Integrated Approach Model of Risk, Control and Auditing of Accounting Information Systems

The use of IT in the financial and accounting processes is growing fast and this leads to an increase in the research and professional concerns about the risks, control and audit of Accounting Information Systems (AIS). In this context, the risk and control of AIS approach is a central component of processes for IT audit, financial audit and IT Governance. Recent studies in the literature on the concepts of risk, control and auditing of AIS outline two approaches: (1) a professional approach in which we can fit ISA, COBIT, IT Risk, COSO and SOX, and (2) a research oriented approach in which we emphasize research on continuous auditing and fraud using information technology. Current researches emphasize the need for an integrated approach to risk, control and audit of AIS to ensure integrity, reality, accuracy and availability of financial statements. Starting from the limits of existing approaches, our study is aimed to developing and testing an Integrated Approach Model of Risk, Control and Auditing of AIS. This model treats risk, control and audit on three cycles of business processes, as follows: purchases cycle, sales cycle and cash cycle. The purpose of this model is the integration approach of risk, control and AIS audit in the IT audit processes and financial audit processes in order to improve the efficiency of IT Governance, as well as ensuring integrity, reality, accuracy and availability of financial statements.