Chapter 8 Auditing Computerized Information Systems Computer Audit

  • Slides: 12
Download presentation
Chapter 8 Auditing Computerized Information Systems

Chapter 8 Auditing Computerized Information Systems

Computer Audit Tools to Test Computer Processing Elements of a “systems” audit approach. •

Computer Audit Tools to Test Computer Processing Elements of a “systems” audit approach. • Only authorized computer applications are developed. • Programs are thoroughly tested. • Authorization needed for changes to programs. • Access restricted. • Controls over users and input. • Monitoring controls in place.

Computer Audit Tools to Test Computer Processing (cont. ) • Data transmission controls in

Computer Audit Tools to Test Computer Processing (cont. ) • Data transmission controls in place. • Data integrity is periodically tested. • A comprehensive security and backup plan is in place.

Comprehensive Approach Auditors must always: • Independently test the correctness of processing • Independently

Comprehensive Approach Auditors must always: • Independently test the correctness of processing • Independently test the reliability of data

Approaches to Address Correctness of Processing Test data and integrated test facility Concurrent processing

Approaches to Address Correctness of Processing Test data and integrated test facility Concurrent processing Embedded audit modules

Test Data: Auditing through the computer Test data approach • Are control procedures functioning?

Test Data: Auditing through the computer Test data approach • Are control procedures functioning? • Is the computer application processing transactions correctly? • Are all transaction and master files fully and correctly updated? • Limitations! • Integrated test facility (ITF)

Concurrent Processing Methodologies • Tagging and tracing approach (a. k. a. snapshot approach) •

Concurrent Processing Methodologies • Tagging and tracing approach (a. k. a. snapshot approach) • The systems control audit review file (SCARF) approach • Embedded audit modules • Advantages

Using the Computer to Help Test Accounting Records Generalized Audit Software (GAS) • Footing

Using the Computer to Help Test Accounting Records Generalized Audit Software (GAS) • Footing • Selecting a sample • Extracting, sorting, summarizing data • Statistics • Analytical review • Screening • Checking • Calculations • Reports

Using the Computer to Help Test Accounting Records Custom Designed Audit Software • Alternative

Using the Computer to Help Test Accounting Records Custom Designed Audit Software • Alternative to GAS • Custom designed for specific client and specific application

Unique Audit Approaches for Electronic Commerce • Risk Analysis • The Process and Control

Unique Audit Approaches for Electronic Commerce • Risk Analysis • The Process and Control Audit • Detailed testing of account balances • Tagging and Tracing • Embedded Audit Module • Audit Software

Use of Personal Computing in Conducting an Audit Traditional Uses • Word Processing •

Use of Personal Computing in Conducting an Audit Traditional Uses • Word Processing • Spreadsheets Expanded uses • Electronic working papers • Groupware • Intelligent agents • Expert systems

Unique Problems: Auditing a Client’s Spreadsheet • Parallel simulation • Test data • Manual

Unique Problems: Auditing a Client’s Spreadsheet • Parallel simulation • Test data • Manual audit