Sponsors

Microsoft

TechWell

We have 958 guests and 3 members online

Home IT Compliance Articles A Beginner's Guide to Auditing the AS/400 Operating System

A Beginner's Guide to Auditing the AS/400 Operating System

 E-mail
Written by Judith S. Bines   
Over the last few years, due to the demand for more information technology work, there has been a trend of operational and financial auditors transitioning to performing IT audit. This new brand of auditor is challenged with learning IT, yet often does not have all of the necessary resources available to assist in this process. When faced with this dilemma, one must remember that everyone was a novice at least once.

Most will think that auditing an operating system is a high-tech adventure. Well, sometimes it can be. Any audit can be made as technical as the auditor performing the task is creative.

The main purpose of this article is to help the novice auditor, IT or otherwise, perform an AS/400 operating system review. All the auditor will need is a little background, access to an AS/400 security administrator and/or an AS/400 user ID, and knowledge of a few commands.

First, an auditor must understand what an operating system is. The easiest way is to think of the operating system as the core or foundation of the computer environment. The operating system is the foundation upon which all other programs rely. For example, in a microcomputer environment, Windows 2000, Novell Netware or Windows NT would be the operating system or the foundation upon which the application programs such as Microsoft Office, Netscape Navigator, QuikCAM camera, QuickBooks or Turbo Tax would rely. In a midrange environment, the OS/400, AIX or UNIX operating systems would be the foundation upon which an installation's general ledger system, human resource system or warehouse processing system would rely. The same concept also applies for the mainframe environment.

So, the next question may be: what is an AS/400? IBM's Application System 400 (AS/400) was the successor to the former System 36 and System 38 midrange computers used primarily during the 1980s. The AS/400 is an object-oriented system that uses an operating system called the OS/400. Object-oriented means that everything related to the AS/400 platform is considered an object. Programs, files, printers, users and databases all are considered objects. If possible, it is a good idea to do background reading and a little research on the platform to be audited, if the documentation is available. This will help the auditor feel more comfortable about the tasks to be performed. AS/400 books can make this task much easier to manage.

[Read More]

Trackback(0)

Comments (0)add comment

feedSubscribe to this comment's feed

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy
 
509 Bandwidth Limit Exceeded

Bandwidth Limit Exceeded

The server is temporarily unable to service your request due to the site owner reaching his/her bandwidth limit. Please try again later.