Please enable JavaScript.
Coggle requires JavaScript to display documents.
The Impact of IT on Audit Process - Coggle Diagram
The Impact of IT on Audit Process
Computer Information System
CIS environment exists when a computer of any type or size is involved in the processing by the entity of financial
information of significance to the audit, whether that computer is operated by the entity or by a third party.
Characteristics of CIS Environment
Lack of transactions trails
Uniform processing
Lack of segregation of duites
Potential for errors and irregularities
Dependence of other controls
CIS environment may affect:
The procedures followed by the auditor in obtaining a sufficient understanding of the accounting and internal control system.
The auditor’s evaluation of inherent risk and
control risk
The auditor’s design and performance of tests of the control and substantive procedures appropriate to meet the audit objective.
Common Data Validation Control:
Limit Test
Range Test
Sequence Check
Existence (validity) Test:
Field test:
Sign Test
Check-digit verification
The use of computer as an Audit Tool:
Spreadsheet
Word processor
Statistical Packages
Computer-Assisted Audit Techniques (CAAT)
Types of CAAT :
Generalized Audit Software (GAS)
Custom Audit Software (CAS)
Test Data
Parallel Simulation
Integrated Test Facility
Concurrent auditing technique
Benefits of CAAT
Save time
Ability to scrutinize large volume
Eliminate manual casting, cross casting
Lesser manual procedures
Potential Benefits of CIS
Enhancement of the timeliness, availability and
accuracy information
Enhancement of the ability to monitor the
performance of the company
Reduction in the risks that control will be
circumvented
Potential Risk of CIS
Reliance on systems or programmes that
inaccurately process data
Unauthorised assess to data that may result in
destruction of data
Unauthorised changes to data in master file
Unauthorised changes to systems or programmes
Types of Control in CIS:
General Control
relate to overall control information processing environment and are sometimes referred as supervisory, management or information technology controls
Data Centre and Network Operations
System software acquisition, change and
maintenance controls
Access Security Control (card access to the
computer room)
Application system acquisition, development
and maintenance controls
Application Control
Manual or automated procedures that operate at business process level and therefore apply to the processing of individual applications.
The application control is designed to ensure integrity of the accounting records.
Data Capture Control
Data validation control
Processing Control
Output Controls
Error control
Internal Control Components Affected by CIS
Control Environment Factors
Assignment of authority and responsibility
Human Resources Policies &
Practices
Control Procedures
Information Processing
Segregation of Duties
Physical Controls