Please enable JavaScript.
Coggle requires JavaScript to display documents.
Audit in Automated Environment - Coggle Diagram
Audit in
Automated Environment
Category of Business
Application
Packaged
Quick books
Small ERPs
ERP
layers of
Automated
Enviorment
Application
Database
Operating system
Hardware &
Storage
Network Device
Network
LAN/WAn
Real Time
Evironment
txns are recorded and processed
immediaely as they happen
Components
Application
Middleware
Networks
Hardware
Understanding &
Documenting
Automated Envoirment
as per SA 315
Application used
by Co.
Details of IT
Infrastructure (Hw, S/W etc)
Org Structure
& governance
Policies and
Procedures
IT Risk & Controls
Documenting the
Understanding
Consideration of
Automated Enviorment
Risk Assesment
Understanding of Business
Process and Performing
process walkthrough
Using IT system
IT governance of
ELCs
Pervasive Controls
Including SOD,
General IT controls
Testing
Testing of Reports
Testing phase
The GIC would impact
NTE of testing
Completion Stage
Evaluating deficiencies
through
Data analytics and CAATs
SA 520
3 broad phases
To be read once
ERM
Basic Intro
Dynamic Enviorment
Volatility, Unpredictability and Pace
is greater than in the past
Reasons
Globalizations
Use of Tech
New regulatory requirements
Due to this business
have to continuosly manage risks
Examples
MRT FOC BPE
RAP
Consideration of
Process
Define Business
Objective and goals
Identify events
that affect
achievement of
business objectives
Assess Likelihood
& Impact
Respond &
Mitogate risk
Assess residual
Risk
Types of Controls
GIC
Application
ELCs
Characteristics
Known as pervasive controls
Company's overall internal
control framework
Types
Direct ELCs
Operate at level higher
than business activity
to PDC misstatements
at a timely manner
Indirect ELCs
Contribute to effective
operation of direct ELCs
Whistle blower policy
obtain understanding
Does co. have it?
Is it documented
& Approved
is it communicated to employees
Are EE aware of policy &
Understand its purpose
Has co, take measure to train EE
Does Co. monitor
effectiveness
How co. deals with
deviations & non-complicas
CAAT