THE AUDIT PROCESS IN COMPANIES THAT IMPLEMENT SOFTWARE ENGINEERING PROJECTS

Rafael Mellado, Antonio Faúndez-Ugalde, María Blanco

Abstract

The use of technological resources and software has become standardized in today's society, which is why there is a need to be able to update according to the requirements that the market and industry demand from companies that develop products through a software engineering process. The role of the auditor is extremely important since he is the one who must make sure that everything is controlled and that the required needs are being fulfilled, as well as he is concerned about the security of the entities and their internal background. In this context, it is necessary to constantly improve the auditor's procedures and the legislation that regulates them, since the multiple frauds that companies suffer in terms of information obtained easily and quickly, without any major control, are well known, and it is here where care must be taken in order to reduce the levels of violations of access to unauthorized information assets. The objective of this paper is to present everything that surrounds the process of auditing requirements of software engineering projects, both generically and specifically in projects in particular the financial area, generally covering everything that is present in a software engineering project considering the need, what is obtained from them and why they arise in organizations.

Full Text:

PDF

References

Abrego Almazán, D., Sánchez Tovar, Y., Medina Quintero, J.M., 2017. Influencia de los sistemas de información en los resultados organizacionales. Contaduría y Administración 62, 303–320. https://doi.org/10.1016/j.cya.2016.07.005

Adams, R., Eslinger, S., Owens, K., Rich, M., 2004. Software Acquisition Best Practices: Experiences From the Space Systems Domain 37.

Ahmi, A., Saidin, S.Z., Abdullah, A., 2014. IT Adoption by Internal Auditors in Public Sector: A Conceptual Study. Procedia - Social and Behavioral Sciences, International Conference on Accounting Studies 2014, ICAS 2014, 18-19 August 2014, Kuala Lumpur, Malaysia 164, 591–599. https://doi.org/10.1016/j.sbspro.2014.11.151

Alhazmi, O., Malaiya, Y., Ray, I., 2005. Security Vulnerabilities in Software Systems: A Quantitative Perspective, in: Jajodia, S., Wijesekera, D. (Eds.), Data and Applications Security XIX, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 281–294. https://doi.org/10.1007/11535706_21

Al-Qudah, S., Meridji, K., Al-Sarayreh, K.T., 2015. A Comprehensive Survey of Software Development Cost Estimation Studies. https://doi.org/10.1145/2816839.2816913

Antonella, E., 2016. Research 2.0 and the Impact of Digital Technologies on Scholarly Inquiry. IGI Global.

Arocena, G.A., 2012. La regulación de los delitos informáticos en el Código Penal argentino: Introducción a la Ley Nacional núm. 26.388. Boletín mexicano de derecho comparado 45, 945–988.

Arriola Navarrete, O., Tecuatl Quechol, G., González Herrera, G., 2011. Software propietario vs software libre: una evaluación de sistemas integrales para la automatización de bibliotecas. Investigación bibliotecológica 25, 37–70.

Auer, A., Karjalainen, J., Seppänen, V., 1996. Improving R & D processes by an ISO 9001-based quality management system. Journal of Systems Architecture 42, 235–244. https://doi.org/10.1016/1383-7621(96)00010-0

Avison, D.E., Shah, H.U., Wilson, D.N., 1994. Software quality standards in practice: the limitations of using ISO-9001 to support software development. Software Quality Journal 3, 105–111. https://doi.org/10.1007/BF00213633

Bănărescu, A., 2015. Detecting and Preventing Fraud with Data Analytics. Procedia Economics and Finance, Emerging Markets Queries in Finance and Business 2014, EMQFB 2014, 24-25 October 2014, Bucharest, Romania 32, 1827–1836. https://doi.org/10.1016/S2212-5671(15)01485-9

Birk, A., Pfahl, D., 2002. A Systems Perspective on Software Process Improvement, in: Oivo, M., Komi-Sirviö, S. (Eds.), Product Focused Software Process Improvement, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 4–18. https://doi.org/10.1007/3-540-36209-6_4

Brosius, A., van Elsas, E.J., de Vreese, C.H., 2019. Trust in the European Union: Effects of the information environment. European Journal of Communication 34, 57–73. https://doi.org/10.1177/0267323118810843

Cabaj, K., Kotulski, Z., Księżopolski, B., Mazurczyk, W., 2018. Cybersecurity: trends, issues, and challenges. EURASIP Journal on Information Security 2018, 10. https://doi.org/10.1186/s13635-018-0080-0

Calvo-Manzano, J., Gonzalo, C., Mejia, J., San Feliu, T., Tomás, F., Rocha, Á., 2010. Evaluación de Contratos de Adquisición de Productos y Servicios de Software en Outsourcing.

Cerda Silva, A., 2011. El “nivel adecuado de protección” para las transferencias internacionales de datos personales desde la Unión Europea. Revista de derecho (Valparaíso) 327–356. https://doi.org/10.4067/S0718-68512011000100009

Cerda Silva, A., 2006. Mecanismos de Control en la Protección de Datos en Europa. Ius et Praxis 12, 221–251. https://doi.org/10.4067/S0718-00122006000200009

Chou, D.C., Yen, D.C., Chen, J.Q., 1998. Analysis of the total quality management-based software auditing. Total Quality Management 9, 611–618. https://doi.org/10.1080/0954412988307

Claver, A., 2018. Governance of cyber warfare in the Netherlands: an exploratory investigation. The International Journal of Intelligence, Security, and Public Affairs 20, 155–180. https://doi.org/10.1080/23800992.2018.1484235

Contreras Clunes, A., 2003. DELITOS INFORMÁTICOS: UN IMPORTANTE PRECEDENTE. Ius et Praxis 9, 515–521. https://doi.org/10.4067/S0718-00122003000100023

Dodd, I., Habli, I., 2012. Safety certification of airborne software: An empirical study. Reliability Engineering & System Safety 98, 7–23. https://doi.org/10.1016/j.ress.2011.09.007

Dorling, A., 1993. SPICE: Software process improvement and capability dEtermination. Information and Software Technology, Software Process Modelling in Practice 35, 404–406. https://doi.org/10.1016/0950-5849(93)90011-Q

Edwards, M.A., 2020. The Concept and Federal Crime of Mortgage Fraud. Am. Crim. L. Rev. 57, 57.

Esterkin, V., Pons, C., Esterkin, V., Pons, C., 2017. Evaluación de calidad en el desarrollo de software dirigido por modelos. Ingeniare. Revista chilena de ingeniería 25, 449–463. https://doi.org/10.4067/S0718-33052017000300449

Farbey, B., Finkelstein, A., 2001. Software acquisition: a business strategy analysis. Proceedings Fifth IEEE International Symposium on Requirements Engineering. https://doi.org/10.1109/ISRE.2001.948546

Fernández, F., Cornejo-Saavedra, E., Vogel, G., 2015. La Polar: Manipulación de los Estados Financieros, Fraude e Impacto. pp. 163–192.

Fowler, P., Rifkin, S., 1990. Software Engineering Process Group Guide (No. CMU/SEI-90-TR-24). CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING INST.

Fujita, H., Papadopoulos, G.A., 2016. New Trends in Software Methodologies, Tools and Techniques: Proceedings of the Fifteenth SoMeT_16. IOS Press.

Garae, J., Ko, R.K.L., 2017. Visualization and Data Provenance Trends in Decision Support for Cybersecurity, in: Palomares Carrascosa, I., Kalutarage, H.K., Huang, Y. (Eds.), Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications, Data Analytics. Springer International Publishing, Cham, pp. 243–270. https://doi.org/10.1007/978-3-319-59439-2_9

Garrett, S.G.E., Skevington, P.J., 1999. An Introduction to Electronic Commerce. BT Technology Journal 17, 11–16. https://doi.org/10.1023/A:1009612000420

Ghosh, R.A., 2007. Economic impact of open source software on innovation and the competitiveness of the Information and Communication Technologies (ICT) sector in the EU [WWW Document]. undefined. URL https://www.semanticscholar.org/paper/Economic-impact-of-open-source-software-on-and-the-Ghosh/4f0469c3702f5a22176265c72d0d764bc0447774 (accessed 4.18.20).

Gloria Piedad, G.-H., Muñoz, M., Mejia, J., Jose A., C.-M., 2014. Software Requirements Development: A Path for Improving Software Quality, in: Barafort, B., O’Connor, R.V., Poth, A., Messnarz, R. (Eds.), Systems, Software and Services Process Improvement, Communications in Computer and Information Science. Springer, Berlin, Heidelberg, pp. 194–205. https://doi.org/10.1007/978-3-662-43896-1_17

Gómez, A.D., 2010. El delito informático, su problemática y la cooperación internacional como paradigma de su solución: El Convenio de Budapest. https://doi.org/10.18172/redur.4071

González G, P., 2015. Propuesta de un modelo para medir activos intangibles en empresas de software a partir de una herramienta multicriterio. Estudios Gerenciales 31, 191–201. https://doi.org/10.1016/j.estger.2014.12.002

González, R.M.D., Ruiz, M.A.G., 2018. Retos de la contabilidad y la auditoría en la economía actual: Homenaje al profesor Vicente Montesinos Julve. Universitat de València.

G.p, G.-H., J.a.e, A., M.c, G.Á., 2014. Technique for risk identification of software acquisition and information technologies, Scopus. IGI Global. https://doi.org/10.4018/978-1-4666-5182-1.ch002

Guerrero, C.A., Londoño, J.M., 2016. Revisión de la Problemática de la Calidad del Software para el Desarrollo de Aplicaciones de Computación en la Nube. Información tecnológica 27, 61–80. https://doi.org/10.4067/S0718-07642016000300007

Hammi, A., 2014. Control Financiero interno bajo incertidumbre: control de gestión de la liquidez.

Hayen, R., 2004. SOFTWARE ACQUISITION AND DEVELOPMENT ALTERNATIVES: AN INVESTIGATION OF PREFERENCES. Issues in Information Systems 5.

Huh, W.T., 2001. Software process improvement: operations perspectives. PICMET ’01. Portland International Conference on Management of Engineering and Technology. Proceedings Vol.1: Book of Summaries (IEEE Cat. No.01CH37199). https://doi.org/10.1109/PICMET.2001.952337

Humphrey, W.S., 1988. The software engineering process: definition and scope, in: Proceedings of the 4th International Software Process Workshop on Representing and Enacting the Software Process, ISPW ’88. Association for Computing Machinery, Devon, United Kingdom, pp. 82–83. https://doi.org/10.1145/75110.75122

Isasi-Genix, A., Gómez-Acosta, M.I., Stuart-Cárdenas, M.L., 2012. Diseño del proceso de implementación de software en DESOFT Habana. Ingeniería Industrial 33, 60–68.

Isolano, A.I., 2003. Toma de decisiones gerenciales. Tecnología en Marcha 16, 44–51.

Jalote, P., 1999. CMM in Practice: Processes for Executing Software Projects at Infosys [WWW Document]. URL https://www.semanticscholar.org/paper/CMM-in-Practice%3A-Processes-for-Executing-Software-Jalote/27f08d41392e8140530805750070729570f69554 (accessed 4.18.20).

Jang-Jaccard, J., Nepal, S., 2014. A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, Special Issue on Dependable and Secure Computing 80, 973–993. https://doi.org/10.1016/j.jcss.2014.02.005

Jorgensen, M., Shepperd, M., 2007. A Systematic Review of Software Development Cost Estimation Studies. IEEE Transactions on Software Engineering 33, 33–53. https://doi.org/10.1109/TSE.2007.256943

Klaus, H., Rosemann, M., Gable, G.G., 2000. What is ERP? Information Systems Frontiers 2, 141–162. https://doi.org/10.1023/A:1026543906354

Kruse, C.S., Frederick, B., Jacobson, T., Monticone, D.K., 2017. Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and Health Care 25, 1–10. https://doi.org/10.3233/THC-161263

Lara, R.R.R., Lapeña, O.L., Alcalá, J.M., 2001. Software y hardware del C8XC251 : problemas [WWW Document]. URL https://www.semanticscholar.org/paper/Software-y-hardware-del-C8XC251-%3A-problemas-Lara-Lape%C3%B1a/7b3742d9eb268653771a41893280bcd70f974987 (accessed 4.18.20).

Lavarda, C.E.F., Feliu, V.M.R., Palanca, M.B., 2009. La Interiorización del cambio de un sistema Contable de Gestión en la pequeña empresa. Revista Contabilidade & Finanças 20, 101–115. https://doi.org/10.1590/S1519-70772009000300007

Liberona, D., Ruiz, M., 2013. Análisis de la implementación de programas de gestión del conocimiento en las empresas chilenas. Estudios Gerenciales 29, 151–160. https://doi.org/10.1016/j.estger.2013.05.003

López, E.B., Barbadillo, E.R., Aguilar, N.G., 2011. ¿Cómo actúan las empresas frente a la dependencia económica del auditor?: el papel del comité de auditoría. Revista de Contabilidad 14, 87–119. https://doi.org/10.1016/S1138-4891(11)70023-1

Madec, M., Lallement, C., Haiech, J., 2017. Modeling and simulation of biological systems using SPICE language. PLOS ONE 12, e0182385. https://doi.org/10.1371/journal.pone.0182385

Manwadkar, M., 2018. Automated Web Based Test Engine Using Cloud. IJRASET 6, 3656–3660. https://doi.org/10.22214/ijraset.2018.4609

Marín Sánchez, J., Lugo García, J.A., 2016. Control de proyectos de software: actualidad y retos para la industria cubana. Ingeniare. Revista chilena de ingeniería 24, 102–112. https://doi.org/10.4067/S0718-33052016000100010

Martelo, R.J., Jiménez-Pitre, I., Moncaris González, L., 2017. Guía Metodológica para el Mejoramiento del Desarrollo de Software a través de la Aplicación de la Técnica Árboles de Problemas. Información tecnológica 28, 87–94. https://doi.org/10.4067/S0718-07642017000300010

Masaeli, M., Bula, G., Harrington, S.E., 2019. Latin American Perspectives on Global Development. Cambridge Scholars Publishing.

Matende, S., Ogao, P., 2013. Enterprise Resource Planning (ERP) System Implementation: A Case for User Participation. Procedia Technology, CENTERIS 2013 - Conference on ENTERprise Information Systems / ProjMAN 2013 - International Conference on Project MANagement/ HCIST 2013 - International Conference on Health and Social Care Information Systems and Technologies 9, 518–526. https://doi.org/10.1016/j.protcy.2013.12.058

Mayer Lux, L., Mayer Lux, L., 2018. Elementos criminológicos para el análisis jurídico-penal de los delitos informáticos. Ius et Praxis 24, 159–206. https://doi.org/10.4067/S0718-00122018000100159

Mejía-Neira, Á., Jabba, D., Caballero, G.C., Caicedo-Ortiz, J., Mejía-Neira, Á., Jabba, D., Caballero, G.C., Caicedo-Ortiz, J., 2019. Influencia de la Ingeniería de Software en los Procesos de Automatización Industrial. Información tecnológica 30, 221–230. https://doi.org/10.4067/S0718-07642019000500221

Nahabetián Brunet, L., 2015. Protección de datos y gestión documental: Decálogo ampliado para la sociedad de la información. Revista de la Facultad de Derecho 9–9.

Niazi, M., 2006. Software Process Improvement: A Road to Success, in: Münch, J., Vierimaa, M. (Eds.), Product-Focused Software Process Improvement, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 395–401. https://doi.org/10.1007/11767718_34

Oliva, R., Carvajal, K., Cataldo, A., Oliva, R., Carvajal, K., Cataldo, A., 2018a. Impacto de TI en las pequeñas y medianas empresas ¿es su efecto moderado por la intensidad de uso de TI de la industria? Journal of technology management & innovation 13, 82–93. https://doi.org/10.4067/S0718-27242018000200082

Oliva, R., Carvajal, K., Cataldo, A., Oliva, R., Carvajal, K., Cataldo, A., 2018b. Impacto de TI en las pequeñas y medianas empresas ¿es su efecto moderado por la intensidad de uso de TI de la industria? Journal of technology management & innovation 13, 82–93. https://doi.org/10.4067/S0718-27242018000200082

Paulk, M.C., 1995. How ISO 9001 Compares With The CMM.

Quesada Sevilla, A., Zamora Fonseca, R., Brito Brito, A., 2016. Propuesta de mejoras para el proceso de gestión de la información bibliográfica en la Universidad de Cienfuegos. Revista Universidad y Sociedad 8, 57–64.

Quintanilla, B., Isabel, T., 2013. Estado situacional de la protección de datos personales en Chile, regulación jurídica y alcances.

Quispe-Otacoma, A.L., Padilla-Martínez, M.P., Telot-González, J.A., Nogueira-Rivera, D., 2017. Tecnologías de información y comunicación en la gestión empresarial de pymes comerciales. Ingeniería Industrial 38, 81–92.

Razón, O.C., Durán, J.G., González, J.A.G., Cortés, F.I., Miranda, J.M., 2014. Cómo Guiar a las Pymes en la Mejora de Procesos Software. RISTI - Revista Ibérica de Sistemas e Tecnologias de Informação 17–30. https://doi.org/10.4304/risti.e1.17-30

Recker, J., 2012. BPMN Research: What We Know and What We Don’t Know, in: Mendling, J., Weidlich, M. (Eds.), Business Process Model and Notation, Lecture Notes in Business Information Processing. Springer, Berlin, Heidelberg, pp. 1–7. https://doi.org/10.1007/978-3-642-33155-8_1

Rehman, S., Mustafa, K., 2009. Research on software design level security vulnerabilities. SOEN. https://doi.org/10.1145/1640162.1640171

Respício, A., Domingos, D., 2015. Reliability of BPMN Business Processes. Procedia Computer Science, Conference on ENTERprise Information Systems/International Conference on Project MANagement/Conference on Health and Social Care Information Systems and Technologies, CENTERIS/ProjMAN / HCist 2015 October 7-9, 2015 64, 643–650. https://doi.org/10.1016/j.procs.2015.08.578

Riascos-Erazo, S.C., Arias-Cardona, V.H., n.d. Análisis del impacto organizacional en el proceso de implementación de los Sistemas de Información ERP–Caso de Estudio. Entramado 12, 284–302.

Ronquillo, J.G., Erik Winterholler, J., Cwikla, K., Szymanski, R., Levy, C., 2018. Health IT, hacking, and cybersecurity: national trends in data breaches of protected health information. Jamia Open 1, 15–19. https://doi.org/10.1093/jamiaopen/ooy019

Roselló Gallardo, V., 2017. ¿Cómo enfrentar la selección de un sistema de información contable? Cofin Habana 11, 281–294.

Ross, D.T., Goodenough, J.B., Irvine, C.A., 1975. Software Engineering: Process, Principles, and Goals. Computer 8, 17–27. https://doi.org/10.1109/C-M.1975.218952

Sacha, K., n.d. Software Engineering Practices: An Auditor’s Perspective 16.

Salguero, S., Javier, F., 2016. Relación entre la protección de los datos personales y el derecho de acceso a la información pública dentro del marco del derecho comparado. Ius et Praxis 22, 323–376. https://doi.org/10.4067/S0718-00122016000100010

Solimano, A., 2012. Chile and the Neoliberal Trap: The Post-Pinochet Era. Cambridge University Press.

Sommerville, I., 2005. Ingeniería del software. Pearson Educación.

Stålhane, T., Hanssen, G.K., 2008. The Application of ISO 9001 to Agile Software Development, in: Jedlitschka, A., Salo, O. (Eds.), Product-Focused Software Process Improvement, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, pp. 371–385. https://doi.org/10.1007/978-3-540-69566-0_30

Stamelos, I., Angelis, L., Morisio, M., Sakellaris, E., Bleris, G.L., 2003. Estimating the development cost of custom software. Inf. Manag. https://doi.org/10.1016/S0378-7206(02)00099-X

Surakhi, O.M., Hudaib, A., Alshraideh, M., Khanafseh, M., 2017. A Survey on Design Methods for Secure Software Development, in: BIOINFORMATICS 2017. https://doi.org/10.24297/ijct.v16i7.6467

Tangpong, C., Islam, M., Lertpittayapoom, N., 2009. The Emergence of Business-to-Consumer E-Commerce: New Niche Formation, Creative Destruction, and Contingency Perspectives. Journal of Leadership & Organizational Studies. https://doi.org/10.1177/1548051809338054

Tupe, S.K., Sayyad, S.B., Behre, S., 2009. Comparative Study of Different Spice Software’s Using Astable Multivibrator in Different Spice Software [WWW Document]. undefined. URL https://www.semanticscholar.org/paper/Comparative-Study-of-Different-Spice-Software's-in-Tupe-Sayyad/ba245e4a7fc1d7aa48bd3400c18cfc77a069de8c (accessed 4.18.20).

Uzelac, A., 2008. How to understand digital culture: Digital culture - a resource for a knowledge society? pp. 7–21.

Valencia Duque, F., 2015. La auditoría continua, un modelo complementario que permite agregar valor a la auditoría moderna.

Vergara Rojas, M., Vergara Rojas, M., 2017. Chile: Comentarios preliminares al proyecto de ley que regula la protección y tratamiento de datos personales y crea la Agencia de Protección de Datos Personales. Revista chilena de derecho y tecnología 6, 135–152. https://doi.org/10.5354/0719-2584.2017.45822

Villar, A.G.C., 2020. Control integrado de gestión y su influencia en la toma de decisiones en Importaciones Hiraoka S.A.C. Business Innova Sciences 1, 32–42.

Walker, A.J., 1998. Improving the quality of ISO 9001 audits in the field of software. Information and Software Technology 40, 865–869. https://doi.org/10.1016/S0950-5849(98)00104-9

Zelkowitz, M., 1978. Perspectives in Software Engineering. ACM Comput. Surv. 10, 197–216. https://doi.org/10.1145/356725.356731

Refbacks

  • There are currently no refbacks.