Professional Documents
Culture Documents
Bhattacharya, Ph.D.
Nature of Audits
Audits are examinations performed
to assess and evaluate an activity or
object, such as whether the internal
controls implemented into the AIS
are working as prescribed by
management
Types of Audits
Operational Audits
Compliance Audits
Project Management and Change
Control Audits
Internal Control Audits
Financial Audits
Fraud Audits
Figure 10-1
Types of Auditors
Internal Auditors
External Auditors
Government Auditors
Fraud Auditors
Basic Auditing
Considerations
Ethics and Auditing Standards
Need for Ethics
Content of Standards
Effect of Automation on Standards
Testing of Controls
Perform Tests of Controls
Evaluate the Findings of the Tests of Controls
Final Assessment of Control Risk for each
transaction cycle
Determine level of Planned Detection Risk
The Planned Detection Risk is the risk that a
material misstatement in the financial
statements or in individual account balances will
fail to be uncovered by substantive testing
procedures
Determine the nature, timing, and extent of
substantive testing procedures
Substantive Testing
Choose and Perform Substantive
Tests
Perform Final Analytical Procedures
Test Account Balances
Test Details of Transaction Classes
Document the
Conclusions
Writing the Audit Report
Master File
Regular Processing
Run
Normal
Processing
Documents, Listings,
Registers, Reports
Regular
Transactions
Auditor
Comparison
Audit Test
Selected
Transactions
Predetermined
Results
Figure 10-4a
Methods include:
Test Data
Integrated Test Facility
Embedded Audit Module Techniques
Program Code Checking
Parallel Processing
Parallel Simulation
Controlled Processing
All auditing-through-the-computer
techniques provide evidence concerning
the level of control risk.
Regular
Processing Run
Regular
Transactions
Documents,
Listings, Registers,
Reports
Normal Processing
Exception
Report
Master File
Regular
Processing Run
Summary Results
from Tests
Audit
Comparison
Audit Test
Transactions
Predetermined
Results
Audit Test
Figure 10-4 b
Attribute Sampling
Histogram Generation
Record Aging
File Comparison
Duplicate Checking
File Printing
Applications of a GAS
Package
Master File
Master File
Transaction
File
Control and
Specification
File
Requests for
confirmation listings,
Sample data items,
Reports, Analyses,
Control Totals
Exception
Report
GAS Package
Figure 10-5
Advantages of GAS
Packages
Allow auditors to access computer-readable records for
a wide variety of applications and organizations
Enable auditors to examine much more data than could
be examined through manual means
Rapidly and accurately perform a variety of routine
audit functions, including the statistical selection of
samples
Reduce dependence on non-auditing personnel for
performing routine functions like summarizing data,
thereby enabling auditors to maintain better control
over the audit
Require only minimal computer knowledge on the part
of the auditor
Disadvantages of GAS
Packages
They do not directly examine the
applications program and
programmed checks.
They cannot replace auditthrough-the-computer
techniques
Situations Triggering DP
Operational Audits
An apparently excessive cost for computer services
A major shift in corporate plans
A proposal for a major hardware or software
upgrade or acquisition
An inability to attract and retain computer DP
executives
A new DP executives need for an intensive
assessment
An inordinate amount of personnel turnover within
the DP department
A proposal to consolidate or distribute DP resources
A major system that appears unresponsive to needs
or is difficult to enhance or maintain
An excessive or increasing number of user
complaints
Copyright 2000 John Wiley & Sons, Inc. All rights reserved.
Reproduction or translation of this work beyond that permitted in
Section 117 of the 1976 United States Copyright Act without the express
written permission of the copyright owner is unlawful. Request for
further information should be addressed to the Permissions Department,
John Wiley & Sons, Inc. The purchaser may make back-up copies for
his/her own use only and not for distribution or resale. The publisher
assumes no responsibility for errors, omissions, or damages, caused by
the use of these programs or from the use of the information contained
herein.