SlideShare a Scribd company logo

CAATT Techniques for Testing Computer Application Controls

A
Amith Reddy

Computer Assisted Audit Tools and Techniques

Education
1 of 21
Download to read offline
Submitted By, Patil, Shivani (3103640) Rajolkar, Amith (3103599)
What is CAATT ➔ Computer Assisted Audit Tools and techniques used for performing test application control and data extraction. ➔ CAATTs used for testing application logic and then examined. There are five CAATT approaches: ★ The Test Data Method ★ Base case System Evaluation ★ Tracing ★ Integrated Test facility ★ Parallel stimulation.
Application Control ➔ Designed to deal with potential exposures. ➔ Input data is accurate, complete, authorized and correct. ➔ Ensures that data is processed as intended in an acceptable time period. ➔ Take care of a maintained record of process data from input to storage. ➔ Output are accurate and complete. Application control falls into three categories: ★ Input Control ★ Processing Control ★ Output Control
Input Control ➔ Input control are designed to ensure that the transactions are valid, accurate, and complete. ➔ Input controls are used to check the integrity of data entered into a business application. ➔ Checks to ensure the data is remain within a specified parameters. ➔ Data input procedures can be either source document- triggered (batch) or direct input (real time). ➔ Input control employs real-time editing techniques to identify and correct errors.
Classes of Input Control ➔ Input Controls are designed to make sure transactions are true, complete, and accurate. ➔ Procedures for entering data can be either documented-triggered source (batch) or direct input (real-time). ➔ Input controls will vary in terms of quality and complexity depending on the application program. ➔ There are six classes used in Input control (Refer Fig)
Validation During Data Input Control ➔ System using real-time processing or batch processing . ➔ Batch processing with sequential files ➔ For additional processing each processing module prior to updating master file. ➔ Error handling procedures. There are three input validation controls: ★ Field Interrogation ★ Record Interrogation ★ File Interrogation.
Processing Control ● Processing Controls provide an automated means of ensure processing to complete , accurate, and authorized. ● After passing through the data input stage, transaction enter the processing stage of the system.
Run-To-Run Controls ➔ Used to monitor the batch as it moves from one programmed procedure to another. ➔ Ensures that each run in the system processes the batch correctly and completely. ➔ Uses of run-to-run controls ★ Recalculate Control Totals. ★ Transaction Codes. ★ Sequence Checks.
Operator Intervention & Audit Trail Controls ➔ Systems sometimes requires operator intervention to initiate certain actions. ➔ Operator Intervention increases the potential for human error. ➔ Preserving the Audit trials plays a vital role in the Process Control. ➔ This controls helps in holding of every transactions made in the systems from source till end of Reporting Techniques used to preserve audit trails: ★ Transaction logs. ★ Log Of automatic transactions ★ Listing of Automatic Transactions ★ Unique Transaction Identifiers ★ Error Listing.
Output Controls ➔ The Functionality of the Output control is to ensure that all the Data that is fed to the Application Systems should be processed. ➔ This control should also ensure that the privacy of the output data is not violated as it might occur a huge loss to the organisation. Types of Output Controls ★ Controlling Batch Systems Output ★ Controlling Real - Time Systems Output
Controlling Batch Systems Output ➔ Batch Systems uses the hardcopy as the form of an output which requires an intermediaries in its productions and distributions ➔ There are different stages of the output process (refer fig)
Controlling Real-Time Systems Output ➔ In real time systems, the outputs are directly passed to the end user’s output screen (For E.g., End user’s Printer, Computer Screen/Terminal). ➔ Major Drawback of this type is loss/damage of data in the Communication Link or Data exposed by the Equipment Failure. Solution for this could be using of Hamming Code and using the Encryption/Decryption Techniques
Testing Computer Application Controls These controls are designed to provide information about the accuracy and completeness of an Application System The 2 most important approaches for Auditing the Computer Application are i. Black-Box Approach ii. White-Box Approach
Black-Box Approach ➔ The auditors using this Black Box approach do not care about the applications work in detail or Internal logics. ➔ They tend to concentrate more on the flowchart diagrams on how the systems work or to understand the characteristics of the systems.
White-Box Approach ➔ The white box (through the computer) approach relies on an in-depth understanding of the internal logic of the application being tested. ➔ The white box approach includes several techniques for testing application logic directly. Typically these involve the creation of a small set of test transactions to verify specific aspects of an application’s logic and controls. ➔ The type of tests involved in the White Box Approach are: ◆ Authenticity Test ◆ Accuracy Test ◆ Completeness Test ◆ Redundancy Test ◆ Access Tests ◆ Audit Trail Tests ◆ Rounding Error Tests
CAATT for Testing controls ➔ Computer Aided Audit Tools and Techniques (CAATT) is the practice of using computers to automate the IT audit processes. CAATT usually includes the basic office productivity software such as Spreadsheets, word Processors and Text Editing. ➔ The different approaches discussed in this chapter are as follows: ★ Test Data method (includes Creating Test Data, Base Case System Evaluation and Tracing) ★ Integrated Test Facility ★ Parallel Simulation
The Test Data Method This approach uses the processing of the Test input data to the Application Under review where these results are compared to the predetermined values to obtain objective evaluations of application logic.
Base Case Evaluation System & Tracing When the set of test data in use is comprehensive, the technique is called the base case system evaluation (BCSE). BCSE tests are conducted with a set of test transactions containing all possible transaction types. These are processed through repeated iterations during systems development testing until consistent and valid results are obtained. Tracing technique performs an electronic walkthrough of the application’s internal logic. It involves following steps ➔ Application compilation to activate the trace option. ➔ Test Data is created by specific Transactions. ➔ The test data transactions are traced through all processing stages of the program
Integrated Test Facility (ITF) Integrated Test Facility (ITF) approach is an automated technique that enables an auditor to test an application’s logic and control during its ongoing operations
Parallel Simulations This approach require the auditor to create an simulation program (with Key Feature Logic and processes) that is similar the actual program and then the transactions are fed to it and the resulting simulation output it compared to the actual production output. When using this approach, there arises a few questions like How to create a simulation program? ➔ This simulation program is a dummy program which is built to use as a one-time approach which can be written in any Programming Languages. ➔ The auditor must understand the complete logic and current documentation of the application program which is under review & create a simulator program called as Generalized audit software (GAS). ➔ The auditor feeds the GAS with the actual transactions to find the results which are then compared to the actual production results.
THANK YOU

Recommended

Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
Test Data Approach
Test Data ApproachTest Data Approach
Test Data Approachkzoe1996
 
03.2 application control
03.2 application control03.2 application control
03.2 application controlMulyadi Yusuf
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
Parallel simulation
Parallel simulationParallel simulation
Parallel simulationkzoe1996
 
Audit Evidence
Audit EvidenceAudit Evidence
Audit Evidencemsameha
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controljayussuryawan
 
Technology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal ControlTechnology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal ControlZefren Edior
 

Recommended

Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
Test Data Approach
Test Data ApproachTest Data Approach
Test Data Approachkzoe1996
 
03.2 application control
03.2 application control03.2 application control
03.2 application controlMulyadi Yusuf
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
Parallel simulation
Parallel simulationParallel simulation
Parallel simulationkzoe1996
 
Audit Evidence
Audit EvidenceAudit Evidence
Audit Evidencemsameha
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controljayussuryawan
 
Technology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal ControlTechnology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal ControlZefren Edior
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of ControlsSazzad Hossain, ITP, MBA, CSCA™
 
Inventory Audit.pptx
Inventory Audit.pptxInventory Audit.pptx
Inventory Audit.pptxMASHUPRAJA
 
Ch 11. Evidence and Sampling
Ch 11. Evidence and SamplingCh 11. Evidence and Sampling
Ch 11. Evidence and SamplingSazzad Hossain, ITP, MBA, CSCA™
 
Caa ts
Caa tsCaa ts
Caa tsChris Nicole Apat-Orcullo, CPA
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Sazzad Hossain, ITP, MBA, CSCA™
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controlTommy Zul Hidayat
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksTommy Zul Hidayat
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment PresentationEMAC Consulting Group
 
Ch 9. Internal Audit
Ch 9. Internal AuditCh 9. Internal Audit
Ch 9. Internal AuditSazzad Hossain, ITP, MBA, CSCA™
 
Audit of Fixed Assets
Audit of Fixed AssetsAudit of Fixed Assets
Audit of Fixed AssetsAdmin SBS
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
Auditing application controls
Auditing application controlsAuditing application controls
Auditing application controlsCenapSerdarolu
 
Integrated Test Facility
Integrated Test FacilityIntegrated Test Facility
Integrated Test Facilitykzoe1996
 
Audit process
Audit processAudit process
Audit processHema Thayanithy
 
Audit risk model
Audit risk modelAudit risk model
Audit risk modelDarryl Woolley
 
5.4 it security audit (mauritius)
5.4 it security audit (mauritius)5.4 it security audit (mauritius)
5.4 it security audit (mauritius)Corporate Registers Forum
 
Internal controls in an IT environment
Internal controls in an IT environment Internal controls in an IT environment
Internal controls in an IT environment Chris Nicole Apat-Orcullo, CPA
 
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...Sazzad Hossain, ITP, MBA, CSCA™
 
Internal Control
Internal ControlInternal Control
Internal ControlSalih Islam
 
Pp 11-new
Pp 11-newPp 11-new
Pp 11-newSri Apriyanti Husain
 
Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkatasunil patro
 
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01Aravindharamanan S
 

More Related Content

What's hot

Inventory Audit.pptx
Inventory Audit.pptxInventory Audit.pptx
Inventory Audit.pptxMASHUPRAJA
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controlTommy Zul Hidayat
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksTommy Zul Hidayat
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment PresentationEMAC Consulting Group
 
Audit of Fixed Assets
Audit of Fixed AssetsAudit of Fixed Assets
Audit of Fixed AssetsAdmin SBS
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
Auditing application controls
Auditing application controlsAuditing application controls
Auditing application controlsCenapSerdarolu
 
Integrated Test Facility
Integrated Test FacilityIntegrated Test Facility
Integrated Test Facilitykzoe1996
 
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...Sazzad Hossain, ITP, MBA, CSCA™
 
Internal Control
Internal ControlInternal Control
Internal ControlSalih Islam
 

What's hot (20)

Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
 
Inventory Audit.pptx
Inventory Audit.pptxInventory Audit.pptx
Inventory Audit.pptx
 
Ch 11. Evidence and Sampling
Ch 11. Evidence and SamplingCh 11. Evidence and Sampling
Ch 11. Evidence and Sampling
 
Caa ts
Caa tsCaa ts
Caa ts
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal control
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networks
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment Presentation
 
Ch 9. Internal Audit
Ch 9. Internal AuditCh 9. Internal Audit
Ch 9. Internal Audit
 
Audit of Fixed Assets
Audit of Fixed AssetsAudit of Fixed Assets
Audit of Fixed Assets
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
 
Auditing application controls
Auditing application controlsAuditing application controls
Auditing application controls
 
Integrated Test Facility
Integrated Test FacilityIntegrated Test Facility
Integrated Test Facility
 
Audit process
Audit processAudit process
Audit process
 
Audit risk model
Audit risk modelAudit risk model
Audit risk model
 
5.4 it security audit (mauritius)
5.4 it security audit (mauritius)5.4 it security audit (mauritius)
5.4 it security audit (mauritius)
 
Internal controls in an IT environment
Internal controls in an IT environment Internal controls in an IT environment
Internal controls in an IT environment
 
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...
Lecture 10, chap 16, Chapter 16, Auditing Inventories and property, plant an...
 
Internal Control
Internal ControlInternal Control
Internal Control
 
Pp 11-new
Pp 11-newPp 11-new
Pp 11-new
 

Similar to CAATT Techniques for Testing Computer Application Controls

Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkatasunil patro
 
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01Aravindharamanan S
 
Software testing tools and its taxonomy
Software testing tools and its taxonomySoftware testing tools and its taxonomy
Software testing tools and its taxonomyHimanshu
 
Objectorientedtesting 160320132146
Objectorientedtesting 160320132146Objectorientedtesting 160320132146
Objectorientedtesting 160320132146vidhyyav
 
Object oriented testing
Object oriented testingObject oriented testing
Object oriented testingHaris Jamil
 
Information system audit
Information system audit Information system audit
Information system audit Jayant Dalvi
 
Cleanroom Software Engineering By NADEEM AHMED FROM DEPALPUR
Cleanroom Software Engineering By NADEEM AHMED FROM DEPALPURCleanroom Software Engineering By NADEEM AHMED FROM DEPALPUR
Cleanroom Software Engineering By NADEEM AHMED FROM DEPALPURNA000000
 
Chapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.pptChapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.pptGentaSahuri2
 
Advance Hospital Management System PPT by Krishna
Advance Hospital Management System PPT by KrishnaAdvance Hospital Management System PPT by Krishna
Advance Hospital Management System PPT by KrishnaKrishna Shidnekoppa
 
Quality management processes
Quality management processesQuality management processes
Quality management processesselinasimpson0701
 
System Integration and Architecture.pptx
System Integration and Architecture.pptxSystem Integration and Architecture.pptx
System Integration and Architecture.pptxMARIVICJOYCLAMUCHA1
 
Testing in Software Engineering.docx
Testing in Software Engineering.docxTesting in Software Engineering.docx
Testing in Software Engineering.docx8759000398
 
Learn software testing with tech partnerz 1
Learn software testing with tech partnerz 1Learn software testing with tech partnerz 1
Learn software testing with tech partnerz 1Techpartnerz
 
ISTQB Advanced Study Guide - 4
ISTQB Advanced Study Guide - 4ISTQB Advanced Study Guide - 4
ISTQB Advanced Study Guide - 4Yogindernath Gupta
 

Similar to CAATT Techniques for Testing Computer Application Controls (20)

Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkata
 
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01
Softwaretestingtoolsanditstaxonomy 131204003332-phpapp01
 
Software testing tools and its taxonomy
Software testing tools and its taxonomySoftware testing tools and its taxonomy
Software testing tools and its taxonomy
 
System testing
System testingSystem testing
System testing
 
Objectorientedtesting 160320132146
Objectorientedtesting 160320132146Objectorientedtesting 160320132146
Objectorientedtesting 160320132146
 
Object oriented testing
Object oriented testingObject oriented testing
Object oriented testing
 
hhhh.ppt
hhhh.ppthhhh.ppt
hhhh.ppt
 
Information system audit
Information system audit Information system audit
Information system audit
 
Cleanroom Software Engineering By NADEEM AHMED FROM DEPALPUR
Cleanroom Software Engineering By NADEEM AHMED FROM DEPALPURCleanroom Software Engineering By NADEEM AHMED FROM DEPALPUR
Cleanroom Software Engineering By NADEEM AHMED FROM DEPALPUR
 
Chapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.pptChapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.ppt
 
Real time Audit
Real time AuditReal time Audit
Real time Audit
 
Advance Hospital Management System PPT by Krishna
Advance Hospital Management System PPT by KrishnaAdvance Hospital Management System PPT by Krishna
Advance Hospital Management System PPT by Krishna
 
Quality management processes
Quality management processesQuality management processes
Quality management processes
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
System Integration and Architecture.pptx
System Integration and Architecture.pptxSystem Integration and Architecture.pptx
System Integration and Architecture.pptx
 
Testing in Software Engineering.docx
Testing in Software Engineering.docxTesting in Software Engineering.docx
Testing in Software Engineering.docx
 
Software Quality
Software Quality Software Quality
Software Quality
 
Learn software testing with tech partnerz 1
Learn software testing with tech partnerz 1Learn software testing with tech partnerz 1
Learn software testing with tech partnerz 1
 
ST_final (2).docx
ST_final (2).docxST_final (2).docx
ST_final (2).docx
 
ISTQB Advanced Study Guide - 4
ISTQB Advanced Study Guide - 4ISTQB Advanced Study Guide - 4
ISTQB Advanced Study Guide - 4
 

Recently uploaded

The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 

Recently uploaded (20)

The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 

CAATT Techniques for Testing Computer Application Controls

  • 1. Submitted By, Patil, Shivani (3103640) Rajolkar, Amith (3103599)
  • 2. What is CAATT ➔ Computer Assisted Audit Tools and techniques used for performing test application control and data extraction. ➔ CAATTs used for testing application logic and then examined. There are five CAATT approaches: ★ The Test Data Method ★ Base case System Evaluation ★ Tracing ★ Integrated Test facility ★ Parallel stimulation.
  • 3. Application Control ➔ Designed to deal with potential exposures. ➔ Input data is accurate, complete, authorized and correct. ➔ Ensures that data is processed as intended in an acceptable time period. ➔ Take care of a maintained record of process data from input to storage. ➔ Output are accurate and complete. Application control falls into three categories: ★ Input Control ★ Processing Control ★ Output Control
  • 4. Input Control ➔ Input control are designed to ensure that the transactions are valid, accurate, and complete. ➔ Input controls are used to check the integrity of data entered into a business application. ➔ Checks to ensure the data is remain within a specified parameters. ➔ Data input procedures can be either source document- triggered (batch) or direct input (real time). ➔ Input control employs real-time editing techniques to identify and correct errors.
  • 5. Classes of Input Control ➔ Input Controls are designed to make sure transactions are true, complete, and accurate. ➔ Procedures for entering data can be either documented-triggered source (batch) or direct input (real-time). ➔ Input controls will vary in terms of quality and complexity depending on the application program. ➔ There are six classes used in Input control (Refer Fig)
  • 6. Validation During Data Input Control ➔ System using real-time processing or batch processing . ➔ Batch processing with sequential files ➔ For additional processing each processing module prior to updating master file. ➔ Error handling procedures. There are three input validation controls: ★ Field Interrogation ★ Record Interrogation ★ File Interrogation.
  • 7. Processing Control ● Processing Controls provide an automated means of ensure processing to complete , accurate, and authorized. ● After passing through the data input stage, transaction enter the processing stage of the system.
  • 8. Run-To-Run Controls ➔ Used to monitor the batch as it moves from one programmed procedure to another. ➔ Ensures that each run in the system processes the batch correctly and completely. ➔ Uses of run-to-run controls ★ Recalculate Control Totals. ★ Transaction Codes. ★ Sequence Checks.
  • 9. Operator Intervention & Audit Trail Controls ➔ Systems sometimes requires operator intervention to initiate certain actions. ➔ Operator Intervention increases the potential for human error. ➔ Preserving the Audit trials plays a vital role in the Process Control. ➔ This controls helps in holding of every transactions made in the systems from source till end of Reporting Techniques used to preserve audit trails: ★ Transaction logs. ★ Log Of automatic transactions ★ Listing of Automatic Transactions ★ Unique Transaction Identifiers ★ Error Listing.
  • 10. Output Controls ➔ The Functionality of the Output control is to ensure that all the Data that is fed to the Application Systems should be processed. ➔ This control should also ensure that the privacy of the output data is not violated as it might occur a huge loss to the organisation. Types of Output Controls ★ Controlling Batch Systems Output ★ Controlling Real - Time Systems Output
  • 11. Controlling Batch Systems Output ➔ Batch Systems uses the hardcopy as the form of an output which requires an intermediaries in its productions and distributions ➔ There are different stages of the output process (refer fig)
  • 12. Controlling Real-Time Systems Output ➔ In real time systems, the outputs are directly passed to the end user’s output screen (For E.g., End user’s Printer, Computer Screen/Terminal). ➔ Major Drawback of this type is loss/damage of data in the Communication Link or Data exposed by the Equipment Failure. Solution for this could be using of Hamming Code and using the Encryption/Decryption Techniques
  • 13. Testing Computer Application Controls These controls are designed to provide information about the accuracy and completeness of an Application System The 2 most important approaches for Auditing the Computer Application are i. Black-Box Approach ii. White-Box Approach
  • 14. Black-Box Approach ➔ The auditors using this Black Box approach do not care about the applications work in detail or Internal logics. ➔ They tend to concentrate more on the flowchart diagrams on how the systems work or to understand the characteristics of the systems.
  • 15. White-Box Approach ➔ The white box (through the computer) approach relies on an in-depth understanding of the internal logic of the application being tested. ➔ The white box approach includes several techniques for testing application logic directly. Typically these involve the creation of a small set of test transactions to verify specific aspects of an application’s logic and controls. ➔ The type of tests involved in the White Box Approach are: ◆ Authenticity Test ◆ Accuracy Test ◆ Completeness Test ◆ Redundancy Test ◆ Access Tests ◆ Audit Trail Tests ◆ Rounding Error Tests
  • 16. CAATT for Testing controls ➔ Computer Aided Audit Tools and Techniques (CAATT) is the practice of using computers to automate the IT audit processes. CAATT usually includes the basic office productivity software such as Spreadsheets, word Processors and Text Editing. ➔ The different approaches discussed in this chapter are as follows: ★ Test Data method (includes Creating Test Data, Base Case System Evaluation and Tracing) ★ Integrated Test Facility ★ Parallel Simulation
  • 17. The Test Data Method This approach uses the processing of the Test input data to the Application Under review where these results are compared to the predetermined values to obtain objective evaluations of application logic.
  • 18. Base Case Evaluation System & Tracing When the set of test data in use is comprehensive, the technique is called the base case system evaluation (BCSE). BCSE tests are conducted with a set of test transactions containing all possible transaction types. These are processed through repeated iterations during systems development testing until consistent and valid results are obtained. Tracing technique performs an electronic walkthrough of the application’s internal logic. It involves following steps ➔ Application compilation to activate the trace option. ➔ Test Data is created by specific Transactions. ➔ The test data transactions are traced through all processing stages of the program
  • 19. Integrated Test Facility (ITF) Integrated Test Facility (ITF) approach is an automated technique that enables an auditor to test an application’s logic and control during its ongoing operations
  • 20. Parallel Simulations This approach require the auditor to create an simulation program (with Key Feature Logic and processes) that is similar the actual program and then the transactions are fed to it and the resulting simulation output it compared to the actual production output. When using this approach, there arises a few questions like How to create a simulation program? ➔ This simulation program is a dummy program which is built to use as a one-time approach which can be written in any Programming Languages. ➔ The auditor must understand the complete logic and current documentation of the application program which is under review & create a simulator program called as Generalized audit software (GAS). ➔ The auditor feeds the GAS with the actual transactions to find the results which are then compared to the actual production results.