Professional Documents
Culture Documents
Computer Auditing
COMPUTER CONTROLS
General controls General Controls cover the computer environment as a whole. There is no point having complicated computer software controls if nobody has thought about the more basic issues such as:
= Making regular back-ups of data and storing them off-site = Having an IT Helpdesk and training = Keeping all computers in locked rooms = Having a disaster recovery plan = All computers having log-in codes = Programmers are not users (segregation of duties) = Anti-virus software = Firewall.
2
Application controls Application Controls are the controls over the data in the system. Controls need to cover Input, Processing and Output, as well as the standing data on the system:
= Batch Control Totals = Sequence Tests = Range / Field Limits = Check Digits = Exception Reports = Checks of amendments to Standing Data = Passwords!
2
Audit software As its name suggests, audit software is a general term for computer programs that are designed to assist the audit process, for example:
= Reorganising data into a more useful format for the auditor (e.g. customer balances by age) = Can handle large quantities of data very quickly = Detailed analytical procedures (e.g. receivables days by customer, inventory turnover by product) = Checking the arithmetic that things that should add up, do add up. With very large computer files, this is very helpful! = Re-performance of calculations = Checking accuracy of client computer files (e.g. that they add up, and that aged analysis is correct) = Selecting samples of particular items (e.g. all items entered under a particular password, all items entered on a Tuesday etc.) = Sequence completeness checks = True random samples.
3
Problems with audit software
= May not be compatible with client system = May corrupt client data = Cost and time of use, and staff training = Will client allow full access to their computer systems?