Documentos de Académico
Documentos de Profesional
Documentos de Cultura
What is
audit in a
computer
environme
nt?
Issues
The audit objective remain “to enable the
auditor to express an opinion whether the
financial statements are prepared, in all
material respects, in accordance with an
applicable financial reporting framework.
However, the methods of applying audit
procedures in gathering audit evidence may
be influenced by the way accounting data is
processed.
APT Financial Consultants Sako Mayrick 2
Auditing in Computer Environment
Computer Environment
Audit Trail
In manual processing, clerical errors in
computer environment programming errors or
systematic errors in hardware or software
Central Processing of transactions (keep
incompatible duties separate.)
Alteration of data or files without being
detected (possibility of fraud)
Approaches
Auditing around the computer
General controls
Application controls
3. Output Controls
Ensures that data generated by
computer are valid, accurate, and
complete.
Output distributed in appropriate
quantities only to authorized people.
The most important output controls is
review of the data for reasonableness by
someone who knows what the output
should look like.
Advantages
Are independent of the system being audited and will use
a read-only copy of file to avoid corruption of an
organization's data
Simplifies audit routines such as sampling
Provides documentation of each test performed in the
software that can be used as documentation in auditor’s
work papers
Uses
Creation of electronic work papers
Fraud detection
Analytical tests
Continuous monitoring
Audit software
Test data
Other techniques
APT Financial Consultants Sako Mayrick 31
CATEGORIES OF CAAT
1. Audit software:
generalized audit software
specialized audit software or
Interrogation software
utility programs and
existing entity programs.
Regardless of the source of the
programs, the auditor should
substantiate their validity for audit
purposes prior to use.
APT Financial Consultants Sako Mayrick 32
CATEGORIES OF CAAT
Other techniques
embedded audit facilities
Integrated test facility
System Review and control file
( SCARF)
Application program examination
Internal control evaluation via; Flowchart
verification (Logical Path analysis ) ,Program
code verification (Code Comparison
Programs), Printout examination.
Limits of CAATs
Evaluation of general controls
Use ICQ or the ICE approach.
Planning an audit in a
Computer environment
Possibilities of attending during
system development stage
Consideration of use of CAATs
Expertise
Use of CAATS
The pattern cost associated with CAATs,
The extent of tests of controls or substantive
procedures achieved by both alternatives,
Ability to incorporate within the use of CAAT a
number of different audit tests.
Time of reporting
In using CAAT,
computer facilities, computer files
and programs should be available;
the auditors should plan the use of
CAAT in good time so that these copies
are retained for their use.
Internal auditor CAATs , consider ISA
Audit trail.
As the complexity of computer systems has
increased there has been a corresponding loss
of audit trail. Most systems have searching
facilities that are much quicker to use than
searching through print outs by hand.
This offsets the so- called loss of “audit
trail” to a significant extent. The trail is still
there, although it may have to be followed
through in electronic form.
File storage
Charitable institutions?
APT Financial Consultants Sako Mayrick 66
2 MINUTES BREAK
REQUIRED: (NBAA –CPA - Nov. 2009)
a) (i) List the audit procedures to be followed by your assistant in
verifying the bank reconciliation in sufficient details for an
inexperienced staff member to follow.(6marks)
(ii) Explain the purpose of each procedure in terms of audit
objectives. (5 marks)
(b) Discuss the reliability of bank statements as audit evidence.
What steps can be taken if it is considered desirable to increase
their reliability? (3 marks)
(c) (i) Distinguish between ‘auditing around the computer’
and auditing through the computer’.(3 marks)
(ii) Explain the circumstances when it would be inappropriate for
the auditor to rely on auditing around the computer. (3 marks)
(Total = 20 marks)
APT Financial Consultants Sako Mayrick 67
SMALL COMPUTER SYSTEM
Inputfraud :
Processing fraud;
Firewalls
Back-up of disks:
AUDIT PROCEDURES
Substantive tests
Limited objective