Auditoría informática al Departamento de Tecnología de la Información y Comunicación del Hospital Provincial General Docente Riobamba

Abstract

The Computer Audit to the Information and Communication Technology Department of the Provincial General Teaching Hospital Riobamba period 2017 was developed with the purpose of detecting problems and the noncompliance with the Internal Control Standard of the Comptroller General of the State in the management, use and administration of the resources. Tools were applied in the development of this thesis, such as surveys and internal control questionnaires aimed at employees and authorities of the institution; with the need to evaluate the efficiency of internal control. The audit carried out includes four phases, starting with the preliminary and specific planning that contains all the information about the entity that was evaluated, as a second phase the evaluation of the internal control through a checklist which verifies the fulfillment or not of the regulation that governs in the public sector, third phase the evaluation of critical areas or in other words the drafting of the findings and the fourth phase communication of results, which corresponds to the issuance of the report. Among the most important findings are: software security, hardware management, equipment maintenance, system licenses, lack of procedures manuals and functions for the area, lack of training and information insecurity. The recommendations are concentrated on the improvement and efficiency of current internal control, so that the entity complies fully with what is stipulated in current regulation. It is suggested to carry out the proposals issued in the audit report to achieve an early improvement of the entity in the area of Tics.