Please enable JavaScript.
Coggle requires JavaScript to display documents.
Impact of IT on Audit Process - Coggle Diagram
Impact of IT on Audit
Process
Computer Information System Environment
computer of any type or size is involved in the processing by the entity of financial information of significance to the audit
May effect :
procedures followed by the auditor in
obtaining a sufficient understanding
The auditor’s evaluation of inherent risk and
control risk
The auditor’s design and performance of tests of
the control and substantive procedures
Characteristics
Lack of transaction trails
Uniform processing
Lack of segregation of duties
Potential for errors and irregularities
Initiation or execution of transactions
Dependence of other controls
Potential for increased management supervision
Potential for the use of Computer - Assisted
Audit Techniques
Effect
Potential benefits
Consistent application of complex calculations
accuracy information
Ability monitor performance of the company
Reduction in the risks that control will be
circumvented
Enhancement of the ability to achieve effective
segregation if duties
Potential Risk
Reliance on systems or programmes that inaccurately process data
Unauthorised assess to data
Unauthorised changes to data
Unauthorised changes to systems
Inappropriate manual intervention
Failure to make necessary changes to systems
Types of control
General Control
policies and procedures relates to all or many applications and support effective functioning of application controls
maintain the integrity of information and
the security of data
Example : Data Centre and Network Operations, System software acquisition, change and maintenance controls , Access Security Control
Application Control
specific to certain application
Categories
Data capture controls
ensure that all transaction are recorded in application system
Data validation controls
ensure accuracy assertion and is done at various stages depending on the entity’s IT capabilities
Processing controls
ensure proper processing of
transactions
Output controls
include cheques, documents &
other printed documents.
Error Control
ensure that most transaction errors be
identified by data capture and data validation controls
Auditing in CIS environment
Audit procedures
Auditing around the computer
perform procedures to obtain understanding accounting and internal control
Emphasis on ensuring the completeness, accuracy and validity of information by comparing the output reports with the input documents
To ensure the effectiveness of input controls and output controls
To ensure the adequacy of segregation of duties
Auditing through the computer
Auditor performing test of control and
substantive test
Auditor may used use CAAT (audit
Software) in this procedures
Use of Computer as an Audit Tool
Spreadsheets
Trial balance and lead schedule
Time and cost budgeting
Analytical procedures
Word processor
Audit documentation
Audit programme preparation
Documentation of internal control
Communication and Reports
Statistical Packages
Select sample for testing
Analyse result, by means of explanation to population as a whole
CAAT
ISA 401 “Auditing in a CIS Environment” discusses some of the uses of CAATs in the following condition :
The absence of input document or lack of visible
audit trail
The effectiveness of efficiency of auditing procedures may be improved through the use of CAAT
Types
Generalised Audit Software
Custom Audit Software
Test Data
Parallel Simulation
Integrated Test Facility
Concurrent auditing technique
Potential benefit
Time may be saved
Ability to scrutinize large volume
Eliminate manual casting, cross casting
Lesser manual procedures
The auditor does not necessarily have to be present at client office