Rafael Mellado, Antonio Faúndez-Ugalde, María Blanco


The use of technological resources and software has become standardized in today's society, which is why there is a need to be able to update according to the requirements that the market and industry demand from companies that develop products through a software engineering process. The role of the auditor is extremely important since he is the one who must make sure that everything is controlled and that the required needs are being fulfilled, as well as he is concerned about the security of the entities and their internal background. In this context, it is necessary to constantly improve the auditor's procedures and the legislation that regulates them, since the multiple frauds that companies suffer in terms of information obtained easily and quickly, without any major control, are well known, and it is here where care must be taken in order to reduce the levels of violations of access to unauthorized information assets. The objective of this paper is to present everything that surrounds the process of auditing requirements of software engineering projects, both generically and specifically in projects in particular the financial area, generally covering everything that is present in a software engineering project considering the need, what is obtained from them and why they arise in organizations.

Full Text:



Abrego Almazán, D., Sánchez Tovar, Y., Medina Quintero, J.M., 2017. Influencia de los sistemas de información en los resultados organizacionales. Contaduría y Administración 62, 303–320.

Adams, R., Eslinger, S., Owens, K., Rich, M., 2004. Software Acquisition Best Practices: Experiences From the Space Systems Domain 37.

Ahmi, A., Saidin, S.Z., Abdullah, A., 2014. IT Adoption by Internal Auditors in Public Sector: A Conceptual Study. Procedia - Social and Behavioral Sciences, International Conference on Accounting Studies 2014, ICAS 2014, 18-19 August 2014, Kuala Lumpur, Malaysia 164, 591–599.

Alhazmi, O., Malaiya, Y., Ray, I., 2005. Security Vulnerabilities in Software Systems: A Quantitative Perspective, in: Jajodia, S., Wijesekera, D. (Eds.), Data and Applications Security XIX, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 281–294.

Al-Qudah, S., Meridji, K., Al-Sarayreh, K.T., 2015. A Comprehensive Survey of Software Development Cost Estimation Studies.

Antonella, E., 2016. Research 2.0 and the Impact of Digital Technologies on Scholarly Inquiry. IGI Global.

Arocena, G.A., 2012. La regulación de los delitos informáticos en el Código Penal argentino: Introducción a la Ley Nacional núm. 26.388. Boletín mexicano de derecho comparado 45, 945–988.

Arriola Navarrete, O., Tecuatl Quechol, G., González Herrera, G., 2011. Software propietario vs software libre: una evaluación de sistemas integrales para la automatización de bibliotecas. Investigación bibliotecológica 25, 37–70.

Auer, A., Karjalainen, J., Seppänen, V., 1996. Improving R & D processes by an ISO 9001-based quality management system. Journal of Systems Architecture 42, 235–244.

Avison, D.E., Shah, H.U., Wilson, D.N., 1994. Software quality standards in practice: the limitations of using ISO-9001 to support software development. Software Quality Journal 3, 105–111.

Bănărescu, A., 2015. Detecting and Preventing Fraud with Data Analytics. Procedia Economics and Finance, Emerging Markets Queries in Finance and Business 2014, EMQFB 2014, 24-25 October 2014, Bucharest, Romania 32, 1827–1836.

Birk, A., Pfahl, D., 2002. A Systems Perspective on Software Process Improvement, in: Oivo, M., Komi-Sirviö, S. (Eds.), Product Focused Software Process Improvement, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 4–18.

Brosius, A., van Elsas, E.J., de Vreese, C.H., 2019. Trust in the European Union: Effects of the information environment. European Journal of Communication 34, 57–73.

Cabaj, K., Kotulski, Z., Księżopolski, B., Mazurczyk, W., 2018. Cybersecurity: trends, issues, and challenges. EURASIP Journal on Information Security 2018, 10.

Calvo-Manzano, J., Gonzalo, C., Mejia, J., San Feliu, T., Tomás, F., Rocha, Á., 2010. Evaluación de Contratos de Adquisición de Productos y Servicios de Software en Outsourcing.

Cerda Silva, A., 2011. El “nivel adecuado de protección” para las transferencias internacionales de datos personales desde la Unión Europea. Revista de derecho (Valparaíso) 327–356.

Cerda Silva, A., 2006. Mecanismos de Control en la Protección de Datos en Europa. Ius et Praxis 12, 221–251.

Chou, D.C., Yen, D.C., Chen, J.Q., 1998. Analysis of the total quality management-based software auditing. Total Quality Management 9, 611–618.

Claver, A., 2018. Governance of cyber warfare in the Netherlands: an exploratory investigation. The International Journal of Intelligence, Security, and Public Affairs 20, 155–180.

Contreras Clunes, A., 2003. DELITOS INFORMÁTICOS: UN IMPORTANTE PRECEDENTE. Ius et Praxis 9, 515–521.

Dodd, I., Habli, I., 2012. Safety certification of airborne software: An empirical study. Reliability Engineering & System Safety 98, 7–23.

Dorling, A., 1993. SPICE: Software process improvement and capability dEtermination. Information and Software Technology, Software Process Modelling in Practice 35, 404–406.

Edwards, M.A., 2020. The Concept and Federal Crime of Mortgage Fraud. Am. Crim. L. Rev. 57, 57.

Esterkin, V., Pons, C., Esterkin, V., Pons, C., 2017. Evaluación de calidad en el desarrollo de software dirigido por modelos. Ingeniare. Revista chilena de ingeniería 25, 449–463.

Farbey, B., Finkelstein, A., 2001. Software acquisition: a business strategy analysis. Proceedings Fifth IEEE International Symposium on Requirements Engineering.

Fernández, F., Cornejo-Saavedra, E., Vogel, G., 2015. La Polar: Manipulación de los Estados Financieros, Fraude e Impacto. pp. 163–192.

Fowler, P., Rifkin, S., 1990. Software Engineering Process Group Guide (No. CMU/SEI-90-TR-24). CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING INST.

Fujita, H., Papadopoulos, G.A., 2016. New Trends in Software Methodologies, Tools and Techniques: Proceedings of the Fifteenth SoMeT_16. IOS Press.

Garae, J., Ko, R.K.L., 2017. Visualization and Data Provenance Trends in Decision Support for Cybersecurity, in: Palomares Carrascosa, I., Kalutarage, H.K., Huang, Y. (Eds.), Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications, Data Analytics. Springer International Publishing, Cham, pp. 243–270.

Garrett, S.G.E., Skevington, P.J., 1999. An Introduction to Electronic Commerce. BT Technology Journal 17, 11–16.

Ghosh, R.A., 2007. Economic impact of open source software on innovation and the competitiveness of the Information and Communication Technologies (ICT) sector in the EU [WWW Document]. undefined. URL (accessed 4.18.20).

Gloria Piedad, G.-H., Muñoz, M., Mejia, J., Jose A., C.-M., 2014. Software Requirements Development: A Path for Improving Software Quality, in: Barafort, B., O’Connor, R.V., Poth, A., Messnarz, R. (Eds.), Systems, Software and Services Process Improvement, Communications in Computer and Information Science. Springer, Berlin, Heidelberg, pp. 194–205.

Gómez, A.D., 2010. El delito informático, su problemática y la cooperación internacional como paradigma de su solución: El Convenio de Budapest.

González G, P., 2015. Propuesta de un modelo para medir activos intangibles en empresas de software a partir de una herramienta multicriterio. Estudios Gerenciales 31, 191–201.

González, R.M.D., Ruiz, M.A.G., 2018. Retos de la contabilidad y la auditoría en la economía actual: Homenaje al profesor Vicente Montesinos Julve. Universitat de València.

G.p, G.-H., J.a.e, A., M.c, G.Á., 2014. Technique for risk identification of software acquisition and information technologies, Scopus. IGI Global.

Guerrero, C.A., Londoño, J.M., 2016. Revisión de la Problemática de la Calidad del Software para el Desarrollo de Aplicaciones de Computación en la Nube. Información tecnológica 27, 61–80.

Hammi, A., 2014. Control Financiero interno bajo incertidumbre: control de gestión de la liquidez.


Huh, W.T., 2001. Software process improvement: operations perspectives. PICMET ’01. Portland International Conference on Management of Engineering and Technology. Proceedings Vol.1: Book of Summaries (IEEE Cat. No.01CH37199).

Humphrey, W.S., 1988. The software engineering process: definition and scope, in: Proceedings of the 4th International Software Process Workshop on Representing and Enacting the Software Process, ISPW ’88. Association for Computing Machinery, Devon, United Kingdom, pp. 82–83.

Isasi-Genix, A., Gómez-Acosta, M.I., Stuart-Cárdenas, M.L., 2012. Diseño del proceso de implementación de software en DESOFT Habana. Ingeniería Industrial 33, 60–68.

Isolano, A.I., 2003. Toma de decisiones gerenciales. Tecnología en Marcha 16, 44–51.

Jalote, P., 1999. CMM in Practice: Processes for Executing Software Projects at Infosys [WWW Document]. URL (accessed 4.18.20).

Jang-Jaccard, J., Nepal, S., 2014. A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, Special Issue on Dependable and Secure Computing 80, 973–993.

Jorgensen, M., Shepperd, M., 2007. A Systematic Review of Software Development Cost Estimation Studies. IEEE Transactions on Software Engineering 33, 33–53.

Klaus, H., Rosemann, M., Gable, G.G., 2000. What is ERP? Information Systems Frontiers 2, 141–162.

Kruse, C.S., Frederick, B., Jacobson, T., Monticone, D.K., 2017. Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Health Care 25, 1–10.

Lara, R.R.R., Lapeña, O.L., Alcalá, J.M., 2001. Software y hardware del C8XC251 : problemas [WWW Document]. URL (accessed 4.18.20).

Lavarda, C.E.F., Feliu, V.M.R., Palanca, M.B., 2009. La Interiorización del cambio de un sistema Contable de Gestión en la pequeña empresa. Revista Contabilidade & Finanças 20, 101–115.

Liberona, D., Ruiz, M., 2013. Análisis de la implementación de programas de gestión del conocimiento en las empresas chilenas. Estudios Gerenciales 29, 151–160.

López, E.B., Barbadillo, E.R., Aguilar, N.G., 2011. ¿Cómo actúan las empresas frente a la dependencia económica del auditor?: el papel del comité de auditoría. Revista de Contabilidad 14, 87–119.

Madec, M., Lallement, C., Haiech, J., 2017. Modeling and simulation of biological systems using SPICE language. PLOS ONE 12, e0182385.

Manwadkar, M., 2018. Automated Web Based Test Engine Using Cloud. IJRASET 6, 3656–3660.

Marín Sánchez, J., Lugo García, J.A., 2016. Control de proyectos de software: actualidad y retos para la industria cubana. Ingeniare. Revista chilena de ingeniería 24, 102–112.

Martelo, R.J., Jiménez-Pitre, I., Moncaris González, L., 2017. Guía Metodológica para el Mejoramiento del Desarrollo de Software a través de la Aplicación de la Técnica Árboles de Problemas. Información tecnológica 28, 87–94.

Masaeli, M., Bula, G., Harrington, S.E., 2019. Latin American Perspectives on Global Development. Cambridge Scholars Publishing.

Matende, S., Ogao, P., 2013. Enterprise Resource Planning (ERP) System Implementation: A Case for User Participation. Procedia Technology, CENTERIS 2013 - Conference on ENTERprise Information Systems / ProjMAN 2013 - International Conference on Project MANagement/ HCIST 2013 - International Conference on Health and Social Care Information Systems and Technologies 9, 518–526.

Mayer Lux, L., Mayer Lux, L., 2018. Elementos criminológicos para el análisis jurídico-penal de los delitos informáticos. Ius et Praxis 24, 159–206.

Mejía-Neira, Á., Jabba, D., Caballero, G.C., Caicedo-Ortiz, J., Mejía-Neira, Á., Jabba, D., Caballero, G.C., Caicedo-Ortiz, J., 2019. Influencia de la Ingeniería de Software en los Procesos de Automatización Industrial. Información tecnológica 30, 221–230.

Nahabetián Brunet, L., 2015. Protección de datos y gestión documental: Decálogo ampliado para la sociedad de la información. Revista de la Facultad de Derecho 9–9.

Niazi, M., 2006. Software Process Improvement: A Road to Success, in: Münch, J., Vierimaa, M. (Eds.), Product-Focused Software Process Improvement, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 395–401.

Oliva, R., Carvajal, K., Cataldo, A., Oliva, R., Carvajal, K., Cataldo, A., 2018a. Impacto de TI en las pequeñas y medianas empresas ¿es su efecto moderado por la intensidad de uso de TI de la industria? Journal of technology management & innovation 13, 82–93.

Oliva, R., Carvajal, K., Cataldo, A., Oliva, R., Carvajal, K., Cataldo, A., 2018b. Impacto de TI en las pequeñas y medianas empresas ¿es su efecto moderado por la intensidad de uso de TI de la industria? Journal of technology management & innovation 13, 82–93.

Paulk, M.C., 1995. How ISO 9001 Compares With The CMM.

Quesada Sevilla, A., Zamora Fonseca, R., Brito Brito, A., 2016. Propuesta de mejoras para el proceso de gestión de la información bibliográfica en la Universidad de Cienfuegos. Revista Universidad y Sociedad 8, 57–64.

Quintanilla, B., Isabel, T., 2013. Estado situacional de la protección de datos personales en Chile, regulación jurídica y alcances.

Quispe-Otacoma, A.L., Padilla-Martínez, M.P., Telot-González, J.A., Nogueira-Rivera, D., 2017. Tecnologías de información y comunicación en la gestión empresarial de pymes comerciales. Ingeniería Industrial 38, 81–92.

Razón, O.C., Durán, J.G., González, J.A.G., Cortés, F.I., Miranda, J.M., 2014. Cómo Guiar a las Pymes en la Mejora de Procesos Software. RISTI - Revista Ibérica de Sistemas e Tecnologias de Informação 17–30.

Recker, J., 2012. BPMN Research: What We Know and What We Don’t Know, in: Mendling, J., Weidlich, M. (Eds.), Business Process Model and Notation, Lecture Notes in Business Information Processing. Springer, Berlin, Heidelberg, pp. 1–7.

Rehman, S., Mustafa, K., 2009. Research on software design level security vulnerabilities. SOEN.

Respício, A., Domingos, D., 2015. Reliability of BPMN Business Processes. Procedia Computer Science, Conference on ENTERprise Information Systems/International Conference on Project MANagement/Conference on Health and Social Care Information Systems and Technologies, CENTERIS/ProjMAN / HCist 2015 October 7-9, 2015 64, 643–650.

Riascos-Erazo, S.C., Arias-Cardona, V.H., n.d. Análisis del impacto organizacional en el proceso de implementación de los Sistemas de Información ERP–Caso de Estudio. Entramado 12, 284–302.

Ronquillo, J.G., Erik Winterholler, J., Cwikla, K., Szymanski, R., Levy, C., 2018. Health IT, hacking, and cybersecurity: national trends in data breaches of protected health information. Jamia Open 1, 15–19.

Roselló Gallardo, V., 2017. ¿Cómo enfrentar la selección de un sistema de información contable? Cofin Habana 11, 281–294.

Ross, D.T., Goodenough, J.B., Irvine, C.A., 1975. Software Engineering: Process, Principles, and Goals. Computer 8, 17–27.

Sacha, K., n.d. Software Engineering Practices: An Auditor’s Perspective 16.

Salguero, S., Javier, F., 2016. Relación entre la protección de los datos personales y el derecho de acceso a la información pública dentro del marco del derecho comparado. Ius et Praxis 22, 323–376.

Solimano, A., 2012. Chile and the Neoliberal Trap: The Post-Pinochet Era. Cambridge University Press.

Sommerville, I., 2005. Ingeniería del software. Pearson Educación.

Stålhane, T., Hanssen, G.K., 2008. The Application of ISO 9001 to Agile Software Development, in: Jedlitschka, A., Salo, O. (Eds.), Product-Focused Software Process Improvement, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 371–385.

Stamelos, I., Angelis, L., Morisio, M., Sakellaris, E., Bleris, G.L., 2003. Estimating the development cost of custom software. Inf. Manag.

Surakhi, O.M., Hudaib, A., Alshraideh, M., Khanafseh, M., 2017. A Survey on Design Methods for Secure Software Development, in: BIOINFORMATICS 2017.

Tangpong, C., Islam, M., Lertpittayapoom, N., 2009. The Emergence of Business-to-Consumer E-Commerce: New Niche Formation, Creative Destruction, and Contingency Perspectives. Journal of Leadership & Organizational Studies.

Tupe, S.K., Sayyad, S.B., Behre, S., 2009. Comparative Study of Different Spice Software’s Using Astable Multivibrator in Different Spice Software [WWW Document]. undefined. URL's-in-Tupe-Sayyad/ba245e4a7fc1d7aa48bd3400c18cfc77a069de8c (accessed 4.18.20).

Uzelac, A., 2008. How to understand digital culture: Digital culture - a resource for a knowledge society? pp. 7–21.

Valencia Duque, F., 2015. La auditoría continua, un modelo complementario que permite agregar valor a la auditoría moderna.

Vergara Rojas, M., Vergara Rojas, M., 2017. Chile: Comentarios preliminares al proyecto de ley que regula la protección y tratamiento de datos personales y crea la Agencia de Protección de Datos Personales. Revista chilena de derecho y tecnología 6, 135–152.

Villar, A.G.C., 2020. Control integrado de gestión y su influencia en la toma de decisiones en Importaciones Hiraoka S.A.C. Business Innova Sciences 1, 32–42.

Walker, A.J., 1998. Improving the quality of ISO 9001 audits in the field of software. Information and Software Technology 40, 865–869.

Zelkowitz, M., 1978. Perspectives in Software Engineering. ACM Comput. Surv. 10, 197–216.


  • There are currently no refbacks.