The Customization of the ISACA’s Framework as an Audit Model for Large Scale (Enterprise) Web Applications

by Gede Karya,Veronica S. Moertini
( Department of Informatics Faculty of Information Technology and Science Parahyangan Catholic University )

Date Published: 02 Dec 2013
Published In: Information Systems International Conference (ISICO)
Volume: 2013
Publisher: Departemen Sistem Informasi, Institut Teknologi Sepuluh Nopember
Language: id-ID

Keywords: Enterprise web audit model,ISACAs Framework,Non-functional requirements,IWTE


The applications of information technology, specifically web applications, in the business sector, have led to changes in paradigms, techniques and tools used in performing audits. The applications of large scale of (enterprise) web applications in the business organizations have also been increasing the failure risks that depend on non-functional requirements, such performance (concurrency, response time, capacity/throghput) and reliability. Audit of enterprise web applications become an important part of the implementation process of large scale of web applications in organizations. In this paper, we propose a model to audit enterprise web applications. The model is adopted from Information System Audit and Control Association (ISACA's framework) and software quality model (ISO/IEC 25010) with some customizations. The main contribution of this research is to cover the weakness of ISACA's audit framework, specifically on the lack of attentions to non-functional aspects of large scale web applications. We also propose Integrated Web Test Environment (IWTE) tool that can be used to automate the testing process of non-functional aspects for the web applications

© 2024 Open Access Journal of Information Systems (OAJIS) | created by : radityo p.w ( and rully a.h (eraha99 [at]