Framework for Comprehensive System Audits in Colombian MSMEs

Abstract

This article presents a framework of systems audit applicable to Micro, Small and Medium Enterprises (MSMEs) in Colombia, based on the joint work with different technical norms and standards, and best global practices in the field of information technology (IT) and internal control for comprehensive system audits. For this purpose, we study the behavior of the MSME sector in Colombian economy in IT and analyze standards or technical norms of COBIT (Control Objectives for Information and Related Technologies), ITIL (Information Technology Infrastructure Library), ISO 2700X and ISO 900X, among others