In the past several decades, the marketplace for goods in the US has witnessed the demise of many products in the forms which we have long known them. … Many jobs too have succumbed to “extinctitis,” brought on by exposure to advancing technology. …

Will the next 15 years be witness to the same fate for EDP auditors? Will the advances in technology that just a few short years ago ushered in the era of the EDP auditor now write “RIP” on its tombstone? …

Impacts Pervasive

No single topic of discussion in business circles has generated more concern over the past decade than the impact of the rapid proliferation of information communications technology. One profession that has been, and continues to be, affected by this expanding technology is the EDP auditor. The EDP auditor today regularly encounters, in an accelerating degree, the applications of technology in all areas of business operations. An expanding understanding of the control function is called for in the widening variety of circumstances in which systems are being technologically enhanced. …

Some Criticisms

The criticisms leveled at EDP auditors in the 1980s have been muted. However there has been some detectable concern among top management with performance in some control, security and audit areas. … Some of these expressed criticisms are as follows:

• There has been a genuine failure in the identification of the impacts upon auditing which could and should have been anticipated. …
• The General opinion seems to be that no one has done much creative or innovative thinking in the areas of user controls and of user disciplines. With perhaps the exception of a few notable innovators, most accounting firms and most staffs of internal auditors have been reacting to developments in technology rather than initiating action in the areas of controls and disciplines.
• Traditional techniques and skill are not effective under changed conditions in which technology no longer provides the audit trails of the past nor provides the visible evidence of former systems.

Mitigating some of these perceived shortfalls has been a greater awareness of the problems. …

Strategic Guideline

During the remainder of the 1980s and during the…1990s, auditing will be moving through maturation of the EDP phase as it is known today, and into decline. Certainly, not all auditing activities will be in this maturation/ decline posture. Some auditors still will be involved deeply with techniques and skills in EDP environments, and yet others still in manual environments. …

Area of Concern

…Management’s appetite has been whetted by what current technology can do and what it is doing that EDP 1970s style could not. Management has served notice on EDP that data processing is no longer filling its needs. The needs of management for the remainder of the century will be to manage information, not merely to process individual data points. In the eyes of management, information has attained status as the fourth resource, joining its three predecessors of human resources, capital resources and material resources. …

What does the next 15 years hold for EDP auditors? While this question cannot be answered definitively, it can safely be said that there will be much change. …

The conditions under which the EDP auditor species evolved have seen changes, and will change more rapidly in the 1980s and 90s.

In 2009, ISACA marks its 40th anniversary. With that in mind, each 2009 issue of ISACA Journal will reach back into the archives and pull out an article from yesteryear that holds an interesting perspective or commentary on the industry at the time of its writing. We hope readers will enjoy looking back at the years and the industry as it has developed.

The Journal originally began as The EDP Auditor Journal in 1973, and since has been named IS Audit & Control Journal, Information Systems Control Journal and, with volume 1, 2009, ISACA Journal.

© 1986 EDP Auditor’s Association Inc.

Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute and their committees, and from opinions endorsed by authors, employers or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.

Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, Mass. 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.

Subscription Rates:
US: one year (6 issues) $75.00
All international orders: one year (6 issues) $90.00
Remittance must be made in US funds.