CC BY
13
UDC 65.01
AN iT AUDIT AS A TOOL FOR STRATEGiC ENTERPRiSE MANAGEMENT
® 2018 SKRYNKOVSKYY R. M.
UDC 65.01
Skrynkovskyy R. M. An IT Audit as a Tool for Strategic Enterprise Management
The aim of the article is to form and develop the theoretical and methodological principles of an IT audit as a tool for strategic enterprise management. A scheme for converting economic information into data is presented. It is established that an IT audit (an audit of information technology) is an independent audit (examination) by an auditor (a competent specialist or a group of specialists) of the enterprise IT environment in order to obtain complete and objective information (reliable facts, qualitative and quantitative estimates) about its current state (the state of the given subsystem of the enterprise), form an objective audit report and provide recommendations for improving the IT environment. It is established that the main stages of the IT audit are 1) preliminary IT diagnostics; 2) IT infrastructure audit; 3) IT department audit; 4) IT security audit; 5) monitoring the implementation of IT audit recommendations. It is proved that conducting an IT audit on the basis of best practices in the field of information technology management of an enterprise (institution, organization) guarantees the observance of such modern management approaches as system approach, process approach, functional approach, process and structural approach as well as the principles of strategic management of the enterprise. The prospect for further research in this field is the study of the state of regulatory and legal support for an audit of information technology in Ukraine and member states of the European Union.
Keywords: enterprise, IT-audit, information technologies, information system, strategic management. Fig.: 2. Formulae: 2. Bibl.: 32.
Skrynkovskyy Ruslan M. - Candidate of Sciences (Economics), Associate Professor, Department of Business Economy and Information Technology, Lviv University of Business and Law (99 Kulparkivska Str., Lviv, 79021, Ukraine) E-mail: uan_lviv@ukr.net; ORCID iD: 0000-0002-2180-8055
УДК 65.01
Скринькоеський Р. М. 1Т-аудит як нструмент стратегiчного упраелння тдприемстеом
Метою cmammi е формування й розвиток теоретичных i методичних засад 1Т-аудиту як нструменту стратегiчного управлшня тдприем-ством. Наведено схему перетворення економiчноi iнформацii на даш. Встановлено, що 1Т-аудит (аудит iнформацiйних технологш) - це не-залежна перев'рка (експертиза) аудитором (компетентним фахiв-цем або групою фахiвцiв) 1Т-середовища пдприемства з метою отри-мання повноiта об'ективноiiнформацii(достов'рних факт'в, яюсних i шльшсних оцнок) про його поточний стан (цei тдсистеми тдпри-емства), формування об'ективного аудиторського висновку, а також надання рекомендацй щодо удосконалення 1Т-середовища. З'ясовано, що основними етапами проведення 1Т-аудиту е: 1) попередня 1Т-д'шгностика; 2) аудит Т-'тфраструктури; 3) аудит Т-тдрозд'шу; 4) аудит 1Т-безпеки; 5) контроль впровадження рекомендацй 1Т-аудиту. Доведено, що проведення 1Т-аудиту на баз передового до-свiду у сферi управлшня iнформацiйними технологiями тдприемства (установи, органiзацii) гарантуе дотримання таких сучасних пiдходiв менеджменту, як: системний, процесний, функцональний, процесно-структурований, а також принципiв стратегiчного управлшня Ыд-приемством. Перспективою подальших розв'док у цьому науковому напрямi е дотдження стану нормативно-правового забезпечення аудиту iнформацiйних технологш в УкраМ та держав-члешв Евро-пейського Союзу.
Ключое'1 слова: тдприемство, IT-аудит, iнформацiйнi технологи, н формацйна система, стратегчне управлшня. Рис.: 2. Формул: 2. Б'бл.: 32.
Скринькоеський Руслан Миколайоеич - кандидат економiчних наук, доцент, кафедра економки тдприемств та iнформацiйних техноло-гй, Льв'вський ушверситет б'внесу та права (вул. Кульпаршвська, 99, Льв'т, 79021, Украна)
E-mail: uan_lviv@ukr.net; ORCID iD: 0000-0002-2180-8055
УДК 65.01
Скрынькоеский Р. Н. ИТ-аудит как инструмент стратегического упраеления предприятием
Целью статьи является формирование и развитие теоретических и методических основ ИТ-аудита как инструмента стратегического управления предприятием. Представлена схема преобразования экономической информации в данные. Установлено, что ИТ-аудит (аудит информационных технологий) - это независимая проверка (экспертиза) аудитором (компетентным специалистом или группой специалистов) ИТ-среды предприятия с целью получения полной и объективной информации (достоверных фактов, качественных и количественных оценок) о его текущем состоянии (данной подсистемы предприятия), формирования объективного аудиторского заключения, а также предоставления рекомендаций по совершенствованию ИТ-среды. Установлено, что основными этапами проведения ИТ-аудита являются: 1) предварительная ИТ-диагностика; 2) аудит ИТ-инфраструктуры; 3) аудит ИТ-подразделения; 4) аудит ИТ-безопасности; 5) контроль внедрения рекомендаций ИТ-аудита. Доказано, что проведение ИТ-аудита на базе передового опыта в области управления информационными технологиями предприятия (учреждения, организации) гарантирует соблюдение таких современных подходов менеджмента, как: системный, процессный, функциональный, процессно-структурированный, а также принципов стратегического управления предприятием. Перспективой дальнейших исследований в данном научном направлении является исследование состояния нормативно-правового обеспечения аудита информационных технологий в Украине и государств-членов Европейского Союза. Ключееые слоеа: предприятие, IT-аудит, информационные технологии, информационная система, стратегическое управление. Рис.: 2. Формул: 2. Библ.: 32.
Скрынькоеский Руслан Николаееич - кандидат экономических наук, доцент, кафедра экономики предприятий и информационных технологий, Львовский университет бизнеса и права (ул. Кульпарков-ская, 99, Львов, 79021, Украина) E-mail: uan_lviv@ukr.net; ORCID iD: 0000-0002-2180-8055
Introduction. The modern practice of doing business in Ukraine proves that today, under conditions of the rapid development of scientific and technological progress and deepening of the informatization of processes, the development of any enterprise directly depends on information technologies used in management systems. In such circumstances, carrying out an IT audit as a component of the audit system of an enterprise (institution, organization) is very relevant and important.
The analysis of recent researches and publications shows that a significant scientific and practical contribution to the solution of certain problematic issues (aspects) in the field of IT audit was made by such scientists as M. Astakhova [1], M. Benko [2], I. Holiash [3], O. Grebeshkov [4], V. Guzh-va [5], I. Danyliuk [6], M. Denysenko [7], S. Ivakhnenkov [8], F. Moskalenko [9], I. Noga [10], A. Ogneva [11], G. Pawlowski [12], L. Pysmachenko [13], O. Pugachenko [14], K. Redchenko [15], R. Us [16; 17], G. Chumachenko [18], A. Yanchev [19], and others.
Identification of uninvestigated parts of the general problem. Paying tribute to the high level of scientific developments [1-23] in this direction, it is worth noting that today insufficient attention is paid to an IT audit as a tool of strategic enterprise management (within the theory and practice of economics and enterprise management). All this has substantiated the relevance of the presented research, determined its theme, purpose, and prospects.
Therefore, the aim of the article is to form and develop the theoretical and methodological principles of an IT audit as a tool for strategic enterprise management.
Presentation of basic material of the research. Based on the results of the studies [6; 16], it was found that today (in the context of the growing need for organizations to build an effective IT management system), there is a quite significant attention of business and specialists (both theorists and practitioners) in Ukraine to an IT audit (as a new type of audit of organizations), since the results of its conduct can provide answers to a number of questions, in particular: 1) whether the IT environment meets the goals (expected results) of a business (enterprise); 2) whether investments in IT are rational and economically justified; 3) whether the enterprise receives competitive advantages using the implemented IT; 4) what economic risks associated with IT threaten the enterprise6 and how they affect the results of its activities and the formation of prospects, etc. [6; 16, p. 84].
In the context of this, on the basis of research results of scientific works [5; 7; 10; 12; 16-18; 24-27], it is established that:
1. Information technology should be understood as an integral system of techniques and methods for collecting, accumulating, processing, storing, transferring (exchanging), representing, and using information [5, p. 19]. The scheme for converting economic information into data is presented in Figure 1.
2. Information technologies at enterprises are divided into: 1) office automation technologies; 2) information processing technologies; 3) information management technologies; 4) information technologies for sup-
Fig. 1. The scheme for converting economic information into data
Source: developed based on [5, p. 9-14] (V. Guzhva)
porting decision-making; 5) information technologies used in expert systems [18] (G. Chumachenko).
3. Information technologies of an enterprise (supporting, functional ones [18]) alongside with information resources, hardware, software (special information analysis one), and intelligent technological systems to achieve IT goals form an information system (or information support system) for making management decisions (current, future, operational, development ones) in the management system [7; 10, 12; 24; 27].
4. An IT audit (audit of information technologies) is an independent audit (examination) by an auditor (a competent specialist or a group of specialists) of the enterprise IT environment for the purpose of obtaining complete and objective information (reliable facts, qualitative and quantitative estimates) about its current state (the state of the given subsystem of the enterprise), forming an objective audit report, as well
as providing recommendations for improving the IT environment [16; 17; 24].
5. An IT audit (as a component of the enterprise audit system) provides an opportunity to assess the state of affairs at the current stage of implementing and / or using information systems and technologies, a list of deficiencies, inconsistencies, possible risks associated with them and recommendations for their elimination [14, p. 227].
Within the studying of the work [2] (M. Benko, V. Sop-ko), it is established that an IT audit is divided into internal audit and external audit. The main elements of an internal IT audit are objects of the internal audit information system and the internal audit staff, and those of an external IT audit are objects of the external audit information system and the external audit staff [2].
At the same time it is also worthwhile to note the scientific work of S. Ivakhnenkov [8], which states that the main
directions of the audit of information systems that provide for the use of information technologies are: 1) technical audit; 2) information security audit; 3) estimative audit of information systems and software; 4) audit of implementation and reengineering projects; 5) audit of effectiveness of the information system [8].
In turn, O. Pugachenko [14] argues that an IT audit covers such areas of examination as: 1) state of computer information systems and the possibility of expanding their available functions; 2) level of data archiving and storage; 3) level of control procedures for monitoring the operation of the computer data processing environment; 4) software analysis and availability of licenses as well as the ability to respond flexibly to changes in legislation in terms of setting (restoring) software; 5) issues of information security (restriction of unauthorized access), etc. [14, p. 225].
In view of this, I. Holiash and S. Sachenko [3, p. 92] focus attention on the fact that as a result of an IT audit, recommendations are made aimed at enhancing enterprise security in the field of IT application. According to the scientists [3], the recommendations should address such key areas as: 1) developing a system for appropriate information support for j obs; 2) establishing specific schemes for the collection, accumulation, processing, storage, exchange and use of information; 3) creating effective control over the operation of the software and its us-
ers; 4) re-monitoring changes in the software; 5) implementing measures to preserve the confidentiality of data, etc. [3, p. 92].
It is established that the IT audit quality directly depends on the level of professionalism of audit services that is formed on the basis of 1) rational formation of the base of audit knowledge; 2) compliance with the basic principles of International Standards on Auditing and the norms of the Code of Professional Ethics for Auditors [19, p. 52].
Taking into account the aforesaid, it is also worthwhile to pay attention to the materials of the Ukrainian company "Baker Tilly in Ukraine" [24], according to which it is clear that the main stages of an IT audit are: 1) preliminary IT diagnostics; 2) IT infrastructure audit; 3) IT department audit; 4) IT security audit; 5) monitoring the implementation of IT audit recommendations (Fig. 2).
Here (see Fig. 2, Stage 1), based on the results of previous studies on the problem cited in the works [10; 12; 25-27], it is determined that
1) Diagnostics of effectiveness of using information technology in management of the enterprise (DIT) is the process of identifying, analyzing and evaluating the efficiency, economy and flexibility of using information technologies in enterprise management for the purpose of for making well-grounded management decisions (current, future, operational, development ones) in the management system aimed at:
Stages of an IT Audit
Fig. 2. Stages of an IT Audit
Source: [24] (Materials of the Ukrainian company "Baker Tilly in Ukraine")
■ increasing integral level of efficiency of the enterprise's functioning (EF) as a structural component of its competitiveness in the systems for determining the result «information-resource-time-opportunities (threats)», «goal-means-result», and «effect-result», based on performance principles (quality in quantitative assessments, reliability, target orientation, transparency, complexity, temporal orientation, formalization, integration), evaluation metrics, evaluation rules, analytical business indicators, rules of interpretation [10, 12; 25];
■ obtaining the maximum possible annual economic effect from the use (implementation) of IT (alongside with information resources, technical means, software (special information analysis one) and intellectual information retrieval, accounting and expert systems), which is denoted as the increment in net profit (ER) in the formula (1):
Dt ^ (Ef T,ER T);
Ef = f E, Ec, Em,, Es);
Er = Pa-£K , (1)
/=1
where Efe, Ec, Em, Es — structural components of Ep respectively - financial and economic, commercial, manufacture and technological, and social efficiency of the enterprise in conventional units;
Pa - additional profit of the enterprise, hrn.; 12
^ K - amount of taxes that must be paid from addi-
/=i
tional profit, hrn. [10; 12; 27].
2) In the basis of the demands to the quality of implementation DIT (Qdit ) are interrelated parameters (business indicators), which can be described by the function presented by the formula (2):
Qdt = f(a,b, c, d, e, f, g), (2)
where a - level of efficiency; b - level of productivity; c - level of confidentiality; d - level of integrity; e - level of accessibility; f - level of compliance; g - level of reliability [10; 12; 26]. At the same time, it is established that in the process of IT auditing (see Fig. 2) it is necessary to use the best practices in IT management, documented in the form of generally accepted standards, instructions, recommendations, such as: 1) ITGI COBIT 2) ISACA IT Audit and Assurance Standards; 3) INTOSAI IT Audit Committee Guides; 4) ISO 9000x, ISO 20000x, ISO 27000x, ISO 31000, ISO 38500:2008; 5) IFAC IT Committee Guidelines; 6) OGC ITIL 7) SEI CMMI 8) Hewlett-Packard ITSM; 9) Microsoft MOF, and others [24].
Taking into account the foregoing, it should be noted that in the scientific work [1, p. 322], M. Astakhova presented a draft computer model of the co-functioning of the audit and accounting program, the main elements of which are: data im-
port, analytic survey, systematization, and audit report. At the same time, it has been established that the application of the proposed computer model in practice (in comparison with the manual one) makes it possible to obtain a number of advantages and additional opportunities, namely 1) possibility of increasing the audit sampling of information, which will improve the quality of audit findings; 2) increase in the level of effectiveness of the audit due to the reduction of the terms of inspection and work effort; 3) possibility of determining deviations of actual values from the planned targets and establishing the main factors that affected the deviation; 4) possibility of reconciling and interrelating the reporting forms received from the computer accounting program with the data obtained from the audit program [1, p. 323].
Thus, the use of an IT audit in the management system gives an opportunity for enterprise managers 1) to determine the role and place of information technologies in the overall organizational structure and their contribution to the achievement of business objectives; 2) assess the level of conformity of IT strategy with the overall business strategy, the level of maturity of IT processes and IT risk management [24].
Conclusions and prospects for further research. The results of the study [1-32] make it possible to formulate the following conclusions and proposals of a theoretical and practical nature, namely
An IT audit (an audit of information technology) is an independent audit (examination) by an auditor (a competent specialist or a group of specialists) of an enterprise's IT environment in order to obtain complete and objective information (reliable facts, qualitative and quantitative estimates) about its current state (the state of the given subsystem of the enterprise), form an objective audit report and provide recommendations for improving the IT environment.
The main stages of an IT audit are: 1) preliminary IT diagnostics; 2) IT infrastructure audit; 3) IT department audit; 4) IT security audit; 5) monitoring the implementation of IT audit recommendations.
Conducting an IT audit on the basis of best practices in the field of information technology management of an enterprise (institution, organization) directly guarantees the observance of such modern management approaches as system approach, process approach, functional approach, process and structural approach as well as the principles of strategic management of the enterprise.
The prospect for further research in this field is the study of the state of regulatory and legal support for an audit of information technology in Ukraine and member states of the European Union.
LITERATURE
1. Астахова M. M. Використання комп'ютерних шформа-цшних систем при проведены аудиту pe3epBiB i забезпечень тдприемства. Науков'1 прац Кровоградського нацюнального техтчногоунверситету. Економ'чн науки. 2007. Вип. 12, Ч. 1. С. 319-324.
2. Бенько M. M., Сопко В. В. 1нформацшы технологи як фактор Ытеграцп внутршнього i зовншнього аудиту. Економ'ч ний форум. 2015. № 1. С. 254-261.
3. Голяш I. Д., Саченко С. I. Аудит безпеки пщприемства у сферi застосування iнформацiйних технологiй. Проблеми тео-ри та методологи бухгалтерского обл'ику, контролю i анал'зу.
2012. Вип. 1 (22). С. 90-94. DOI: https://doi.org/10.26642/pbo-2012-1(22)-90-94
4. Гребешков О. М. Стратепчний iнформацiйний аудит як шструмент розробки шформацшно''' стратегГГ пщприемства. Всник Нацонального унверситету «Львiвська nолiтехнiка». 2010. № 683 : Проблеми економiки та управл'шня. С. 202-205.
5. Гужва В. М. 1нформацшш системи i технологи на пщ-приемствах : навч. посiб. Ки'в : КНЕУ, 2001. 400 с.
6. Данилюк I. IT-аудит: проблеми та перспективи // Мо-дершза^я нацюнально''' системи управлiння державним розви-тком: виклики i перспективи : матерiали II Мiжнар. наук.-практ. конф. (Тернопть, 8-9 груд. 2016 р.). Тернопть : Крок, 2016. Ч. 2. С. 75-77.
7. Денисенко М. П., Колос I. В. 1нформацшне забезпечен-ня ефективного управлшня пщприемством. Економ'ша та держава. 2006. № 7. С. 19-24.
8. 1вахненков C. В. Поняття комп'ютерного контролю та аудиту. В'сник М'жгалузевого шститутууправл'шня. 2009. № 2. C. 56-60.
9. Москаленко Ф. I. Проблемы питання проведення аудиту шформацшних систем у сучасних умовах. Таврйський на-уковий в'сник. Економ'чн'1науки. 2013. № 84. С. 327-332.
10. Нога I. М., Скриньковський Р. М. (Skrynkovskyy R. М.), Павловськ Г. (Pawlowski G.) Дiагностика ефективносп застосування шформацшних технологш в управлшы шдприемствами. Б'анес 1нформ. 2016. № 9. C. 241-245.
11. Огнева А. М. Аудит шформацшних систем i технологш. Всник Хмельницького нац'юнального ун'верситету. Сер'я : Економ'чшнауки. 2009. № 6, Т. 1. С. 229-232.
12. Павловськ Г. (Pawlowski G.), Скриньковський Р. (Skrynkovskyy R.), Шпак О. (Shpak O.), Вiзняк Ю. Розробка мо-делi системи управлшсько''' дiагностики пщприемства на засадах удосконалення дiагностичних цiлей. Traektoria Nauki. 2017. № 3(11). C. 4010-4020. DOI: http://dx.doi.org/10.22178/pos.28-9
13. Пкьмаченко Л. М., Васильева В. Г., Яковенко I. В. Сучасн iнформацiйнi технологи облту та аудиту в управлш-нi пiдпри£мством. 1нвестицИ: практика та досв'д. 2010. № 9. C. 43-47.
14. Пугаченко О. Б. Особливосп аудиту шформацшних систем i технологш. Науков'1 прац Юровоградського нац'юналь-ного техн'шого ун'юерситету. Економ'чн'1 науки. 2009. Вип. 16 (2). С. 223-228.
15. Редченко К. I. 1нформацшы технологи та аудит: стратепчний контекст. Всник Нац'юнального ун'верситету "Льв'в-ськапол'техн'ка". 2012. № 722 : Менеджмент та пщприемництво в Укра'шЬ етапи становлення i проблеми розвитку. С. 386-389.
16. Ус Р. Л. Аудит шформацшних технологш - новий вид аудиту оргашзацш. Формування ринкових в'дносин в Укран
2013. № 1. С. 81-86.
17. Ус Р. Л. Аудит шформацшних технологш як складова системи аудиту оргаызацш. Формування ринкових в'дносин в Украт. 2011. № 1. С. 163-168.
18. Чумаченко Г. В. Оргашза^я управлшня малими та середшми пщприемствами з використанням шформацшних технологш : автореф. дис. ... канд. екон. наук : 08.06.02. Луганськ, 1999. 20 с.
19. Янчев А. Питання управлшня та оцшки шформацшних технологш. Економкт. 2011. № 9. С. 50-52.
20. Buchanan S., Gibb F. The information audit: An integrated strategic approach. International Journal of Information Man-
agement. February 1998. Vol. 18, Issue 1. P. 29-47. DOI: https://doi. org/10.1016/S0268-4012(97)00038-8
21. Kim H.-J., Mannino M., Nieschwietz R. Information technology acceptance in the internal audit profession: Impact of technology features and complexity. International Journal of Accounting Information Systems. December 2009. Vol. 10, Issue 4. P. 214-228. DOI: https://doi.org/10.1016/j.accinf.2009.09.001
22. Robson K., Humphrey C., Khalifa R., Jones J. Transforming audit technologies: Business risk audit methodologies and the audit field. Accounting, Organizations and Society. May-July 2007. Vol. 32, Issues 4-5. P. 409-438. DOI: https://doi.org/10.1016/j. aos.2006.09.002
23. Janvrin D., Bierstaker J., Lowe D. An Examination of Audit Information Technology Use and Perceived Importance. Accounting Horizons. March 2008. Vol. 22, No. 1. P. 1-21. DOI: https://doi. org/10.2308/acch.2008.22.1.1
24. IT-аудит - инструмент стратегического управления компанией: Mатерiали укра'шськоТ компани "Baker Tilly in Ukraine". URL: http://www.bakertilly.ua/media/IT_audit_russ.pdf
25. Олексюк О. I. Технолопя оцшки результативносп дiяльностi пщприсмства. Зб'рник наукових праць Черкаського державного технолог'чного унверситету. Сер'я : Економ'чш науки. 2009. Т. 2, № 22. С. 169-173.
26. IT Governance Institute. 2000. COBIT 4.1. Management Guidelines. United States of America.
27. Заяць В. M. Роль шформацшних технологш у форму-ванш стратепчного мислення менеджера. Актуальн'1 проблеми економки. 2009. № 6 (96). С. 280-288.
28. Кузьмш О. £. Сучасний менеджмент. Львiв : Центр £в-ропи, 1995. 176 с.
29. Кузьмш О. £. Концеп^я та еволю^я процесно-структурованого менеджменту. Економка: реалп часу. 2012. № 2 (3). С. 7-16.
30. Бодди Д., Пейтон Р. Основы менеджмента. СПб. : Питер, 2000. 816 с.
31. Дафт Р. Менеджмент. СПб. : Питер, 2000. 832 с.
32. Мескон М., Альберт М., Хедоури Ф. Основы менеджмента. М. : Дело, 1992. 702 с.
REFERENCES
Astakhova, M. M. "Vykorystannia kompiuternykh infor-matsiinykh system pry provedenni audytu rezerviv i zabezpechen pidpryiemstva" [Use of computer information systems during the audit of reserves and provisions of the enterprise]. Naukovi pratsi Kirovohradskoho natsionalnoho tekhnichnoho universytetu. Ekono-michni nauky vol. 1, no. 12 (2007): 319-324.
Benko, M. M., and Sopko, V. V. "Informatsiini tekhnolohii yak faktor intehratsii vnutrishnyoho i zovnishnyoho audytu" [Information technologies as an integral factor of internal and external audit]. Ekonomichnyi forum, no. 1 (2015): 254-261.
Boddi, D., and Peyton, R. Osnovy menedzhmenta [Fundamentals of management]. St. Petersburg: Piter, 2000.
Buchanan, S., and Gibb, F. "The information audit: An integrated strategic approach" International Journal of Information Management vol. 18, no. 1 (1998): 29-47.
Chumachenko, H. V. "Orhanizatsiia upravlinnia malymy ta serednimy pidpryiemstvamy z vykorystanniam informatsiinykh tekhnolohii" [Organization of management of small and medium enterprises using information technologies]: avtoref. dys.... kand. ekon. nauk : 08.06.02, 1999.
Daft, R. Menedzhment [Management]. St. Petersburg: Piter,
2000.
Danyliuk, I. "IT-audyt: problemy ta perspektyvy" [IT Audit: Problems and Prospects]. Modernizatsiia natsionalnoi systemy up-ravlinnia derzhavnym rozvytkom: vyklyky i perspektyvy, part 2. Ter-nopil: Krok, 2016. 75-77.
Denysenko, M. P., and Kolos, I. V. "Informatsiine zabezpech-ennia efektyvnoho upravlinnia pidpryiemstvom" [Information provision of effective enterprise management]. Ekonomika ta der-zhava, no. 7 (2006): 19-24.
Holiash, I. D., and Sachenko, S. I. "Audyt bezpeky pidpryiem-stva u sferi zastosuvannia informatsiinykh tekhnolohii" [Enterprise security audit in the field of information technology application]. Problemy teorii ta metodolohii bukhhalterskoho obliku, kontroliu i analizu, no. 1 (22) (2012): 90-94.
Hrebeshkov, O. M. "Stratehichnyi informatsiinyi audyt yak instrument rozrobky informatsiinoi stratehii pidpryiemstva" [Strategic information audit as a tool for developing an enterprise information strategy]. Visnyk Natsionalnoho universytetu «Lvivska politekhnika», no. 683 : Problemy ekonomiky ta upravlinnia (2010): 202-205.
Huzhva, V. M.Informatsiini systemy i tekhnolohii na pidpryiem-stvakh [Information systems and technologies at the enterprises]. Kyiv: KNEU, 2001.
"IT-audyt - instrument strategicheskogo upravleniya kom-paniyey: Materialy ukrainskoi kompanii "Baker Tilly in Ukraine"" [IT Audit - A tool for strategic management of the company: Materials of the Ukrainian company «Baker Tilly in Ukraine»]. http://www. bakertilly.ua/media/IT_audit_russ.pdf
Ivakhnenkov, C. V. "Poniattia kompiuternoho kontroliu ta audytu" [The concept of computer control and audit]. Visnyk Mizh-haluzevoho instytutu upravlinnia, no. 2 (2009): 56-60.
IT Governance Institute. 2000. COBIT 4. 1. Management Guidelines. United States of America.
Janvrin, D., Bierstaker, J., and Lowe, D. "An Examination of Audit Information Technology Use and Perceived Importance" Accounting Horizons vol. 22, no. 1 (2008): 1-21.
Kim, H.-J., Mannino, M., and Nieschwietz, R. "Information technology acceptance in the internal audit profession: Impact of technology features and complexity" International Journal of Accounting Information Systems vol. 10, no. 4 (2009): 214-228.
Kuzmin, O. Ye. "Kontseptsiia ta evoliutsiia protsesno-struk-turovanoho menedzhmentu" [Concept and evolution of process-structured management]. Ekonomika: realii chasu, no. 2 (3) (2012): 7-16.
Kuzmin, O. Ye. Suchasnyi menedzhment [Modern management]. Lviv: Tsentr Yevropy, 1995.
Meskon, M., Albert, M., and Khedouri, F. Osnovy menedzh-menta [Fundamentals of management]. Moscow: Delo, 1992.
Moskalenko, F. I. "Problemni pytannia provedennia audytu informatsiinykh system u suchasnykh umovakh" [Problematic issues of audit of information systems in modern conditions]. Tavri-iskyinaukovyi visnyk. Ekonomichninauky, no. 84 (2013): 327-332.
Noha, I. M., Skrynkovskyy, R. M., and Pawlowski, G. "Diah-nostyka efektyvnosti zastosuvannia informatsiinykh tekhnolohii v
upravlinni pidpryiemstvamy" [Diagnostics of the efficiency of application of information technologies in the management of enterprises]. Biznes Inform, no. 9 (2016): 241-245.
Ohneva, A. M. "Audyt informatsiinykh system i tekhnolohii" [Audit of information systems and technologies]. Visnyk Khmelnyts-koho natsionalnoho universytetu. Seriia : Ekonomichni nauky vol. 1, no. 6 (2009): 229-232.
Oleksiuk, O. I. "Tekhnolohiia otsinky rezultatyvnosti diialnos-ti pidpryiemstva" [Technology for assessing the effectiveness of the enterprise]. Zbirnyk naukovykh prats Cherkaskoho derzhavnoho tekhnolohichnoho universytetu. Seriia : Ekonomichni nauky vol. 2, no. 22 (2009): 169-173.
Pawlowski, G. et al. "Rozrobka modeli systemy upravlinskoi diahnostyky pidpryiemstva na zasadakh udoskonalennia diah-nostychnykh tsilei" [Development of the model of the system of managerial diagnostics of the enterprise on the basis of improvement of diagnostic purposes]. Traektoria Nauki, no. 3 (11) (2017): 4010-4020.
Pismachenko, L. M., Vasylieva, V. H., and Yakovenko, I. V. "Su-chasni informatsiini tekhnolohii obliku ta audytu v upravlinni pidpryiemstvom" [Modern information technology accounting and auditing in the management of the enterprise]. Investytsii: praktyka ta dosvid, no. 9 (2010): 43-47.
Puhachenko, O. B. "Osoblyvosti audytu informatsiinykh system i tekhnolohii" [Features of audit of information systems and technologies]. Naukovi pratsi Kirovohradskoho natsionalnoho tekh-nichnoho universytetu. Ekonomichni nauky, no. 16 (2) (2009): 223228.
Redchenko, K. I. "Informatsiini tekhnolohii ta audyt: strate-hichnyi kontekst" [Information Technology and Audit: Strategic Context]. Visnyk Natsionalnoho universytetu "Lvivska politekhnika", no. 722 : Menedzhment ta pidpryiemnytstvo v Ukraini: etapy stanovlennia i problemy rozvytku (2012): 386-389.
Robson, K. et al. "Transforming audit technologies: Business risk audit methodologies and the audit field" Accounting, Organizations and Society vol. 32, no. 4-5 (2007): 409-438.
Us, R. L. "Audyt informatsiinykh tekhnolohii - novyi vyd audytu orhanizatsii" [Information technology audit is a new type of audit of organizations]. Formuvannia rynkovykh vidnosyn vUkraini, no. 1 (2013): 81-86.
Us, R. L. "Audyt informatsiinykh tekhnolohii yak skladova systemy audytu orhanizatsii" [Audit of information technologies as an integral part of the organization's audit system]. Formuvannia rynkovykh vidnosyn v Ukraini, no. 1 (2011): 163-168.
Yanchev, A. "Pytannia upravlinnia ta otsinky informatsiinykh tekhnolohii" [Issues of management and evaluation of information technologies]. Ekonomist, no. 9 (2011): 50-52.
Zaiats, V. M. "Rol informatsiinykh tekhnolohii u formuvanni stratehichnoho myslennia menedzhera" [The role of information technology in shaping the strategic thinking of the manager]. Ak-tualni problemy ekonomiky, no. 6 (96) (2009): 280-288.
