dos as an audit tool

Computer Audit Update June 1991

analysis; and to plan for the worst, knowing that by such planning you should be capable of dealing with anything. He went on to say that the Environmental Protection Agency's role was prevention not cure; that his role would be proactive to encourage organizations to take preventative measures and that he was not a policeman. He coined an acronym to sum this up - - BATNIEC (Best Available Technology, Not Incurring Excessive Cost).

The scenarios are different but the message is much the same - - there is a need to assess the risks and take proactive steps to reduce the likelihood of the risks occurring and to minimize the impact of such an occurrence on the organization.

The UK Audit Commission have just issued their fourth Survey of Computer Fraud & Abuse. One of their findings, is a most alarming shortfall in the preventative measures that should be taken by organizations to help avoid computer fraud and abuse, demonstrated by the relatively low number of companies who have conducted risk analysis reviews. Without knowing what the risks are to their organization's IT investments, how can management effectively protect them?

As if to reinforce this point, and show that disasters do happen, we have just witnessed the second serious computer room fire in central Basingstoke, UK, within a year. Ironically both fires were in brand new buildings but neither company had properly assessed the risks. One had a sprinkler system, but the fire started above the sprinklers. The result would have been no different if the fire had started below the sprinklers, because they did not work! A security measure that is not tested, and tested regularly, may be no better than no security at all. The second organization did not have any sprinklers. It is interesting to note that in the latest fire, two floors suffered fire damage and a further ten floors suffered smoke and/or water damage. Both companies were lucky to be large enough to have the resources to enable them to survive and to do so relatively painlessly. The rest of us may not be so fortunate.

If your organization still plans to do nothing about disaster recovery planning, then perhaps you should not relocate to Basingstoke.

Computer abuse legislation and abuse of legislation

There has been a lot of press comment recently following the first conviction under the UK's Computer Misuse ACt as to whether the Act works; has it really been tested; and should it have been legislated in the first place? Whatever the perceived or actual imperfections of the Act, spare a thought for the US authorities who are impotent to act against a group of Dutch hackers who have been breaking into US military, space and intelligence systems using local telephone lines from The Netherlands. There is no anti-hacking law in The Netherlands!

The 1990 annual report by the UK Police Complaints Authority reports that the misuse of computer information by police officers is growing, both for their own use and for third parties. The PCA has already recommended that disciplinary action be taken against officers who break the rules, although some Chief Constables do not consider the offences serious enough to warrant action! These are the same officers who have a duty to enforce the Data Protection ACt, which is meant to protect the rights of citizens with respect to computerized data held on them!

DOS AS AN AUDIT TOOL

John Mitchell

Ideally, any auditor who will be auditing micro based applications should carry an appropriate tool box in his/her briefcase. In this case the toolbox will comprise a number of software tools, although a couple of screwdrivers can also be most useful. At a minimum the auditor should have the latest version of either Norton's Advanced Utilities, or PC Tools and also a spreadsheet audit package compatible with the spreadsheets likely to be encountered. I actually use Supercalc 5 for this: as it is not only capable of reading Lotus spreadsheets but it also has the audit function built-in.

2 ©1991 Elsevier Science Publishers Ltd


In practice, however, even the best equipped and most diligent auditor may find himself in the posit ion of either not having these tools available, or not being able to use them, for one reason or another, on the target machine. Under these circumstances the auditor has to make do with the tools provided within the machine's operating system.

The operating system used by the IBM PC range and compatible machines is primarily intended to aid the running of other applications on the hardware. As with its larger mainframe cousins, however, DOS contains a number of facilities that can be used by the auditor. This article concentrates on DOS basics and describes how the auditor should prepare himself for the audit.

Background

DOS stands for 'Disk Operating System'. This means that the many commands that make up DOS are held on disk and need to be read into memory before they can be executed. There are a number of variants of DOS and each variant has a number of versions.

Variants include MS-DOS from Microsoft, DR-DOS from Digital Research and PC-DOS from IBM itself. Although there are differences in the way these variants present themselves to the user, they all basically do the same things and tend to use the same command structure and syntax.

Each variant has been through a number of enhancements and this is reflected in its version number. Currently PC-DOS is at version 4.01 and although it is still not unusual to come across machines running Version 2.1, the versions most often encountered by an auditor will be in the range 3.1 to 3.3. This article deals primarily with the version 3.3 but almost all the commands described are common throughout the DOS range.

The starting point

As the hardware needs DOS to be able to do anything useful the auditor can be assured of at least a subset of the operating system being available on any machine encountered. To be

totally sure that the various commands have not been amended, however, it is better if auditors go armed with their own legal copy of DOS on a write protected diskette.

Ideally, a copy of DOS should be available to the auditor on both 5.25" and 3.5" low density diskettes (see Table 1), as this means that the auditor has the necessary media to tackle any hardware variant encountered.

It is also useful to have at least one empty formatted diskette of each size in the audit tool bag. The two physical sizes of diskette can be formatted to two different densities, high and low (sometimes called single and double density), which permit them to hold different quantities of data. Table 1 shows the possible permutations, but the important point is that whereas all disk drives can read and write to the low density capacity diskettes, the same is not true of the high density alternative.

Disk size~density relationship

Disk Size Density Capacity

5.25" Low 360 Kbyte 5.25" High 1.2 Mbyte 3.50" Low 720 Kbyte 3.50" High 1.4 Mbyte

Table I

Table 1 indicates that it is better for the auditor to carry formatted 5.25" 360 Kbyte and 3.5" 720 Kbyte diskettes, as this will enable the auditor to extract data from any machine that is likely to be encountered, on to the auditor's own diskette without having to worry too much about the host machine.

The audit DOS diskette

Ideally, the DOS diskette should contain all the DOS commands, together with suitable CONFIG.SYS, AUTOEXEC.BAT and other batch files (more about these later) tailored to the auditor's particular requirements. If all of DOS and the associated files will not fit on to a single diskette, as is likely with the later DOS versions when dealing with a 360K diskette, then it will be necessary to load a subset of the DOS

©1991 Elsevier Science Publishers Ltd 3


commands. Table 2 indicates those that are likely to be most useful to the auditor.

Creating the audit DOS diskette

The advantages to the auditors of having their own DOS diskettes is that they can:

• be sure the DOS commands will do as ex- pected;

• tailor certain aspects of the DOS environ- ment, which will then be removed from the local env i ronment once the machine is switched off;

automate certain basic functions that are likely to be performed for every audit (audit automation on the cheapt).

This can all be achieved by having tailored CONFIG.SYS, A U T O E X E C . B A T and other batch files on the audit DOS diskette.

The DOS manual describes how to create a diskette with DOS on it but the most common method is via the FORMAT command, using the parameters and switches shown below.

FORMAT A:/S

This not only formats the diskette in drive A: but it also transfers the DOS system files:

IBMIO.COM

IBMDOS.COM

COMMAND.COM

It is now only necessary to copy the DOS external commands that are needed by the auditor.

Internal and external commands

Internal DOS commands are held in a special DOS file named COMMAND.COM This means they cannot be separately listed by the use of the DOS Directory command; but it also means they are a lways avai lab le for use,

providing that COMMAND.COM is available. As DOS does not run without COMMAND.COM their availability is assured.

External commands can be viewed by the use of Directory command, but it does mean they have to be found by DOS before they can be executed. If they are not on the disk, then they cannot be run.

Minimum DOS commands required

Internal commands

All the DOS internal commands held in a file called COMMAND.COM. The commands included in this file contain a number that are of interest to the auditor.

CD DIR RD CLS MD REM COPY PATH RENAME DATE PAUSE TIM E DEL PROMPT TYPE

VER External Commands

These commands are held as separately identifiable files. The ones likely to be of use to the auditor are:

ATTRIB DISKCOMP PRINT BACKUP FIND RESTORE CHKDSK FORM SEARCH CONFIGUR MODE SORT DISKCOMP MORE TREE COPY XCOPY

Table 2

As a safety factor, it is desirable to set all the files on the diskette to READ ONLY. This is achieved by setting the ATTRIBUTE bit for each file to READ ONLY.

The command, assuming that your specially tailored audit DOS diskette is in drive A: is :

ATTRIB +R A:* *

This will offer you a certain, but limited amount of protection from accidental overwriting



or virus infestation, should you for any reason have to remove the physical write protection table from the disk.

The CONFIG.SYS file

The CON FIG.SYS file is read by DOS before the AUTOEXEC.BAT file. Its purpose is to configure the machine to the user's liking.

I like to be able to have plenty of files open at the same time, lots of buffer space for those files to operate in and a UK configured keyboard. My CONFIG.SYS file is shown in Figure 1.

FILES=40 BUFFERS=25 KEYBUK

Figure 1: Suggested CONFIG.SYS File

The AUTOEXEC.BAT and other batch files

The only difference between an ordinary batch file and its autoexec cousin is that the autoexec batch file is automatically invoked whenever DOS is loaded, whereas the others have to be invoked manually.

My audit DOS diskettes contain a number of batch files, other than AUTOEXEC.BAT, which I can invoke at any time to perform particular functions. By having the DOS commands that I use on a regular basis held in batch files I can be assured of a consistent and re-performable approach to my audit work. My AUTOEXEC. BAT file does nothing more than clear the screen, display a message, show the version of DOS that I am using and the time and date from the target machine. It also tailors the DOS prompt to my liking. It then drops me into the DOS prompt at the default drive (see later) ready for me to enter DOS commands.

This at least tells me that I am ready to go and whether the owner of the machine has bothered to set the mach ine 's clock. The contents of the file are shown in Figure 2

CLS

REM * * * * * AUTOEXEC.BAT * * * * *

VER

PROMPT SPSG

DATE

TIME

REM * * * * * END OF AUTOEXEC.BAT * *

Figure 2: Audit Autoexec.Bat file.

The REM command tells DOS that this is a remark line and is not to be executed.

The CLS command clears the screen.

The VER command orders DOS to display its version number.

The PROMPT command changes the standard DOS prompt so that the working directory of the default drive is displayed.

The DATE and TIME commands inform me whether the machine's internal data and clock have been set and are up-to-date.

The starting point

Most commercial machines these days tend to have a hard disk and usually we want to know what's on the disk so that we can either ignore it or do some audit work. This is where DOS is most useful to us. We can find out what is on the hard disk, manipulate that information for our own ends, copy it to our own media and then go away and analyse it at our leisure on our own secure machine. If the files you wish to examine are held on a diskette you will first have to find the diskette and take a copy of it. This may well present you with real problems: even after finding it, taking a copy is not always that easy.

The starting point then is to gain control of the target machine's operating system. This is usually achieved by having access to the DOS prompt , wh ich a l lows you to enter DOS



commands directly. If you are in the position of having to audit a machine without your own copy of DOS available, then you may face a number of problems which are discussed in detail below.

Gaining control

As stated, the DOS prompt allows you to enter DOS commands. If, when you first turn on the machine, it goes straight into an application, then it has an AUTOEXEC.BAT file somewhere in its innards. This can be frustrating as you may never get to the DOS prompt unless you take some fairly drastic action.

The easy way to gain control is always to make sure that you have your own write-protected copy of DOS on a diskette in your toolbag. You can then simply load it into the A: drive, switch on the machine and your version of DOS will load and take precedence over the version on the machine's hard disk.

Well, not always. Some Compaq and Tandon models and others with special security software, may refuse to load from a floppy and will also expect a password when loading from the hard disk. If auditors are unlucky enough to come across these machines they can really show what they are made of by either:

resetting the internal DIP switches to bypass the machine's in-built secudty function;

removing the hard disk from the target machine and setting it up as a 'slave' drive D: attached to the Audit machine;

• replacing some of the chips!

This is where the screwdrivers I mentioned earlier come in handy. I have done the first two in order to bypass protection, but have yet to try the latter; I should be interested to know if any reader has tried it.

If the sys tem is not p ro tec ted but automatically loads an application, then it is set up to execute an AUTOEXEC.BAT file. If a DOS

d iske t te is not handy, then repeated simultaneous pressing of the CONTROL & BREAK keys just after the machine is switched on should result in the message 'Terminate batch file Y/N' being displayed, to which you should respond 'Y'. This should drop you into the DOS prompt. If you can see the DOS prompt, then you are in charge of the machine.

The DOS prompt

The DOS prompt is usually recognizable as something like 'C:> but it can be altered by one of the DOS commands (PROMPT) to be almost anything. I once saw one that displayed 'C: ROSLOVESMAC', which was a rather unique way of a programmer showing her emotions to her senior analysfl

If you are tackling a machine without the aid of your own DOS version it is always useful to know the version of DOS that you are dealing with, as some versions have more useful facilities than others. You can now enter DOS commands - but first a small digression to discuss the syntax of the commands.

DOS command syntax

The format of most DOS commands is:

COMMAND Parameters Switches

Where command represents the DOS command to be executed. The parameters tell DOS what the command will take action on. The switch settings provide additional instructions for the command.

For example, the TREE command without any parameters or switches simply lists the names of the various directories on the default drive. If, however, we add a parameter and a switch to the command (TREE B:/F) we should be presented with the directory structure of the disk in drive B: and the names of the file within each directory.

By the way, DOS is case insensitive. This means that you can mix lower and upper case letters at will and the command will still execute.

6 O1991 Elsevier Science Publishers Ltd


DOS function keys

The machine's function keys provide certain useful facilities from the DOS prompt.

F1 repea t s the p r e v i o u s c o m m a n d one character at a time;

F2 ( fo l lowed by a character) repeats the previous command up to the character specified;

F3 repeats the entire previous command;

F4 (followed by a character) skips the previous command up to the character concerned.

The default drive

The drive letter displayed at the DOS prompt is the 'default' drive. This means if you enter a DOS command without an implicit drive name, any action initiated by that command will take place on the default drive. Thus, if 'C:> is displayed and we enter the DOS command to display the contents of a directory (DIR), then we would receive a display of the current directory on drive C:>. If, however, we entered 'DIR B:', we should be presented with the contents of the root directory from the disk in drive B:.

To change the default drive, simply type the new drive name at the DOS Prompt followed by RETURN (Drive names are always followed by a colon). Thus, if we are currently logged to drive C: (C:>), then entering 'A:' will move us to the A: drive. (Make sure you have a diskette loaded in the A: drive before trying this; otherwise you will get a DOS error message and you may find it difficult to get out of the situation.)

Disk statistics

Having gained control of the machine I first run a DOS command called CHKDSK. This tells me the size of the hard disk and the size of the computer's RAM memory. The output is shown as Figure 3.

32598016 bytes total disk space

47104 bytes in 4 hidden files

165888 bytes in 53 directories

26857472 bytes in 1987 user files

5527552 bytes available on the disk

601280 bytes total memory

171856 bytes free

Figure 3: Typical Output from CHKDSK

This tells me that I am dealing with a 32 megabyte disk and that it contains four hidden files. I expect that some of the hidden files are the DOS system files, but I make a note to check on this later. There are 53 directories on the disk and they contain a total of 1,897 tiles. Phew! What a jobt

Disk structure

To find out how the directories on the disk are arranged, use the CHANGE DIRECTORY command to move into the 'Root' directory (type 'CDV and press RETURN). The Root directory is always designated as 'V.

Most disks will have been arranged into a number of 'directories' to facilitate control. See Figure 4for an illustration. By moving to the Root directory we ensure we are at the beginning (root) of the entire directory structure.

Now the TREE command will allow you to see the structure of the entire disk. If you intend to send the TREE structure to the screen, then I suggest that you pipe it to the filter command MORE, so that it displays one screen at a time.

TREEIMORE

Alternately you may wish to redirect it to a file, or the printer. If you decide to redirect (see later) to a file, then you will need to decide on which drive the file will be created before you invoke the redirection.

The likelihood is that you will only have a



Root D i r e c t o r y \

, . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ,

DOS I S E R 1 [;SER2 USER3 USER4

SC5 WS2 I S u b D i r e c t o r i e s o f U S E R I I

Figure 4: Typical directory structure.

single floppy drive which is currently occupied by your DOS diskette. You have three choices:

remove the physical write protection from your DOS diskette and redirect the output to it;

replace the DOS diskette with one of your empty pre-formatted diskettes and direct the output to it;

create a special temporary audit directory (~,UDIT) on the hard disk and direct the output to it.

The first choice is fraught with danger as you may pick up a virus that will infect your operating system. The second is safer and is the recommended option. The third is quicker but you run the risk, however unlikely, of corrupting your clients' data.

Hav ing es tab l i shed the d i rec to ry arrangements, we can move between directories by using the CHANGE DIRECTORY command.

Change directory

This command enables you to navigate around the tree structure by moving from directory to directory. The command is CHDIR. This is usually abbreviated to CD followed by the name of the directory to which you want to move to.

Thus, CD\USER1 would move you to a directory named 'User1'. If this directory had a

sub-directory named 'JOHN', we could move to it e i ther by g iv ing it the full name CD\USERI\JOHN, or, as we are already in directory USER, we could simply type CD JOHN. Note that we have excluded the 'V, as the 'V tells DOS to start searching from the root and we require it to start from the directory we are currently in, \USER1. If we typed CD~JOHN we should probably get the DOS error message 'No such file or directory' as we are telling it to search for a main directory called\JOHN and not a sub-directory of \USER1. You can move back from the child to the parent directory by using 'CD..'.

Paths

To navigate the disk structure, you follow paths from one directory or sub-directory to another. For DOS to invoke one of its EXTERNAL commands it has to know in which directory to find it. You could tell it explicitly each time by providing the full hierarchic name (i.e.\DOS\VER), or you could tell DOS to search a number of directories until it finds the command.

This automatic searching is achieved by the use of the PATH statement, which often forms part of the AUTOEXEC.BAT file. Thus the statement:-

PATH C:\;C:\DOS;C:\SC5;C:\

MENU;C:\FASTBACK

would ensure that DOS automatically searched the Root, DOS, SC5, Menu and Fastback directories on the C: drive, in that order, whenever it was asked to action a command.

Redirection

DOS usually expects to receive data from the keyboard and to display information on the screen. The keyboard is known as the standard input device and the screen as the standard output device. It is possible, however, to redirect this flow of input and output.



Redirecting input

It is often useful to have the input for a command come from a file rather than the keyboard. This is achieved by the use of the less-than sign (<) in the command. For example, if you wanted to sort the contents of a file on the A: drive named MYFILE, then you would use the command SORT A<:MYFILE.

Redirecting output

If you want output to go to a file rather than to the screen (very useful as an audit trail), it is necessary to put a greater-than sign (>) in the command followed by the name of the file to which you want the output directed. For example, the command 'DIR>B:DIRLIST' will output the contents of the current directory into a file on drive B: named DIRLIST. If that file does not exist, then DOS creates it. If it does exist, then DOS overwrites its contents.

To append to an existing file, simply use two greater-than signs. Thus, 'DIR>> B:DIRLIST' would append to an existing file of that name (an even better way of building up a full record of what you found). If you try to append to a file that does not exist, then DOS creates it for you anyway.

Combined redirection

You can combine both actions to achieve s imul taneous redirect ion of both input and output. For example, if we wanted to send the sorted output from MYFILE to a file on the B: drive named SORTED, then we could use the following command:

SORT < A:MYFILE > B:SORTED

Filters

A f i l ter t r a n s f o r m s the ou tpu t before presenting it to the output device.

The three most useful are:

FIND Searches for text in a file;

MORE Displays the contents of a file one screenful at a time;

SORT Sorts the contents of a file alphabetically.

You can redirect the output from a filter into a file by the use of the redirection symbols, or you can pipe the output from one filter into another (see below).

Pipes

If you want to use the output from one command as the input to another, you can transfer the data by using the DOS 'pipe' symbol. The pipe symbol is the vertical bar (I)-

For example, if you wanted to direct the output from the TYPE command through the MORE filter so that the information from the file was displayed one screenful at a time, you would use:

TYPE MYFILEI MORE

You can combine more t h a n one pipe command to give you better control over some facilities. For example, if you wanted to display the sorted contents of the file one screenful at a time you could pipe the sorted output into the MORE command. Thus:

TYPE MYFILEI SORTI MORE

Combining filters, pipes and redirection

You can combine any of the above to provide filtered, piped and redirected output. We shall examine the audit use of these commands in more detail later, but as an example the following command will sort the output of the Directory command and redirect it to a file on drive A: called FILELIST.

DIRI SORT > A:FILELIST

O1991 Elsevier Science Publishers Ltd 9


Printing

If the machine you are dealing with is equipped with a printer and if you want to print onsite rather than back at the audit ranch, then you need to establish a number of things before you start. First you need to ascertain what type of port the printer is connected to and its number.

DOS machines usually have at least one parallel and at least one serial port. A printer can be connected to either; although it would usually be connected to the parallel port it is not uncommon to find them connected to a serial port.

Often asking the user, or studying the connectors at the rear of the machine, will be sufficient to establish which port the printer is connected to. Otherwise it may be necessary to go through a trial and error process to establish the configuration.

Parallel ports

If it is connected to a parallel port then it is necessary to find out whether it is LPT1 or LPT2. An easy way of establishing this is to try to output the contents of the PRINTEST file to the printer by using the TYPE command.

The command 'TYPE TETPRIN.BAT>PRN' wi l l r e d i r e c t the c o n t e n t s of the f i le TESTPRIN.BAT to the printer, if the printer is assigned to a parallel port; otherwise DOS will display an error message. If it fails, I then assume I am dealing with a serial printer.

Serial ports

If the printer is connected to a serial port (COM1 and COM2), you first need to tell the computer the communication characteristics associated with that port, followed by the TYPE command that was used for the parallel port. This is achieved by the use of the DOS MODE statement.

I have a batch file already set up to configure the communication port. This file is called SETCOMI.BAT. Its contents are shown in Figure 5.

REM * * * SETCOMI.BAT * * * * * * *

REM

MODE COMI:2400,E,8,I,P

MODE LPTI=COMI

REM

REM * * END OF SETCOMI.BAT * * * * *

Figure 5

The f i rs t MODE s ta tement tel ls the communications port to transmit its data at 2400 bits per second, using even parity, with eight bits per character, one of which is a stop bit. The final 'P' tells the machine that printer output will be passing through the port. The settings used are fairly standard for any printer.

The second MODE statement tells the machine to redirect any printer output aimed at LPT1 to COMI. If this produces nothing I try a similar exercise for COM2.

The file PRINTEST.BAT, which is sent to the printer by the TYPE COMMAND, contains a number of lines that will be printed once I have identified the correct port and that also help me to establish where the usable left hand margin of the paper is. The contents of this file are shown as Figure 6.

Printing the screen

Somewhere on the keyboard you will find a key marked as 'Prt Sc', or something similar. If the machine is:

a) connected to switched-on printer;

b) configured correctly;

10 O1991 Elsevier Science Publishers Ltd


REM * * * * * * * * * * * * * * *TESTPRIN.BAT * * * * * * * * * * * * * * *

REM

REM The lines following the final REM statement start in REM column 1 increment by 1 column each time to ~ M establish the usable left hand margin of the printer. REM The word 'column' starts in the relevant column. REM The first complete visible rendition of that word shows REM the first usable column on the left-hand side. REM * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Column 1

Column 2

Column 3

Column 4

Column 5

Column 6

Column 7

Column 8

Co lumn 9

Column i0

REMEND OF TESTPRIN.BAT * * * * * * END OF TESTPRIN.BAT * * * * * * * * * * * *

Figure 6

then the pressing of this key, sometimes in conjunction with the shift key, should result in the current contents of the screen being dumped to the printer. This is quite useful as a quick record of what you have found.

Conclusion

This article should have put you in the position of being ready to start the actual audit i tself. You have created your own audi t diskette(s), established control over the machine and used a few simple batch files to execute some DOS commands to ascertain the printer connections.

A future article will go into detail on the use of the DOS commands themselves to help ascertain what is on the machine that is of interest to you.

Dr John Mitchell, MBA, MIIA, CISA, MBCS, MBIM, is chairman of Little Heath Services, which he founded as a specialist consultancy in internal audit matters, with particular emphasis on the security, control and audit of IT and the management aspects of internal audit. He is a visiting lecturer at City University, Birmingham Polytechnic and the Middlesex Business School.

A CASE STUDY IN SELECTING AUDIT MANAGEMENT SOFTWARE

Chris Nelms

This is the first of two articles on a project by the Internal Audit department of Charterhouse Bank to identify PC software to automate some of the more routine, administrative aspects of internal audit work, and to describe the solution adop ted . Th is f i rs t a r t i c le ou t l i nes the requi rements and the assessment of the alternatives identified. The second article will describe the end results of the process.

Requirements

The In te rna l Aud i t d e p a r t m e n t of Charterhouse Bank is relatively small, consisting of nine permanent professional staff and around five temporary staff. Despite its size, we identified a number of necessary routine manual tasks that were taking an inordinate amount of

@1991 Elsevier Science Publishers Ltd 11

dos as an audit tool

Documents