3.

Problems that would account for systems failures include poor development methods, incorrectly specified system requirements, failure to involve internal audit in SDLC and not engaging the user in the development of the system (Hall, 2015).

The reason includes hurrying in selecting as well as implementing the project, and thus crucial facts are partially analyzed or ignored. These unchecked areas may create a bottleneck in the SDLC as well as increase the time and costs. Another factor may be the lack of a well-documented as well as proper estimation method to that (Hall, 2015). Delay in the arrival of the hardware also contributes to this.   Stages in which underestimates are most dramatic include debugging the program.  In most instances, data conversion to the new system from the old one takes longer time than anticipated. Besides, systems rushed in the analysis stage often require more maintenance owing to demand by unsatisfied users (Hall, 2015).

The SDLC need to be carried out but in a modified form. Before settling on the final package, the firm needs to establish its system requirements as well as take into account possible alternatives (Hall, 2014).

Post-implementation review is conducted by independent systems personnel and regardless whether an external firm was hired to develop the system or the system was developed internally (Hall, 2014). Post-implementation review is normally performed after a period of live running that is few months after the completion of the project to enable the user to adjust to the system.

1. Announcing a New Information System

MEMORANDUM

To: Roger Moore, AJAX’s CIO

From: George Jones, Director of Internal Audits

Date: February 6, 2019

Subject: Reaction to the newly proposed Accounting system to be implemented

Following your announcement letter informing us of the steps you have made to ensure the implementation of the newly proposed accounting system, there are several issues as well as concerns that arise from your action and plan and that need the immediate address for the project implementation to be successful and of value.

Firstly, the decision to ignore users from taking part in the development process is ill-informed. Conventionally, during the development of systems, it is essential for the systems experts to work hand in hand with the primary users to identify and fully understand the problems of the users and their requirement.

Secondly, there is a need for the current system survey. The consultants are required to collect data and facts that describes major system features, relationships, and situations, and this includes information regarding redundant operations, bottlenecks, types and volumes of transactions, resource costs, control points, users, sources of data, critical process, and error rates. Some of this information can be independently collected through documentation. However, most of the facts can only be obtained through the participation of the user.  Structured questionnaires, open-ended questions, and personal interviews can be employed to gather these facts.

Thirdly, there is a need to involve the internal auditor in the development process. An internal audit group with vast knowledge in computer technology as well as a detailed understanding of the users’ business problems is instrumental for the success of the project implementation. Besides, the internal auditor is required to make the system auditable. Some computer auditing methods, for instance, the Integrated Test Facility (ITF) and the Embedded Audit Module (EAM) should be an integral part of the system. The internal auditor is mandated to find out whether the system to be considered is best suited for audit feature and the best suited feature for the system.

Lastly, the auditor must be involved in the final selection of the system to evaluate the economic viability of the system under consideration.

It is my sincere hope that you will consider the above-highlighted concerns to ensure secure, smooth, and successful implementation of the proposed system

Best regards,

George Jones, Director of Internal Audits

5.Systems Design

What went wrong include

1. Failure to perform system walkthrough
2. Likelihood of low processing speed issue due to which it is hard to modify the database frequently
3. The systems analysts did not fully understand the requirements
4. The possibility that the manager did not observe the detailed design reports or prepared correctly
5. Alpher and her co-workers failed to state their requirements clearly
6. The output detail and processing details were shallowly specified.
7. Incorrect preparation of design controls
8. Failure to follow the updating standards for the database files correctly.
9. The end users failed to review the specification after being developed, for completeness and accuracy.
10. The design specifications wholly implemented.

In the future:

1. the department of internal audit needs to be involved in acting as a link between the consultants and end users
2. Acceptance procedures and user tests need to be carried out before the implementation of the system.

12.Audit of Systems Development

Systems Authorization Activities

All systems require proper authorization to guarantee their feasibility and justification economic wise. This demands for a formal environment in which end users submit their request in written form to the systems experts (Hall, 2014).

User Specification Activities

Users must actively take part in the development process of the system. The user involved should not be affected by the technical involvedness of the system. Irrespective of the type of technology employed, users are required to provide comprehensive written descriptions of their needs.The joint effort of both the professionals and end-users results in the creation of the user specification document but the document must always be a statement highlighting the needs of the user. The document needs to emphasize the view of the user regarding the problem and not the systems professionals’ views (Hall, 2014).

Technical Design Activities

The technical design activities of the SDLC often translate the specifications needs of the user into a set of detailed system technical specification that conforms to the requirements of the user. The range of these activities includes general systems design, system analysis, detailed system design, and feasibility analysis. The quality of documentation from each phase measures the suitability of these activities (Hall, 2014).

Internal Audit Participation

The internal audit department should always be independent, objective as well as technically qualified. With such conditions, internal auditor plays a crucial role in controlling the development activities of the system (Hall, 2014). The auditor is required to be involved at the inception process and carry on throughout every phase of the development process and into the maintenance phase. An internal audit group, which is an IT guru as well as has detailed knowledge of the issues to be solved is very instrumental in each stage of SDLC.

Program Testing

All program modules require thorough testing before their implementation. The result tests are compared with the present results to establish the logic and programming errors. The auditor must verify that all branches of the application logic are has been tested.

User Test and Acceptance Procedures

Before the system is implemented, each system module should be tested rigorously and formally. The test team needs to consist of internal auditors, system professionals, and users. The results and details of the tests must be formally analyzed and documented. Once the test team approves that the system meets the set standards, the system can then be transferred to the user (Hall, 2015).

1. To conform to the auditing requirements, the auditor would carry out a combination of application controls tests and substantive account balances and transaction details tests. The auditor would reconcile program version numbers as well as confirm maintenance authorizations to assess the audit trail of program changes. The auditor reconciles the source code, retest the program as well as review the test results to establish application errors.

References

Hall, J. (2015). Accounting Information Systems. Mason, OH: Cengage South-Western.

Hall, J. A. (2014). Information systems auditing and assurance. Cincinnati (Ohio: South-Western College.

Do you need high quality Custom Essay Writing Services?