The Digital Component of Modern Audit of Activities of Business Entities

Abstract

The article is aimed at substantiating organizational provisions and developing recommendations for improving the conceptual principles of projecting a computer-based audit system for the activities of performers of entrepreneurial activities. The article proposes the principles of modeling the audit system in the structure of the information service of entrepreneurs, provides proposals for assessing audit risks at different stages of entrepreneurial activity, substantiates methodological approaches to conducting an audit using modern information and communication technologies. It is proved that computer-based audit is an effective instrument for controlling and managing economic security of business entities. When designing the organizational-methodological structure of the audit, it is proposed to use the stages of audit development: confirming, system-oriented, and risk-based audit. When deciding on the creation and operational function of the computer-based audit of the activities of business entities, it is recommended to take into account their size, category, organizational and legal form of management, organizational structure, level of automation of accounting and control procedures. Scientific approaches using the proposed indicator of information security to assessing the state of information security of business entity are defined, their components are: degree of use of information and communication technologies in business processes, status of information threats, and degree of security of information resources. Methodical principles of auditing using modern information and communication technologies are proposed to strengthen control and analytical functions of management with the use of the latest audit systems. It is proved that computer-based audit covers the use of information technologies and software as a method and tools of the auditor in the process of performing the task on the basis of reliability assessment and identification of significant risks of the information system of a business entity.