The Unethical Practices of IT Auditors and How to Avoid Them
1. Introduction
The purpose of this paper is to explore some of the unethical issues that IT auditors’ participate in and which have resulted in many people perceiving IT auditing as annoying. The paper will look into five main unethical practices namely selling of client secrets, divulging of confidential information, lack of objectivity, making decisions on the timing of audit procedures and making decisions on the selection of application systems. Each of these unethical practices will be looked into closely and suggestions on how they could be avoided in future will be given.
2. The unethical issues that IT auditors’ participate in
2.1 Selling of client secrets
One of the most unethical things that IT auditors can do is to sell client secrets. Client secrets are information that is not supposed to be made public and which if revealed could harm the client in some way. It could be something as simple as a list of clients or it could be something more complex such as information on how a client’s systems work. Selling such secrets is highly unethical and it is one of the main reasons why many people perceive IT auditing as being annoying.
There are a few ways in which IT auditors can avoid selling client secrets. Firstly, they should make sure that they do not have any access to such information in the first place. Secondly, even if they do have access to such information, they should not disclose it to anyone else unless they have been given explicit permission to do so by the client. Finally, if they are caught selling client secrets, they should be immediately fired and blacklisted from working in the IT industry again.
2. 2 Divulging of confidential information
Another unethical practice that IT auditors can engage in is the divulging of confidential information. Confidential information is information that is not supposed to be made public and which if revealed could harm the company or individual in some way. For example, confidential information could include trade secrets, financial information or client lists. Divulging such information is highly unethical and it is one of the main reasons why many people perceive IT auditing as being annoying.
There are a few ways in which IT auditors can avoid divulging confidential information. Firstly, they should make sure that they do not have any access to such information in the first place. Secondly, even if they do have access to such information, they should not disclose it to anyone else unless they have been given explicit permission to do so by the company or individual concerned. Finally, if they are caught divulging confidential information, they should be immediately fired and blacklisted from working in the IT industry again.
2. 3 Lack of objectivity
Another unethical practice that IT auditors can engage in is a lack of objectivity. This means that they are not impartial when carrying out their duties and that they may be influenced by bias when making decisions. This can lead to them making decisions which are not in the best interests of the company or individual concerned. For example, a biased IT auditor may decide to carry out an audit procedure at an inappropriate time or may select a particular application system because it is affiliated with their own company. Lack of objectivity is highly unethical and it is one of the main reasons why many people perceive IT auditing as being annoying.
There are a few ways in which IT auditors can avoid a lack of objectivity. Firstly, they should make sure that they are aware of their own biases and make an effort to overcome them. Secondly, they should always seek to obtain objective evidence when carrying out audit procedures. Finally, if they are ever in doubt about their own objectivity, they should consult with a more senior colleague or supervisor.
2. 4 Making decisions on the timing of audit procedures
Another unethical practice that IT auditors can engage in is making decisions on the timing of audit procedures. This means that they may choose to carry out an audit procedure at an inappropriate time, which could result in the company or individual concerned being disadvantaged. For example, an IT auditor may choose to carry out an audit procedure during a busy period for the company, which could cause disruption and interfere with work schedules. Or, an IT auditor may choose to carry out an audit procedure shortly before a key deadlines, which could put pressure on staff and lead to mistakes being made. Making decisions on the timing of audit procedures is highly unethical and it is one of the main reasons why many people perceive IT auditing as being annoying.
There are a few ways in which IT auditors can avoid making decisions on the timing of audit procedures. Firstly, they should always consult with the company or individual concerned before deciding when to carry out an audit procedure. Secondly, they should take into account factors such as work schedules and key deadlines when deciding when to carry out an audit procedure. Finally, if they are ever in doubt about the appropriateness of the timing of an audit procedure, they should consult with a more senior colleague or supervisor.
2. 5 Making decisions on the selection of application systems
Another unethical practice that IT auditors can engage in is making decisions on the selection of application systems. This means that they may choose a particular application system because it is affiliated with their own company or because it is less expensive than other options. This can lead to the company or individual concerned being disadvantaged in some way. For example, if an IT auditor chooses a particular application system because it is less expensive, it may not be as effective as other options and this could lead to problems further down the line.Making decisions on the selection of application systems is highly unethical and it is one of the main reasons why many people perceive IT auditing as being annoying.
There are a few ways in which IT auditors can avoid making decisions on the selection of application systems. Firstly, they should always consult with the company or individual concerned before deciding which system to select. Secondly, they should take into account factors such as effectiveness and cost when making their decision. Finally, if they are ever in doubt about the appropriateness of a particular system, they should consult with a more senior colleague or supervisor.
3. Conclusion
In conclusion, there are a number of unethical practices that IT auditors can engage in which have resulted in many people perceiving IT auditing as being annoying. These practices include selling of client secrets, divulging of confidential information, lack of objectivity, making decisions on the timing of audit procedures and making decisions on the selection of application systems. However, there are a few ways in which these practices can be avoided and these include always consulting with the company or individual concerned before taking any action and taking into account all relevant factors before making any decisions.