This is part two of an exploration into Internal Audit’s past. Yesterday we began looking through an issue of The Internal Auditor from August 1987. The idea was to see how much things have changed in our profession and how much things have stayed the same. Today, let’s start looking at some of the actual articles.
Since yesterday’s post seemed to include a lot of stuff about computers, let’s continue in the same vein. Because, in spite of what I had thought might be the case, there was a whole lot more going on with computers back then than I imagined.
One of the first computer-oriented entries is a regular column titled “Automated Auditing”. It would be real easy to start out by poking fun at this title – the term “automated” is not one used much anymore when discussing computers. But the fact that this column appears in the magazine at all speaks volumes. One of the things I mentioned yesterday was that the profession had only an inkling of how much computers were going to change the way we worked. Well, the editors of the magazine recognized that the times they were a-changing, and they established this column to start exploring the way things were going to change.
The column begins, “Internal auditors often ask, ‘How can I optimize the performance and use of my hard disks?’” Skip the use of the phrase “hard disk”. A column on the care and feeding of computers can always be relevant. And, while some of the words used in the separate sections of the column are a bit antiquated (the actual sections were “Productivity”, “Backup – the absolute necessary task”, “Recovery Programs”, “Extended DOS service programs”, “Menu systems”, Disk caching”, “On-screen notes” [about how to handle the DOS restriction of 11 characters to label a file], and “Catalog programs”), just change those titles to more relevant soft and hardware issues, and the content has just as much relevance now as it did 25 years ago.
Just to prove I’m not one who will dodge the opportunity to pick on something for being old (looks at self in mirror), the “Readings of Interest” column includes a section of book reviews titled “EDP Auditing”. I am sure there are some of you out there that remember when IT was called EDP or MIS, and I’d have you raise your hands. But I know how it is when the rheumatiz kicks in.
One last computer-oriented article to look at – “Control and Audit of Host-based End-user Computing.” This article focuses on controls that need to be established as business people learn to use computers to write their own programs. It seems eerily close to the wide-spread issues we now face any time we are looking at work people develop at their desks. In fact, this might even be considered a precursor of the risks we are facing with cloud-based computing, publication through social media, and even the more detailed concern of spreadsheet control.
So, I think the score right now is: Things Have Changed – 1; Things are Still the Same – 3. (Remember, this is the blog where everything’s made up and the points don’t matter.) Things Have Changed got a point because there are some out-of-date and antiquated words and concepts. Things are Still the Same gets three points because, while the names have changed, the risks are still the same.
Tomorrow – some more articles. And, on Friday, a very interesting piece from the Chairman of the Board.