planning.

6
INFORMATION AUDIT
  • Information audits may be carried out across a
    whole organization, or focus on a specific
    function (for example the maintenance of
    membership records on a database or the flow of
    information related to IT help desk enquiries).

7
WHAT IS IA?
  • Information Audit is the assessment of the
    information held by an agency and of its
    information management activities.
  • "review the existing system of information
    management, identify problems and recommend
    solutions for those problems." (Ellis, 1993).

8
Continue
  • "a process for discovering, monitoring and
    evaluating an organization's information flows
    and resources in order to implement, maintain, or
    improve the organization's management of
    information." (Buchanan and Gibb, p. 34).

9
SCOPE OF IA
  • The Information Audit may examine some or all of
    information form, content, processes,
    classifications, costs and values at any stage of
    the information lifecycle and assess them against
    criteria under the identified purpose of the
    Audit.

10
In General, IA
  • determines user information needs
  • lists the information resources available
  • identifies the costs and benefits of the
    information resources available
  • establishes how information systems within the
    organization function
  • results in the production of a report which
    proposes recommendations, for example to minimize
    system failures, to provide alternative solutions
    to information handling problems, to integrate IT
    investments further with strategic business
    initiatives, to devise an information
    strategy/policy.

11
  • As a management tool information audit work
    should help organizations make best use of
    information (often through the development of an
    information strategy).
  • Information audits indirectly
  • aid management decision making
  • support and encourage competitive advantage
  • enable organizations to adapt and change
  • facilitate organizational communication
  • encourage use of, and investment in, IT
  • contribute to the value of manufactured products

12
  • To achieve this the auditor has to devise a
    methodology that will provide data that can be
    processed to answer the following questions
  • What is the purpose of the audited system?
  • Does it accomplish its purpose?
  • Is the purpose in line with the purpose and
    philosophy of the organization as a whole?
  • How effectively are resources used?
  • How are resources accounted for and safeguarded?
  • How useful is the information system supporting
    the organization?
  • How reliable is the information system?
  • Does the system comply with regulations and
    standards?

13
IA Problems Identification
  • Information audits can identify
  • redundancy
  • duplication
  • inconsistency
  • incompatibility
  • costs
  • ... in information management practices and
    systems

14
IA Opportunities Identification
  • Information audits can identify
  • skills and expertise of staff
  • previously hidden assets
  • value chains
  • new products to market
  • markets for further expansion

15
Methodological approaches to IA
  • 1. Cost benefit methodologies
  • 2. Geographical approach
  • 3. Hybrid approaches
  • 4. Management information audits
  • 5. Operational advisory audits

16
  • Cost-benefit methodologies (Riley, 1976
    Henderson, 1980) - lists information
    system/product options and compares them on the
    basis of their cost and perceived benefit.
  • 2. Geographical approach (Gillman, 1985) -
    identifies major components of the information
    system and maps them in relation to one another
    with the aim of identifying and meeting needs
    within the system as it stands.
  • 3. Hybrid approach (Quinn, 1979) - takes the
    geographical approach combined with interest in
    the cost and values of information services and
    products, and emphasis on control and management
    procedures such as budgeting and matching
    information provision with organizational
    strategy.
  • 4. Management information audits (Reynolds,
    1980) - focus on the reporting of management
    information through activity such as the
    circulation of reports.
  • 5. Operational advisory audits (Gruber, 1983) -
    have much in common with the hybrid approach,
    but also consider efficiency and effectiveness
    with which information resources are used,
    accounted for and safeguarded, the reliability
    of the information system and compliance with
    obligations, regulations and standards.

17
Buchanan and Gibb (1998, pp. 37-41) examine two
of the most widely adopted approaches
1. InfoMap (Burk Horton, 1988) - involves
making an inventory of all information resource
entities (IREs), measuring their cost and value,
relating them to the structure, functions and
management of the organization, resulting in the
identification of the strengths and weaknesses
of the organization's information resources with
reference to the objectives of the organization.
2. Information flow analysis (Orna, 1990) -
identifies the organization's objectives,
culture and structure conducts an information
audit which a focus on information flows the
resulting balance sheet is used as a basis on
which to develop and information policy.
18
Buchanan and Gibb propose their own "integrated
strategic" approach (Buchanan and Gibb, 1998)
This methodology comprises five stages
Promote - to gain support and co-operation for
the information audit. Identify - to build up a
picture of the organization's mission,
environment, structure and culture, and to
identify information resources and information
flows. Analyze - to evaluate the organization's
information resources and plan how to overcome
problems and achieve objectives identified at the
"identity" stage. Account - to cost the
organization's information sources and services,
and perform cost analysis and cost modeling as
part of the development and evaluation of an
information strategy. Synthesize - to report on
the process and provide findings and
recommendations.
19
Problems of information auditing
  • 1. Support of senior management
  • 2. Internal auditors versus external consultants
  • 3. Data gathering instruments (combination of
    what who to ask, what interview, questionnaire,
    when, where, other data)
  • 4. Size of organization and time span
  • 5. How to establish costs and value of
    information

20
RESULTS OF IA
  • snapshot of information resources
  • number and format of resources, nature and
    frequency of their use
  • total costs of information activity
  • gaps in provision and redundancy of gathering and
    storage
  • information flows and where it fails
  • who owns and manages critical resources
  • hierarchy and needs of organization priorities
  • price in all forms (money, time, effort), what
    benefits arise
  • linkage to strategic objectives.

21
Inputs and outputs of a generic information Audit
22
  • Source, please visit this web site
  • http//www.oit.nsw.gov.au/Guidelines/4.3.12.a-IM-A
    udit.htmc
  • Information Audit as A Holistic Approach
  • A Case Study
  • http//www.sla.org/division/dst/LangleySLA062003.p
    df
Write a Comment
User Comments (0)
About PowerShow.com