Please enable JavaScript.
Coggle requires JavaScript to display documents.
THE IMPACT OF INFORMATION TECHNOLOGY ON AUDIT PROCESS 1390012 - Coggle…
THE IMPACT OF INFORMATION TECHNOLOGY ON AUDIT PROCESS
UNDERSTANDING THE ENVIRONMENT CONT.
The effect of CIS in General
Potential benefits
Consistent application of complex calculations in processing large volumes of transaction data. Example; monthly automate calculated of depreciation amount.
Enhancement of the timeliness, availability and accuracy information
Facilitation of additional analysis information such charts, Ageing and so forth.
POTENTIAL RISK
Reliance on systems or programmes that inaccurately process data
Unauthorised assess to data that may result in destruction of data
Unauthorised changes to data in master file
Unauthorised changes to systems or programmes
Characteristics of
Computerized Accounting System
Changes in organizational structure and procedures employed
Possible lack of primary records/source document
Changes in communication of financial information
Processes or record not visible until print out
Changes in storage of financial data
Concentration of system in data processing department
Changes in processing of financial data
Information input processed and stored may be encoded
Loss of audit trail
INTERNAL CONTROL COMPONENT AFFECTED BY CIS
5. Information Processing
Authorisation of transactions
However, in CIS environment, many authorisation for transaction may be part of the application programme.
In Manual system, authorisation will be done by initials by authorised person on related document and auditor can see physically.
E.g. before transfer the monies to suppliers account electronically, authorisation by authorised signatories will be done electronically in CIS. Auditor unable to observe the signatures.
The keeping of adequate documents and records
In Manual, hard copy of document may be physically available and auditor able to observe.
However, in CIS environment, hard copy or audit trail may be not available.
3. Segregation of duties
In CIS environment, one person may perform the whole process of a transaction from initiation, authorisation and recording the transaction, especially to the small and medium size business enterprise.
This is because, for them, it is costly to implement segregation of duties in this situation. Thus it is important to have adequate control in CIS to compensate this situation.
2. Human resource Policies and Practices
In any internal control, competent and trustworthy employees are important matter. but
in CIS environment, an entity needs to have competent staff in related field whether to operate the computer and program as well as who has a skill to monitor the integrity of the data.
Effective training is essential to ensure the staff possess a required knowledge. Another department need to be established, for instance, IT department.
4. Physical control
Physical control over asset and records is important in any type of system.
In Manual system, physical records may be placed in a room and control by one or two staff responsible to keep track the movement of the records.
However in CIS environment, records are stored electronically and can be accessible through the computer terminals. e.g. if control over access into the system are not adequate, an employee may able to enter a fictitious purchase of goods and fraud may occur.
Entity should also have proper backup control for computer programmes and data file.
1.Assignment of authority and responsibility
Users from various department may easily assess to a particular database. For example, staff information updated by HR department may be assess by the respective staff to oversee their status etc. Authorisation to assess the database is important.
An important element in internal control. Clear lines of authority and responsibility are important so that the entity’s objective are met.
For example, in manual system, each departments are responsible for their own data. However, in CIS environment (DMS), the responsible of entity’s data are centralized to the administrator.
