SlideShare a Scribd company logo

Pp 17-new

Download as PPTX, PDF
Sri Apriyanti Husain
Sri Apriyanti Husain

SIA

Economy & Finance
1 of 26
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Accounting Information Systems, 8e James A. Hall Chapter 17 IT Controls Part III: Systems Development, Program Changes, and Application Controls
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Objectives for Chapter 17  Be familiar with the controls and audit tests relevant to the systems development process.  Understand the risks and controls associated with program change procedures and the role of the source program library.  Understand the auditing techniques (CAATTs) used to verify the effective functioning of application controls.  Understand the auditing techniques used to perform substantive tests in an IT environment. 2
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Systems Development Controls Controllable activities that distinguish an effective systems development process include:  Systems authorization  User specification  Technical design  Internal audit participation  Program testing  User test and acceptance procedures 3
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Auditor’s objectives The auditor’s objectives are to ensure that  all systems development activities are applied consistently and follow management’s policies  system as originally implemented was free from material errors and fraud  system was judged necessary and justified at checkpoints throughout the SDLC, and  system documentation is sufficiently accurate and complete to facilitate audit and maintenance activities. 4
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Tests of Systems Development Controls  New systems must be authorized.  Feasibility studies were conducted.  User needs were analyzed and addressed.  Cost-benefit analysis was done.  Proper documentation was completed.  All program modules must be thoroughly tested before they are implemented.  Checklist of problems was kept. 5
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. System Maintenance Controls  Last, longest and most costly phase of systems development  Up to 80-90% of entire cost of a system  All maintenance actions should require  Technical specifications  Testing  Documentation updates  Formal authorizations for any changes 6
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Program Change Audit objectives: detect unauthorized program maintenance and determine that...  maintenance procedures protect applications from unauthorized changes  applications are free from material errors  program libraries are protected from unauthorized access 7
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Source Program Library  Source program library (SPL)  library of applications and software  place where programs are developed and modified  once compiled into machine language, no longer vulnerable 8
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Uncontrolled Access to the SPL 9 Figure 17-2
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Controlled SPL Environments  SPL Management Systems (SPLMS) protect the SPL by controlling the following functions:  storing programs on the SPL  retrieving programs for maintenance purposes  deleting obsolete programs from the library  documenting program changes to provide an audit trail of the changes 10
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Source Program Library under the Control of SPL Management Software 11 Figure 17-3
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. SPL Control Features  Password control  Separation of test libraries  Audit trails  Reports that enhance management control and the audit function  Assigns program version numbers automatically  Controlled access to maintenance commands 12
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Program Change  Auditing procedures: verify that programs were properly maintained, including changes  Specifically, verify…  identification and correction of unauthorized program changes  identification and correction of application errors  control of access to systems libraries 13
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Testing Application Controls  Techniques for auditing applications fall into two classes: 1. testing application controls – two general approaches: – black box – around the computer – white box – through the computer 2. examining transaction details and account balances—substantive testing 14
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Auditing Around the Computer - The Black Box Approach 15 Figure 17-9
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Auditing through the Computer: The ITF Technique 16Figure 17-14
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Testing Application Controls  Black Box Approach – focuses on input procedures and output results  To Gain need understanding…  analyze flowcharts  review documentation  conduct interviews 17
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Testing Application Controls  Auditing through-the-computer  focuses on understanding the internal logic of processes between input and output  Common tests • Authenticity tests • Accuracy tests • Completeness tests • Redundancy tests • Access tests • Audit trail tests • Rounding error tests 18
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Audit Testing Techniques  Test data method: testing for logic or control problems - good for new systems or systems which have undergone recent maintenance  base case system evaluation (BCSE) - using a comprehensive set of test transactions  tracing - performs an electronic walkthrough of the application’s internal logic  Test data methods are not fool-proof  a snapshot - one point in time examination  high-cost of developing adequate test data 19
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Audit Testing Techniques  Integrated test facility (ITF): an automated, on-going technique that enables the auditor to test an application’s logic and controls during its normal operation  Parallel simulation: auditor writes simulation programs and runs actual transactions of the client through the system 20
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. The Parallel Simulation Technique 21 Figure 17-11
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Substantive Testing  Techniques to substantiate account balances. For example:  search for unrecorded liabilities  confirm accounts receivable to ensure they are not overstated  Requires first extracting data from the system. Two technologies commonly used to select, access, and organize data are:  embedded audit module  generalized audit software 22
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Embedded Audit Module  An ongoing module which filters out non- material transactions  The chosen, material transactions are used for sampling in substantive tests  Requires additional computing resources by the client  Hard to maintain in systems with high maintenance 23
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Embedded Audit Module Technique 24Figure 17-12
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Generalized Audit Software  Very popular & widely used  Can access data files & perform operations on them:  screen data  statistical sampling methods  foot & balance  format reports  compare files and fields  recalculate data fields 25
Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Using GAS to Access Complex File Structure 26 Figure 17-14

Recommended

Pp 16-new
Pp 16-newPp 16-new
Pp 16-newSri Apriyanti Husain
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Issharing notes123
 
Pp 11-new
Pp 11-newPp 11-new
Pp 11-newSri Apriyanti Husain
 
internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relation internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relationArgentinaMorata
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Sazzad Hossain, ITP, MBA, CSCA™
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controljayussuryawan
 
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIREINTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIRESREENIVAS IYER
 
Audit Sampling for Tests of Details of Balances
Audit Sampling for Tests of Details of BalancesAudit Sampling for Tests of Details of Balances
Audit Sampling for Tests of Details of BalancesCarl Hebeler
 

Recommended

Pp 16-new
Pp 16-newPp 16-new
Pp 16-newSri Apriyanti Husain
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Issharing notes123
 
Pp 11-new
Pp 11-newPp 11-new
Pp 11-newSri Apriyanti Husain
 
internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relation internal audit function ans controller's role in investors relation
internal audit function ans controller's role in investors relationArgentinaMorata
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Sazzad Hossain, ITP, MBA, CSCA™
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controljayussuryawan
 
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIREINTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIRESREENIVAS IYER
 
Audit Sampling for Tests of Details of Balances
Audit Sampling for Tests of Details of BalancesAudit Sampling for Tests of Details of Balances
Audit Sampling for Tests of Details of BalancesCarl Hebeler
 
Governance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlGovernance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlInternational Federation of Accountants
 
Ch 1. introduction to assurance Concept & Need for Assurance
Ch 1. introduction to assurance Concept & Need for AssuranceCh 1. introduction to assurance Concept & Need for Assurance
Ch 1. introduction to assurance Concept & Need for AssuranceSazzad Hossain, ITP, MBA, CSCA™
 
Audit of the payroll and personnel cycle
Audit of the payroll and personnel cycleAudit of the payroll and personnel cycle
Audit of the payroll and personnel cyclesellyhood
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxHeldaMaryA
 
Chapter 2
Chapter 2Chapter 2
Chapter 2Vera Nataa
 
Accounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionAccounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionCase IQ
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksTommy Zul Hidayat
 
It audit ch 1
It audit ch 1It audit ch 1
It audit ch 1Ahmed Tnt
 
Fraud risk management
Fraud risk managementFraud risk management
Fraud risk managementEMAC Consulting Group
 
The Revenue Cycle
The Revenue Cycle The Revenue Cycle
The Revenue Cycle Qamar Farooq
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk AssessmentTahir Abbas
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudVidaB
 
Internal control and internal audit presentation for bank
Internal control and internal audit presentation for bankInternal control and internal audit presentation for bank
Internal control and internal audit presentation for bankMohammad Halim Stanikzai
 
8. internal control new
8. internal control new8. internal control new
8. internal control newSyed Osama Rizvi
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsjayussuryawan
 
Chapter 3
Chapter 3Chapter 3
Chapter 3EasyStudy3
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment PresentationEMAC Consulting Group
 
Pp 12-new
Pp 12-newPp 12-new
Pp 12-newSri Apriyanti Husain
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
 
Financial Reporting
Financial ReportingFinancial Reporting
Financial ReportingQasim Raza
 
Pp 13-new
Pp 13-newPp 13-new
Pp 13-newSri Apriyanti Husain
 
Pp 15-new
Pp 15-newPp 15-new
Pp 15-newSri Apriyanti Husain
 

More Related Content

What's hot

Ch 1. introduction to assurance Concept & Need for Assurance
Ch 1. introduction to assurance Concept & Need for AssuranceCh 1. introduction to assurance Concept & Need for Assurance
Ch 1. introduction to assurance Concept & Need for AssuranceSazzad Hossain, ITP, MBA, CSCA™
 
Audit of the payroll and personnel cycle
Audit of the payroll and personnel cycleAudit of the payroll and personnel cycle
Audit of the payroll and personnel cyclesellyhood
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxHeldaMaryA
 
Accounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionAccounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionCase IQ
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksTommy Zul Hidayat
 
It audit ch 1
It audit ch 1It audit ch 1
It audit ch 1Ahmed Tnt
 
The Revenue Cycle
The Revenue Cycle The Revenue Cycle
The Revenue Cycle Qamar Farooq
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk AssessmentTahir Abbas
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudVidaB
 
Internal control and internal audit presentation for bank
Internal control and internal audit presentation for bankInternal control and internal audit presentation for bank
Internal control and internal audit presentation for bankMohammad Halim Stanikzai
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsjayussuryawan
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment PresentationEMAC Consulting Group
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
 
Financial Reporting
Financial ReportingFinancial Reporting
Financial ReportingQasim Raza
 

What's hot (20)

Governance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlGovernance, Risk Management, and Internal Control
Governance, Risk Management, and Internal Control
 
Ch 1. introduction to assurance Concept & Need for Assurance
Ch 1. introduction to assurance Concept & Need for AssuranceCh 1. introduction to assurance Concept & Need for Assurance
Ch 1. introduction to assurance Concept & Need for Assurance
 
Audit of the payroll and personnel cycle
Audit of the payroll and personnel cycleAudit of the payroll and personnel cycle
Audit of the payroll and personnel cycle
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptx
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
Accounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and PreventionAccounts Payable Fraud: Keys to Detection and Prevention
Accounts Payable Fraud: Keys to Detection and Prevention
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networks
 
It audit ch 1
It audit ch 1It audit ch 1
It audit ch 1
 
Fraud risk management
Fraud risk managementFraud risk management
Fraud risk management
 
The Revenue Cycle
The Revenue Cycle The Revenue Cycle
The Revenue Cycle
 
Fraud Risk Assessment
Fraud Risk AssessmentFraud Risk Assessment
Fraud Risk Assessment
 
Chapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraudChapter 5:Recognizing the symptoms of fraud
Chapter 5:Recognizing the symptoms of fraud
 
Internal control and internal audit presentation for bank
Internal control and internal audit presentation for bankInternal control and internal audit presentation for bank
Internal control and internal audit presentation for bank
 
8. internal control new
8. internal control new8. internal control new
8. internal control new
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controls
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
Auditing In Computer Environment Presentation
Auditing In Computer Environment PresentationAuditing In Computer Environment Presentation
Auditing In Computer Environment Presentation
 
Pp 12-new
Pp 12-newPp 12-new
Pp 12-new
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...
 
Financial Reporting
Financial ReportingFinancial Reporting
Financial Reporting
 

Similar to Pp 17-new

Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkatasunil patro
 
Pp 04-new revised by hall
Pp 04-new revised by hallPp 04-new revised by hall
Pp 04-new revised by hallRoshini Balan
 
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.gueste080564
 
Technology Controls in Business - End User Computing
Technology Controls in Business - End User ComputingTechnology Controls in Business - End User Computing
Technology Controls in Business - End User Computingguestc1bca2
 
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.renetta
 
Ch-01 accounting information system .pptx
Ch-01 accounting information system .pptxCh-01 accounting information system .pptx
Ch-01 accounting information system .pptxNafeesReza1
 
IRJET- Website Health Checker
IRJET- Website Health CheckerIRJET- Website Health Checker
IRJET- Website Health CheckerIRJET Journal
 
Hp application performance center software
Hp application performance center softwareHp application performance center software
Hp application performance center softwareHP Enterprise Italia
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET Journal
 

Similar to Pp 17-new (20)

Pp 13-new
Pp 13-newPp 13-new
Pp 13-new
 
Pp 15-new
Pp 15-newPp 15-new
Pp 15-new
 
Pp 02-new
Pp 02-newPp 02-new
Pp 02-new
 
Pp 02-new
Pp 02-newPp 02-new
Pp 02-new
 
Pp 14-new
Pp 14-newPp 14-new
Pp 14-new
 
Pp 05-new
Pp 05-newPp 05-new
Pp 05-new
 
Pp 07-new
Pp 07-newPp 07-new
Pp 07-new
 
Pp 05-new
Pp 05-newPp 05-new
Pp 05-new
 
Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkata
 
Pp 04-new revised by hall
Pp 04-new revised by hallPp 04-new revised by hall
Pp 04-new revised by hall
 
Pp 04-new revised by hall
Pp 04-new revised by hallPp 04-new revised by hall
Pp 04-new revised by hall
 
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
 
Technology Controls in Business - End User Computing
Technology Controls in Business - End User ComputingTechnology Controls in Business - End User Computing
Technology Controls in Business - End User Computing
 
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
 
Ch-01 accounting information system .pptx
Ch-01 accounting information system .pptxCh-01 accounting information system .pptx
Ch-01 accounting information system .pptx
 
IRJET- Website Health Checker
IRJET- Website Health CheckerIRJET- Website Health Checker
IRJET- Website Health Checker
 
Pp 06-new
Pp 06-newPp 06-new
Pp 06-new
 
Pp 06-new
Pp 06-newPp 06-new
Pp 06-new
 
Hp application performance center software
Hp application performance center softwareHp application performance center software
Hp application performance center software
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking System
 

More from Sri Apriyanti Husain

7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...Sri Apriyanti Husain
 
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...Sri Apriyanti Husain
 
15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husain15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husainSri Apriyanti Husain
 
15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husain15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husainSri Apriyanti Husain
 
Formulir pendaftaran-s3 p ps feb ub
Formulir pendaftaran-s3 p ps feb ubFormulir pendaftaran-s3 p ps feb ub
Formulir pendaftaran-s3 p ps feb ubSri Apriyanti Husain
 
Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3Sri Apriyanti Husain
 
Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3Sri Apriyanti Husain
 
146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...
146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...
146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...Sri Apriyanti Husain
 
Review jurnal akuntansi forensik uas pp_ak kelas malam
Review jurnal akuntansi forensik uas pp_ak kelas malamReview jurnal akuntansi forensik uas pp_ak kelas malam
Review jurnal akuntansi forensik uas pp_ak kelas malamSri Apriyanti Husain
 
Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24
Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24
Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24Sri Apriyanti Husain
 
Profit over people; neoliberalism, global order 1888363894
Profit over people; neoliberalism, global order 1888363894Profit over people; neoliberalism, global order 1888363894
Profit over people; neoliberalism, global order 1888363894Sri Apriyanti Husain
 
Review disertasi pak bambang haryadi
Review disertasi pak bambang haryadiReview disertasi pak bambang haryadi
Review disertasi pak bambang haryadiSri Apriyanti Husain
 
Review disertasi pak bambang haryadi
Review disertasi pak bambang haryadiReview disertasi pak bambang haryadi
Review disertasi pak bambang haryadiSri Apriyanti Husain
 
Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014
Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014
Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014Sri Apriyanti Husain
 
Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...
Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...
Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...Sri Apriyanti Husain
 
Psak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokok
Psak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokokPsak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokok
Psak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokokSri Apriyanti Husain
 

More from Sri Apriyanti Husain (20)

7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
 
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
7. audit atas laporan keuangan pendapat auditor atas laporan keuangan dan lap...
 
15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husain15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husain
 
15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husain15 ma aksya_tafakkur ke 1_sri apriyanti husain
15 ma aksya_tafakkur ke 1_sri apriyanti husain
 
Formulir pendaftaran-s3 p ps feb ub
Formulir pendaftaran-s3 p ps feb ubFormulir pendaftaran-s3 p ps feb ub
Formulir pendaftaran-s3 p ps feb ub
 
Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3
 
Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3Informasi pendaftaran pasca s2 & s3
Informasi pendaftaran pasca s2 & s3
 
Tugas regresi berganda
Tugas regresi bergandaTugas regresi berganda
Tugas regresi berganda
 
Alfamart
AlfamartAlfamart
Alfamart
 
146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...
146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...
146020300111009 sri apriyanti husain review jurnal_metode penelitian non posi...
 
Review jurnal akuntansi forensik uas pp_ak kelas malam
Review jurnal akuntansi forensik uas pp_ak kelas malamReview jurnal akuntansi forensik uas pp_ak kelas malam
Review jurnal akuntansi forensik uas pp_ak kelas malam
 
Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24
Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24
Review jurnal akuntansi forensik uas pp_ak kelas malam angkatan 24
 
Profit over people; neoliberalism, global order 1888363894
Profit over people; neoliberalism, global order 1888363894Profit over people; neoliberalism, global order 1888363894
Profit over people; neoliberalism, global order 1888363894
 
Review disertasi pak bambang haryadi
Review disertasi pak bambang haryadiReview disertasi pak bambang haryadi
Review disertasi pak bambang haryadi
 
Review disertasi full
Review disertasi fullReview disertasi full
Review disertasi full
 
Review disertasi pak bambang haryadi
Review disertasi pak bambang haryadiReview disertasi pak bambang haryadi
Review disertasi pak bambang haryadi
 
Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014
Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014
Psak 65-laporan-keuangan-konsolidasian-ifrs-10-consolidated-fs-22012014
 
Psak 62-kontrak-asuransi-140212
Psak 62-kontrak-asuransi-140212Psak 62-kontrak-asuransi-140212
Psak 62-kontrak-asuransi-140212
 
Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...
Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...
Psak 58-aset-tidak-lancar-yang-dimiliki-untuk-dijual-dan-operasi-yang-dihenti...
 
Psak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokok
Psak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokokPsak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokok
Psak 55-pengakuan-instrumen-keuangan-ias-39-18122013-pokok
 

Recently uploaded

Financial institutions facilitate financing, economic transactions, issue fun...
Financial institutions facilitate financing, economic transactions, issue fun...Financial institutions facilitate financing, economic transactions, issue fun...
Financial institutions facilitate financing, economic transactions, issue fun...Avanish Goel
 
VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...
VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...
VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...Suhani Kapoor
 
BPPG response - Options for Defined Benefit schemes - 19Apr24.pdf
BPPG response - Options for Defined Benefit schemes - 19Apr24.pdfBPPG response - Options for Defined Benefit schemes - 19Apr24.pdf
BPPG response - Options for Defined Benefit schemes - 19Apr24.pdfHenry Tapper
 
Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111Sapana Sha
 
Mulki Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Mulki Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesMulki Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Mulki Call Girls 7001305949 WhatsApp Number 24x7 Best Servicesnajka9823
 
Stock Market Brief Deck for 4/24/24 .pdf
Stock Market Brief Deck for 4/24/24 .pdfStock Market Brief Deck for 4/24/24 .pdf
Stock Market Brief Deck for 4/24/24 .pdfMichael Silva
 
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...makika9823
 
government_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdfgovernment_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdfshaunmashale756
 
Instant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School SpiritInstant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School Spiritegoetzinger
 
How Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of ReportingHow Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of ReportingAggregage
 
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With RoomVIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Roomdivyansh0kumar0
 
Financial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and DisadvantagesFinancial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and Disadvantagesjayjaymabutot13
 
Attachment Of Assets......................
Attachment Of Assets......................Attachment Of Assets......................
Attachment Of Assets......................AmanBajaj36
 
Lundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfLundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfAdnet Communications
 
Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex
 
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Bladex 1Q24 Earning Results Presentation
Bladex 1Q24 Earning Results PresentationBladex 1Q24 Earning Results Presentation
Bladex 1Q24 Earning Results PresentationBladex
 
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escortsranjana rawat
 

Recently uploaded (20)

Financial institutions facilitate financing, economic transactions, issue fun...
Financial institutions facilitate financing, economic transactions, issue fun...Financial institutions facilitate financing, economic transactions, issue fun...
Financial institutions facilitate financing, economic transactions, issue fun...
 
VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...
VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...
VIP Call Girls LB Nagar ( Hyderabad ) Phone 8250192130 | ₹5k To 25k With Room...
 
BPPG response - Options for Defined Benefit schemes - 19Apr24.pdf
BPPG response - Options for Defined Benefit schemes - 19Apr24.pdfBPPG response - Options for Defined Benefit schemes - 19Apr24.pdf
BPPG response - Options for Defined Benefit schemes - 19Apr24.pdf
 
Monthly Economic Monitoring of Ukraine No 231, April 2024
Monthly Economic Monitoring of Ukraine No 231, April 2024Monthly Economic Monitoring of Ukraine No 231, April 2024
Monthly Economic Monitoring of Ukraine No 231, April 2024
 
Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111
 
Mulki Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Mulki Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesMulki Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Mulki Call Girls 7001305949 WhatsApp Number 24x7 Best Services
 
Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024
 
Stock Market Brief Deck for 4/24/24 .pdf
Stock Market Brief Deck for 4/24/24 .pdfStock Market Brief Deck for 4/24/24 .pdf
Stock Market Brief Deck for 4/24/24 .pdf
 
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
 
government_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdfgovernment_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdf
 
Instant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School SpiritInstant Issue Debit Cards - High School Spirit
Instant Issue Debit Cards - High School Spirit
 
How Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of ReportingHow Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of Reporting
 
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With RoomVIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
 
Financial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and DisadvantagesFinancial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and Disadvantages
 
Attachment Of Assets......................
Attachment Of Assets......................Attachment Of Assets......................
Attachment Of Assets......................
 
Lundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfLundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdf
 
Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024
 
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Bladex 1Q24 Earning Results Presentation
Bladex 1Q24 Earning Results PresentationBladex 1Q24 Earning Results Presentation
Bladex 1Q24 Earning Results Presentation
 
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Maya Call 7001035870 Meet With Nagpur Escorts
 

Pp 17-new

  • 1. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Accounting Information Systems, 8e James A. Hall Chapter 17 IT Controls Part III: Systems Development, Program Changes, and Application Controls
  • 2. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Objectives for Chapter 17  Be familiar with the controls and audit tests relevant to the systems development process.  Understand the risks and controls associated with program change procedures and the role of the source program library.  Understand the auditing techniques (CAATTs) used to verify the effective functioning of application controls.  Understand the auditing techniques used to perform substantive tests in an IT environment. 2
  • 3. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Systems Development Controls Controllable activities that distinguish an effective systems development process include:  Systems authorization  User specification  Technical design  Internal audit participation  Program testing  User test and acceptance procedures 3
  • 4. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Auditor’s objectives The auditor’s objectives are to ensure that  all systems development activities are applied consistently and follow management’s policies  system as originally implemented was free from material errors and fraud  system was judged necessary and justified at checkpoints throughout the SDLC, and  system documentation is sufficiently accurate and complete to facilitate audit and maintenance activities. 4
  • 5. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Tests of Systems Development Controls  New systems must be authorized.  Feasibility studies were conducted.  User needs were analyzed and addressed.  Cost-benefit analysis was done.  Proper documentation was completed.  All program modules must be thoroughly tested before they are implemented.  Checklist of problems was kept. 5
  • 6. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. System Maintenance Controls  Last, longest and most costly phase of systems development  Up to 80-90% of entire cost of a system  All maintenance actions should require  Technical specifications  Testing  Documentation updates  Formal authorizations for any changes 6
  • 7. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Program Change Audit objectives: detect unauthorized program maintenance and determine that...  maintenance procedures protect applications from unauthorized changes  applications are free from material errors  program libraries are protected from unauthorized access 7
  • 8. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Source Program Library  Source program library (SPL)  library of applications and software  place where programs are developed and modified  once compiled into machine language, no longer vulnerable 8
  • 9. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Uncontrolled Access to the SPL 9 Figure 17-2
  • 10. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Controlled SPL Environments  SPL Management Systems (SPLMS) protect the SPL by controlling the following functions:  storing programs on the SPL  retrieving programs for maintenance purposes  deleting obsolete programs from the library  documenting program changes to provide an audit trail of the changes 10
  • 11. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Source Program Library under the Control of SPL Management Software 11 Figure 17-3
  • 12. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. SPL Control Features  Password control  Separation of test libraries  Audit trails  Reports that enhance management control and the audit function  Assigns program version numbers automatically  Controlled access to maintenance commands 12
  • 13. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Program Change  Auditing procedures: verify that programs were properly maintained, including changes  Specifically, verify…  identification and correction of unauthorized program changes  identification and correction of application errors  control of access to systems libraries 13
  • 14. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Testing Application Controls  Techniques for auditing applications fall into two classes: 1. testing application controls – two general approaches: – black box – around the computer – white box – through the computer 2. examining transaction details and account balances—substantive testing 14
  • 15. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Auditing Around the Computer - The Black Box Approach 15 Figure 17-9
  • 16. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Auditing through the Computer: The ITF Technique 16Figure 17-14
  • 17. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Testing Application Controls  Black Box Approach – focuses on input procedures and output results  To Gain need understanding…  analyze flowcharts  review documentation  conduct interviews 17
  • 18. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Testing Application Controls  Auditing through-the-computer  focuses on understanding the internal logic of processes between input and output  Common tests • Authenticity tests • Accuracy tests • Completeness tests • Redundancy tests • Access tests • Audit trail tests • Rounding error tests 18
  • 19. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Audit Testing Techniques  Test data method: testing for logic or control problems - good for new systems or systems which have undergone recent maintenance  base case system evaluation (BCSE) - using a comprehensive set of test transactions  tracing - performs an electronic walkthrough of the application’s internal logic  Test data methods are not fool-proof  a snapshot - one point in time examination  high-cost of developing adequate test data 19
  • 20. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Audit Testing Techniques  Integrated test facility (ITF): an automated, on-going technique that enables the auditor to test an application’s logic and controls during its normal operation  Parallel simulation: auditor writes simulation programs and runs actual transactions of the client through the system 20
  • 21. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. The Parallel Simulation Technique 21 Figure 17-11
  • 22. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Substantive Testing  Techniques to substantiate account balances. For example:  search for unrecorded liabilities  confirm accounts receivable to ensure they are not overstated  Requires first extracting data from the system. Two technologies commonly used to select, access, and organize data are:  embedded audit module  generalized audit software 22
  • 23. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Embedded Audit Module  An ongoing module which filters out non- material transactions  The chosen, material transactions are used for sampling in substantive tests  Requires additional computing resources by the client  Hard to maintain in systems with high maintenance 23
  • 24. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Embedded Audit Module Technique 24Figure 17-12
  • 25. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Generalized Audit Software  Very popular & widely used  Can access data files & perform operations on them:  screen data  statistical sampling methods  foot & balance  format reports  compare files and fields  recalculate data fields 25
  • 26. Hall, Accounting Information Systems, 8e ©2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,in whole or in part. Using GAS to Access Complex File Structure 26 Figure 17-14