Your SlideShare is downloading. ×
0
Audit dan EvaluasiTeknologi Informasi       Sesi 6      MTI-CIO        2012
CAATTComputer-Assisted Audit Tools and Techniques• Increased productivity, complete routine tasks faster (24–  75%)• Reduc...
Tool Categories• General Automation and data processing   – Audit productivity tools that help auditors to reduce the     ...
Audit Process Activities• Planning and tracking the annual audit schedule using  spreadsheets, database, and project manag...
Audit Planning and Tracking• Risk assessment, audit schedule preparation and tracking, and budget  preparations are necess...
Documentation and Presentations• A use of packages such as Office Suite provides “ cut and paste” and  linking functionality...
Groupware• Groupware is a specialized tool or assembly of compatible  tools that enables business teams to work faster, sh...
Auditor Skills• Requirement to use computer-assisted auditing techniques lies in  understanding and applying the appropria...
Flowcharting Techniques
Flowcharting as an Analysis Tool•   A method for identifying and evaluating control strengths and weaknesses within a    s...
Defining Critical Data• An auditor must build a clear understanding of the data being  recorded within the system under stu...
•   Determining the Effectiveness of Processing under Computer Programs•   A e audit staff should identify any problem area...
Sampling
System Validation• System validation is a method for testing the reliability of  programs through simulation with either t...
Generalized Audit Software• Use of generalized audit software makes it possible to  perform required functions directly on...
Query and Analysis Tools
Application Testing• Once controls have been identified, the next step in an audit  is to verify the control’s effectiveness...
Other (Online) CAATs•   Webmetrics:      – Web Static Analyzer Tool (Web SAT), Web Category Analysis Tool (WebCAT), Web Vi...
Example Tools (Non-Commercial)Infrastructure (network) related auditing tools• Open-AudIT• OCS Inventory NG
Network CAAT Example
Network CAAT Example
CAAT Example• OCS Inventory NG Global Diagram   (http://www.ocsinventory-ng.org)
CAAT Integration Example• Global diagram detailed how OCS can be integrated in a complex  network architecture.
TugasDari berkas “Understanding Fraud and Corruption”• Pertanyaan-pertanyaan yang harus dijawab:  – Jelaskan perbedaan Fra...
Audit dan evaluasi ti   6
Upcoming SlideShare
Loading in...5
×

Audit dan evaluasi ti 6

672

Published on

Materi Kuliah Audit & Evaliasi TI-6,
Dani

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
672
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
27
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Audit dan evaluasi ti 6"

  1. 1. Audit dan EvaluasiTeknologi Informasi Sesi 6 MTI-CIO 2012
  2. 2. CAATTComputer-Assisted Audit Tools and Techniques• Increased productivity, complete routine tasks faster (24– 75%)• Reduced cost due• Improve consistency and focus more on significant issues• Impractical or impossible tasks (manually) can be completed• Competitive advantage gained and client perception of the auditor, the firm, and quality of the services provided improved• Ability to cope with difficult tasks without corresponding staff increases
  3. 3. Tool Categories• General Automation and data processing – Audit productivity tools that help auditors to reduce the amount of time spent on administrative tasks by automating the audit function and integrating information gathered as part of the audit process• Specific Auditing tools – Computer-assisted audit tools (CAATs) that help auditors evaluate application controls, and select and analyze computerized data for substantive audit tests
  4. 4. Audit Process Activities• Planning and tracking the annual audit schedule using spreadsheets, database, and project management software• Documentation and presentations using word processing, flowcharting, and graphics software• Communication and data transfer using electronic connectivity and a centralized server• Resource management using online work papers review and e-mail• Data management using database, groupware, and intranet software
  5. 5. Audit Planning and Tracking• Risk assessment, audit schedule preparation and tracking, and budget preparations are necessary tasks in audit planning.• Spreadsheets or database software can be used to record risk values, develop an “ audit universe,” and prepare a budget. Project management software can be used to schedule audits and track the current status. Each of these solutions is a standalone. An integration may not even be possible. Because planning tasks are interdependent, an integrated application would provide quicker update and ensure that all phases of planning are kept in sync. – For example, the budget should provide sufficient costs to accomplish the audit schedule, or the audit schedule should not exceed the resources available.
  6. 6. Documentation and Presentations• A use of packages such as Office Suite provides “ cut and paste” and linking functionality.• These features facilitate the creation of consistent, accurate documents. – For example, spreadsheet data containing functional testing results can be incorporated into a report document with a few clicks of a mouse. As same data can then just as easily be copied to a presentation slide and also be “linked,” so that changes to the source documents will be reflected in any of the related documents.• Software suite functionality saves time and ensures consistency and accuracy.
  7. 7. Groupware• Groupware is a specialized tool or assembly of compatible tools that enables business teams to work faster, share more information, communicate more effectively, and do a better job of completing tasks. Groupware systems vary greatly. Today, we are seeing desktop conferencing, videoconferencing, coauthoring features and applications, e -mail and b-boards, meeting supports systems, paging and voice applications, workflow systems, and group and subgroup calendars as examples of groupware products and support systems.
  8. 8. Auditor Skills• Requirement to use computer-assisted auditing techniques lies in understanding and applying the appropriate audit functions.• By way of illustration, four broad categories of computer auditing functions can be identified: – Items of audit interest – Audit mathematics – Data analysis • Histogram • Modeling • Comparative Analysis – System validation
  9. 9. Flowcharting Techniques
  10. 10. Flowcharting as an Analysis Tool• A method for identifying and evaluating control strengths and weaknesses within a system under examination. It can be time consuming to build an understanding of strengths and weaknesses within a system to be audited.• Evaluation of a number of elements of a system: – Quality of system documentation – Adequacy of manual or automated controls over documents – Effectiveness of processing by computer programs (i.e., whether the processing is necessary or redundant and whether the processing sequence is proper) – Usefulness of outputs including reports and stored fi les• Steps followed in the development of flowcharts and their use as audit evaluation tools include – Understanding how data is processed by computers – Identifying documents and their flow through the system – Defining critical data – Developing audit data flow diagrams – Evaluating the quality of system documentation – Assessing controls over documents – Determining the effectiveness of processing under computer programs – Evaluating the usefulness of reports
  11. 11. Defining Critical Data• An auditor must build a clear understanding of the data being recorded within the system under study. Therefore, the individual elements of data must be defined. Titles can be deceptive. – For example, is a cost derived from the current period or is it cumulative? Is the cost accrued or incurred? What are the components of a cost? Has the composition of cost changed during the fiscal periods under review?
  12. 12. • Determining the Effectiveness of Processing under Computer Programs• A e audit staff should identify any problem areas in the processing cycle including but not limited to• Redundant processing of data or other forms of duplication• Bottlenecks that delay processing• Points i n t he o perating c ycle at w hich c lerks do n ot h ave en ough t ime to re view o utput• reports and make corrections• Evaluating the Usefulness of Reports• A e aud it s taff sh ould re view t he k ey o r m ajor o utputs ( such a s e dit l istings, er ror l istings, a nd• control of hours listings) of the application system and determine if the outputs are• Accurate• Usef ul a s i ntended• A e auditor should confi rm fi ndings by interviewing t he users of t he output reports. One appropriate• te• chnique m ight b e t he c ompletion o f a q uestionnaire o r su rvey, p erhaps c onducted b y• e-mail on user satisfaction with output reports.
  13. 13. Sampling
  14. 14. System Validation• System validation is a method for testing the reliability of programs through simulation with either the test data or actual data. With parallel simulation techniques, the auditor may be able to satisfy both compliance and substantive testing needs in one process.
  15. 15. Generalized Audit Software• Use of generalized audit software makes it possible to perform required functions directly on application files. Audit software can be used to: – Analyze and compare files – Select specific records for examination – Conduct random samples – Validate calculations – Prepare confirmation letters – Analyze aging of transaction files – IT auditors can also use the same software tools as the programming staff or additional tool s used
  16. 16. Query and Analysis Tools
  17. 17. Application Testing• Once controls have been identified, the next step in an audit is to verify the control’s effectiveness. This can be accomplished by submitting a set of test data that will produce known results if the application functions properly.• Evaluating the results of the application• In any case, the auditor will need to understand the processing logic of the application to simulate the application or evaluate the application’s results.• Database controls – Access rights
  18. 18. Other (Online) CAATs• Webmetrics: – Web Static Analyzer Tool (Web SAT), Web Category Analysis Tool (WebCAT), Web Visual Instrumenter Program (WebVIP), VISVIP, FLUD, FLUDViz Tool, and TreeDec.• Manually checking that all posted data is current will be time consuming. Discovering broken links, missing pages, and page components manually are almost impossible.• Webmetrics provided by Information Technology Laboratory (ITL) of National Institute of• Standards and Technology (NIST) is one of t he CAATs that can assist IT auditors in evaluating the usability of a Web site. – Reduces the time to complete audit analysis, test, and reports – Increases audit coverage by reducing the amount of time spent on manual processes – Provides quality audit services by having a standard set of audit tools and procedures – Leverages the knowledge gathered as a result of audit projects to provide immediate metric/data quality feedback to management• Benefits – Reduced advertising costs – Equal access to new markets – Increased sales – More opportunity for niche marketing – Reduced delivery cost for goods that can be delivered electronically
  19. 19. Example Tools (Non-Commercial)Infrastructure (network) related auditing tools• Open-AudIT• OCS Inventory NG
  20. 20. Network CAAT Example
  21. 21. Network CAAT Example
  22. 22. CAAT Example• OCS Inventory NG Global Diagram (http://www.ocsinventory-ng.org)
  23. 23. CAAT Integration Example• Global diagram detailed how OCS can be integrated in a complex network architecture.
  24. 24. TugasDari berkas “Understanding Fraud and Corruption”• Pertanyaan-pertanyaan yang harus dijawab: – Jelaskan perbedaan Fraud dan Corruption – Definisikan Fraud – Definisikan Corruption menurut ADB 1998 – Sebutkan 7 elemen Fraud and Corruption – Sebutkan 15 jenis Fraud and Corruption beserta definisinya – Sebutkan daftar perilaku korup (12 item) – Apa penyebab Fraud and Corruption?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×