Applications

Organizations often focus on auditing systems and applications that are fully operational, but they may also be audited during other phases of the system development life cycle. Auditors apply different criteria for systems or applications undergoing planning, design, or development than those in production operation. System or application audits focus on functional and nonfunctional capabilities and controls. Functional concerns include ensuring that the organization’s operational requirements are met. Nonfunctional aspects include performance, usability, reliability, and security, where auditors often test for or review evidence demonstrating the implementation of controls appropriate for the intended use of the system or application and how users will interact with it. For example, audits of web-based applications often examine the use of controls to guard against known vulnerabilities, misconfiguration, and unauthorized disclosure of sensitive information.

Information systems are sophisticated collections of resources that efficiently gather, process, store, and distribute information. These resources include powerful tools like laptops, databases, networks, and smartphones. Rest assured, as you read this, you are actively engaging with an information system! Countless individuals rely on diverse information systems to communicate with friends and family, conduct online banking and shopping, and access information via search engines. Transaction processing plays a vital role in ensuring businesses can seamlessly carry out their day-to-day operations. Transactions cover a wide range of activities, such as deposits, withdrawals, shipping, customer billing, order entry, and order placement, all of which are integral to a company’s operations. TPS (Transaction Processing Systems) play a pivotal role in supporting these crucial business transactions.