Auditoría de gestión informática al departamento de sistemas del Gobierno Autónomo Descentralizado Municipal del cantón General Antonio Elizalde (Bucay), provincia de Guayas, período 2017

Abstract

The objective of the present study was to carry out an IT Management Audit at the systems department from the Gobierno Autónomo Descentralizado Municipal del cantón General Antonio Elizalde (GAD Bucay), located in the province of Guayas, term 2017, in order to establish the level of achievement of Internal Control Standards issued by the Contraloría General del Estado regarding information technologies. The research techniques used were the direct observation, an interview applied to the Director of the Systems Department and surveys applied to the GAD employees. The findings found include: the absence of plans of contingency, inadequate handling of computer equipment in computer management, lack of policies, procedures and management of technological resources. For this reason, an IT management audit was carried out in the systems department, where internal control questionnaires were developed, the level of risk was determined in order to establish and analyze compliance with standards relating to logical security, physical security, the proper use and administration of technological resources, and an audit report was produced. It is concluded that the GAD within its organizational structure is required to manage and identify its IT department according to the provisions of the Internal Control Standard 410-01 regarding IT Organization therefore the manager of the human resources department should identify this unit. It is recommended that the person who is responsible for the IT department to establish the necessary security mechanisms to help to protect the IT resources of the institution, in order to avoid any loss of physical resources or leaks of information processed by the GAD.