Chapter Eight

Auditing in the E-Commerce Environment

THIS CHAPTER INTRODUCES THE reader to the world of auditing in an e-commerce environment and identifies additional security concerns that an information systems auditor should address while auditing such systems. E-commerce includes e-banking applications. Upon completing this chapter, the reader will be able to design a strategy and plan for conducting an information systems audit of an e-commerce application and its related environment.

INTRODUCTION

Electronic commerce includes activities of promoting and selling a product or service and obtaining payment for the same. This may also include the payment of bills and government revenue services. The purchase of products and services may be made using the Internet, such as in the cases of movie tickets, airline tickets, and downloadable software, or physically, as in the cases of electronic gadgets, books, fashion accessories, and so forth. The payment may be online using a credit card or integrated with a banking application for transfer of funds from a bank account. In some cases, the payment is also accepted upon physical delivery of the product. In case of banking applications, the activities include accessing financial information, making payments, and transferring funds from one account to another, opening new accounts, using an electronic bill payment service, and so forth. The scope of e-commerce covers such applications available on smartphones and similar handheld devices. ...