15.7. CONCLUSION

The body of knowledge pertaining to IS project management is so vast that this chapter can only provide a primer on the subject. My goal was to provide information to enable auditors to identify control weaknesses that could lead to significant failures in IS development projects. Such failures weaken an organization's ability to achieve its strategic business objectives and can eventually lead to its total demise. Auditors are responsible for reporting significant weaknesses to applicable organization management and recommending solutions. Because IS project management is both an art and a science, it will always be a challenge to maintain adequate controls over major IS projects. Just a few poor IS project management decisions can negate even the best-intentioned internal controls. Ultimately, it is the organization's senior management who is responsible for ensuring that major IS projects are being completed on time and within budget on a consistent basis.

This chapter concludes with two case studies. In case study 15.3, a project audit uncovered a significant security weakness. In case study 15.4, an audit identified significant project management deficiencies.

CASE STUDY 15.3

Project Audit Identifies Security Weaknesses

During a consulting audit of a PeopleSoft financial accounting and accounts payable project implementation, my objective was to assess the adequacy of the logical security controls over the entire system, including the PeopleSoft application, ...

Get Auditing Information Systems, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.