SlideShare a Scribd company logo

3.42211- CIS Audit.pdf

N
Nehemiah27

Auditing Computer Information System and Related Risks

Business
1 of 25
Download to read offline
Topic 9 Auditing Computer Information System & Related Risks
Phases of Audit • Know your client & the industry because most clients are using computerized systems • Using modern technology replaces the conventional/manual records, even signatures are scanned • There are no trails as all records are in the ‘black box’ • Audit must satisfy himself that controls are effective to give complete accurate FR
Relationship of CIS to audit phases (IAS 1008) • Knowing how the business processes its accounting information >VIP areas • Control systems for processing accounting information: transaction trail, segregation of processing, potentials for misstatement, errors= compliance test on internal controls • Risk Assessment: inherent risk (set up & programs), control risk (access & data input) • Plan audit procedures to detect risks
Basic Features of CIS • Hardware & Software • Different Input Devices: scanner, flash drives, CDs, tapes and Output Devices: screen, softcopy/printer, email, website • Data Processing: online versus offline, direct access v sequential access • Batch processing online v individual online • IT skill is essential in an CIS audit
Internal Controls in CIS General • Physical set up, location or housing • Physical control, security and back up • Access control • Storage and library of CIS data for backup or future retrieval Application • Software choice and programming • Input access & control-authorized • Files control • Process & Output control
Three Common CIS Audit Techniques/Procedures • Auditing Around the computer-testing of general controls & manual vouching of output to source documents, then verify with CIS output • Auditing through the computer-testing of application controls using various tests • Auditing with the computer-auditing with the use of audit software and/or computer assisted audit techniques (CAAT)
Auditing Around the Computer • Computer is treated as a black box and only documents are assessed before and after they have gone thru • Cheapest, no IT knowledge required & simple • Doesn’t prevent any problem as it is postmortem approach
Auditing through the computer • Requires testing of input & output controls • Data test-where some data is processed thru the system & compares with manually processed result. Tested in ‘non-live’ set separately to avoid corrupting the client’s program • Integrated Test Facility- requires the use of dummy data to test the client’s live files. The data is processed in the usual manner with the rest.
• Process client actual data-to test controls thru controlled processing, reprocessing or parallel processing where two systems operate in the test • Non processing approach-program codes are reviewed for logic & accuracy; review of accounting job runs for errors, timing & abnormality. #review of codes requires extensive IT knowledge
Auditing with Computer • Where clients have large volumes of records, it is time consuming to audit manually. • Generalized Audit Software (GAS)- a software that can perform general accounting/processing activities. Others like File Formats-file formats vary, thus this program can deal with file differences; processing instructions; can assess certain processing tasks
• Current GAS can: 1. Identify and select items to audit/review 2. Conduct exception reporting-select records certain criteria-aged debtors 3. Can carry out calculations-calculate doubtful debts of aging debtors 4. Compare data from different files 5. Summary data-list of debtors owing K1m> 6. Summarize & report Specialized Auditing software for each industry or activities (SAS)
Using PCs in the audit • PCs used in different audit assignments including spreadsheet • Templates can be created for common accounting or auditing calculations e,g,: 1. Working Trial Balance=accounts are down loaded from the client’s accounts to draw up a trial balance, adjustments, P&L & B/S 2. Analytical Procedures- comparative ratios 3. Complex Computations from Templates set up
Audit Soft wares • General audit software can be purchased off the shelf and engineered to meet need • Expert system -specialised system = ’artificial intelligence’ or decision support system=assists in testing Internal controls. Auditor enters client program, software generate a relevant internal control test questionnaire automatically. The auditor provides symptoms, program suggests relevant audit procedures
E-Commerce & Audit • Earliest form=Electronic Data Interchange (EDI), a subset of e-commerce • E-Commerce grew by 3000% b2win 1999 & 2005, a booming business. It impacts on auditing (IAS 1009-CAAT) • Auditor needs to identify impact of e- commerce on client assertions in planning, risk assessment, sampling, analytical procedures, compliance & substantive tests
Auditing in a Computer Environment • Main aim : to test whether client program will detect errors/invalid transactions. Results of computer processed information is compared with manual result • VIP to ensure the program tested is one the client is using thru out the period
Internet Risk • Unless an entity uses a private network, what is transmitted over a public network is vulnerable; subjected to being intercepted, altered, lost, diverted or replaced. • These makes audit authenticity at risk. Some input control check include: 1. Batch control-group gets processed in full 2. Sequence Control-all pass in order 3. Digit check- correct & complete numbers
Computer Related Considerations • Real Time Processing systems-online entry method where a transaction entered into a terminal updates accurately without trail. IAS 1002 • Computer service bureau-using external CIS e.g. PNG concept payroll system. The auditor needs to understand the controls in place. Audit is done either on the client or the service provider
• Database Management System-need CIS specialist to plan an audit because different programs use the same database (IAS1003) • Stand alone PC-single user, internal controls need assessing (IAS1001) • LANs & other networks-many users & controls are stronger but risks are higher
Cont. • Advanced CAATs (IAS 1009)-System control audit file (SCARF) tags a transaction to observe processing files • Snapshot –the software takes a snapshot of the program process a transaction • Audit hooks-audit modules built into CIS so auditors can use it to do auditing. It is done at the initial stage of CIS set up.

Recommended

Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
_supriadi
 
Audit and Assurance
Audit and AssuranceAudit and Assurance
Audit and Assurance
MuhamadSyawal7
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized Environment
Dr. Sushil Bansode
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
_supriadi
 
Chapter 6
Chapter 6Chapter 6
Chapter 6
Nur Dalila Zamri
 
Auditing in a computer environment copy
Auditing in a computer environment copyAuditing in a computer environment copy
Auditing in a computer environment copy
Saleh Rashid
 
Auditing in computerized environment.pptx
Auditing in computerized environment.pptxAuditing in computerized environment.pptx
Auditing in computerized environment.pptx
infantemiliya18
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
Adetula Bunmi
 

Recommended

Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
_supriadi
 
Audit and Assurance
Audit and AssuranceAudit and Assurance
Audit and Assurance
MuhamadSyawal7
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized Environment
Dr. Sushil Bansode
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
_supriadi
 
Chapter 6
Chapter 6Chapter 6
Chapter 6
Nur Dalila Zamri
 
Auditing in a computer environment copy
Auditing in a computer environment copyAuditing in a computer environment copy
Auditing in a computer environment copy
Saleh Rashid
 
Auditing in computerized environment.pptx
Auditing in computerized environment.pptxAuditing in computerized environment.pptx
Auditing in computerized environment.pptx
infantemiliya18
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
Adetula Bunmi
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
dotco
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.ppt
r209777z
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environment
KugendranMani
 
Chapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxChapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptx
ToxicHawk
 
Software Engineering Introduction
Software Engineering IntroductionSoftware Engineering Introduction
Software Engineering Introduction
rajeswaricseAvinuty
 
CISA_WK_1.pptx
CISA_WK_1.pptxCISA_WK_1.pptx
CISA_WK_1.pptx
dotco
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment Presentation
EMAC Consulting Group
 
Core Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersCore Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computers
Shikha Gupta
 
Information systems application control Framework.ppt
Information systems application control Framework.pptInformation systems application control Framework.ppt
Information systems application control Framework.ppt
r209777z
 
Information system audit
Information system audit Information system audit
Information system audit
Jayant Dalvi
 
Real time Audit
Real time AuditReal time Audit
Real time Audit
PawanRohilla12
 
Value-added it auditing
Value-added it auditingValue-added it auditing
Value-added it auditing
Marc Vael
 
Introduction to computerised accounting
Introduction to computerised accountingIntroduction to computerised accounting
Introduction to computerised accounting
Itisha Sharma
 
General and Application Control - Security and Control Issues in Informatio...
General and Application Control - Security and Control Issues in Informatio...General and Application Control - Security and Control Issues in Informatio...
General and Application Control - Security and Control Issues in Informatio...
Dr. Rosemarie Sibbaluca-Guirre
 
Test Data Approach
Test Data ApproachTest Data Approach
Test Data Approach
kzoe1996
 
03.2 application control
03.2 application control03.2 application control
03.2 application control
Mulyadi Yusuf
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shop
Priyanka Aash
 
Computerized Environment
Computerized EnvironmentComputerized Environment
Computerized Environment
VadivelM9
 
computer system validation
computer system validationcomputer system validation
computer system validation
Gopal Patel
 
Aud5_Chapter-26.pptx
Aud5_Chapter-26.pptxAud5_Chapter-26.pptx
Aud5_Chapter-26.pptx
JayLloyd8
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 

More Related Content

Similar to 3.42211- CIS Audit.pdf

Core Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersCore Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computers
Shikha Gupta
 
03.2 application control
03.2 application control03.2 application control
03.2 application control
Mulyadi Yusuf
 

Similar to 3.42211- CIS Audit.pdf (20)

CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.ppt
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environment
 
Chapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxChapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptx
 
Software Engineering Introduction
Software Engineering IntroductionSoftware Engineering Introduction
Software Engineering Introduction
 
CISA_WK_1.pptx
CISA_WK_1.pptxCISA_WK_1.pptx
CISA_WK_1.pptx
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment Presentation
 
Core Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersCore Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computers
 
Information systems application control Framework.ppt
Information systems application control Framework.pptInformation systems application control Framework.ppt
Information systems application control Framework.ppt
 
Information system audit
Information system audit Information system audit
Information system audit
 
Real time Audit
Real time AuditReal time Audit
Real time Audit
 
Value-added it auditing
Value-added it auditingValue-added it auditing
Value-added it auditing
 
Introduction to computerised accounting
Introduction to computerised accountingIntroduction to computerised accounting
Introduction to computerised accounting
 
General and Application Control - Security and Control Issues in Informatio...
General and Application Control - Security and Control Issues in Informatio...General and Application Control - Security and Control Issues in Informatio...
General and Application Control - Security and Control Issues in Informatio...
 
Test Data Approach
Test Data ApproachTest Data Approach
Test Data Approach
 
03.2 application control
03.2 application control03.2 application control
03.2 application control
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shop
 
Computerized Environment
Computerized EnvironmentComputerized Environment
Computerized Environment
 
computer system validation
computer system validationcomputer system validation
computer system validation
 
Aud5_Chapter-26.pptx
Aud5_Chapter-26.pptxAud5_Chapter-26.pptx
Aud5_Chapter-26.pptx
 

Recently uploaded

Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
amitlee9823
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
daisycvs
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Damini Dixit
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
amitlee9823
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Sheetaleventcompany
 
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂EscortCall Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
dlhescort
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
dlhescort
 

Recently uploaded (20)

Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
 
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
 
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
 
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂EscortCall Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
 

3.42211- CIS Audit.pdf

  • 1. Topic 9 Auditing Computer Information System & Related Risks
  • 2. Phases of Audit • Know your client & the industry because most clients are using computerized systems • Using modern technology replaces the conventional/manual records, even signatures are scanned • There are no trails as all records are in the ‘black box’ • Audit must satisfy himself that controls are effective to give complete accurate FR
  • 3. Relationship of CIS to audit phases (IAS 1008) • Knowing how the business processes its accounting information >VIP areas • Control systems for processing accounting information: transaction trail, segregation of processing, potentials for misstatement, errors= compliance test on internal controls • Risk Assessment: inherent risk (set up & programs), control risk (access & data input) • Plan audit procedures to detect risks
  • 4. Basic Features of CIS • Hardware & Software • Different Input Devices: scanner, flash drives, CDs, tapes and Output Devices: screen, softcopy/printer, email, website • Data Processing: online versus offline, direct access v sequential access • Batch processing online v individual online • IT skill is essential in an CIS audit
  • 5.
  • 6. Internal Controls in CIS General • Physical set up, location or housing • Physical control, security and back up • Access control • Storage and library of CIS data for backup or future retrieval Application • Software choice and programming • Input access & control-authorized • Files control • Process & Output control
  • 7. Three Common CIS Audit Techniques/Procedures • Auditing Around the computer-testing of general controls & manual vouching of output to source documents, then verify with CIS output • Auditing through the computer-testing of application controls using various tests • Auditing with the computer-auditing with the use of audit software and/or computer assisted audit techniques (CAAT)
  • 8. Auditing Around the Computer • Computer is treated as a black box and only documents are assessed before and after they have gone thru • Cheapest, no IT knowledge required & simple • Doesn’t prevent any problem as it is postmortem approach
  • 9. Auditing through the computer • Requires testing of input & output controls • Data test-where some data is processed thru the system & compares with manually processed result. Tested in ‘non-live’ set separately to avoid corrupting the client’s program • Integrated Test Facility- requires the use of dummy data to test the client’s live files. The data is processed in the usual manner with the rest.
  • 10. • Process client actual data-to test controls thru controlled processing, reprocessing or parallel processing where two systems operate in the test • Non processing approach-program codes are reviewed for logic & accuracy; review of accounting job runs for errors, timing & abnormality. #review of codes requires extensive IT knowledge
  • 11.
  • 12.
  • 13. Auditing with Computer • Where clients have large volumes of records, it is time consuming to audit manually. • Generalized Audit Software (GAS)- a software that can perform general accounting/processing activities. Others like File Formats-file formats vary, thus this program can deal with file differences; processing instructions; can assess certain processing tasks
  • 14. • Current GAS can: 1. Identify and select items to audit/review 2. Conduct exception reporting-select records certain criteria-aged debtors 3. Can carry out calculations-calculate doubtful debts of aging debtors 4. Compare data from different files 5. Summary data-list of debtors owing K1m> 6. Summarize & report Specialized Auditing software for each industry or activities (SAS)
  • 15. Using PCs in the audit • PCs used in different audit assignments including spreadsheet • Templates can be created for common accounting or auditing calculations e,g,: 1. Working Trial Balance=accounts are down loaded from the client’s accounts to draw up a trial balance, adjustments, P&L & B/S 2. Analytical Procedures- comparative ratios 3. Complex Computations from Templates set up
  • 16. Audit Soft wares • General audit software can be purchased off the shelf and engineered to meet need • Expert system -specialised system = ’artificial intelligence’ or decision support system=assists in testing Internal controls. Auditor enters client program, software generate a relevant internal control test questionnaire automatically. The auditor provides symptoms, program suggests relevant audit procedures
  • 17. E-Commerce & Audit • Earliest form=Electronic Data Interchange (EDI), a subset of e-commerce • E-Commerce grew by 3000% b2win 1999 & 2005, a booming business. It impacts on auditing (IAS 1009-CAAT) • Auditor needs to identify impact of e- commerce on client assertions in planning, risk assessment, sampling, analytical procedures, compliance & substantive tests
  • 18. Auditing in a Computer Environment • Main aim : to test whether client program will detect errors/invalid transactions. Results of computer processed information is compared with manual result • VIP to ensure the program tested is one the client is using thru out the period
  • 19.
  • 20.
  • 21.
  • 22. Internet Risk • Unless an entity uses a private network, what is transmitted over a public network is vulnerable; subjected to being intercepted, altered, lost, diverted or replaced. • These makes audit authenticity at risk. Some input control check include: 1. Batch control-group gets processed in full 2. Sequence Control-all pass in order 3. Digit check- correct & complete numbers
  • 23. Computer Related Considerations • Real Time Processing systems-online entry method where a transaction entered into a terminal updates accurately without trail. IAS 1002 • Computer service bureau-using external CIS e.g. PNG concept payroll system. The auditor needs to understand the controls in place. Audit is done either on the client or the service provider
  • 24. • Database Management System-need CIS specialist to plan an audit because different programs use the same database (IAS1003) • Stand alone PC-single user, internal controls need assessing (IAS1001) • LANs & other networks-many users & controls are stronger but risks are higher
  • 25. Cont. • Advanced CAATs (IAS 1009)-System control audit file (SCARF) tags a transaction to observe processing files • Snapshot –the software takes a snapshot of the program process a transaction • Audit hooks-audit modules built into CIS so auditors can use it to do auditing. It is done at the initial stage of CIS set up.