Auditoría Informática a la Empresa Pública- Empresa Municipal de Agua Potable y Alcantarillado de Riobamba, período 2012

Abstract

This research work is a “Computer Processes Audit done to the Public Municipal Water Supply and Sewerage Company of Riobamba (EP-EMAPAR- acronym for the Spanish Empresa Pública – Empresa Municipal de Agua Potable y Alcantarillado de Riobamba) during 2012.” It is aimed to promote the development and analysis of logical security, physical security, procedure and good use of information and communication technologies, and computer systems management. Before doing the audit, a previous analysis was carried out in the enterprise in order to get acquainted with it. With this previous analysis, an adequate planning was done by integrating the corresponding programs in the different analyzed areas. Here, different techniques and produces described in the theoretical framework were applied considering the Internal Control Regulations group 410 given by General State Comptroller. As a result of this Computer Process Audit, it can be seen there is lack of policies about changing password periodically and file deleting; there is also, lack of adequate physical security in the Computer Systems Unit; there is lack of computer use training, and inadequate duties segregation. It is recommended that EP-EMAPAR consider the different aspects prescribed in the audit report and do a yearly computer processes audit to see the degree of compliance they have of the Internal Control Regulations given by the General State Comptroller.