SlideShare a Scribd company logo

Computer-Assisted Audit Tools and Techniques

Download as PPTX, PDF
_
_supriadi

Be familiar with the classes of transaction input controls used by accounting applications. Understand the objectives and techniques used to implement processing controls, including run-to-run, operator inventions, and audit trail controls. Understand the methods used to establish effective output controls for both batch and real-time systems.

Education
1 of 22
COMPUTER-ASSISTED AUDIT TOOLS AND TECHNIQUES Supriadi 11353104780
Learning Objectives • Be familiar with the classes of transaction input controls used by accounting applications. • Understand the objectives and techniques used to implement processing controls, including run-to-run, operator inventions, and audit trail controls. • Understand the methods used to establish effective output controls for both batch and real-time systems. 10/01/2017 1
Input Controls • Programmed procedures also known as edits or validation controls. • Perform tests on transaction data to ensure they are error free before processing. Three categories: • Field interrogation involves programmed procedures to examine the characteristics of the data in the field: • Common data input errors are (1) transcription (addition truncation or substitution) and (2) transposition errors. These problems are controlled with Check digits. • Missing data checks are used to check for blank spaces. • Numeric-alphabetic check identify data in the wrong form. • Limit checks test for amounts that exceed authorized limits. • Range checks for upper & lower limits of acceptable values. • Validity checks compare actual against acceptable values. 2
Validation During Data Input 3
Validation in Batch Sequential File System 4
Input Controls • Record interrogation procedures valid records by examining the interrelationship of its field values. • Reasonableness check determines if a value is reasonable when considered alone with other data fields. • Sign check verifies the sign of the field is correct. • Sequence check use to determine if a record is out of order. • File interrogation is to ensure the correct file is being processed: • Internal and external label checks verify the file being processed is the one being called for. • Version checks are used to verify the correct version is being processed. 5
Processing Controls • Run-to-run controls monitor a batch as it moves from one run to another and ensures: • All records are processed, no record processed more than once. • A transaction audit trail is created. • Accomplished through batch control data that includes: unique batch number, date, transaction code, record count, total dollar value (control total), and a hash total. 10/01/2017 6
Processing Controls • Common error handling techniques: • Correct immediately: With the direct data validation approach, error detection and correction can take place during data entry. • Create an error file: Individual errors are flagged to prevent them from being processed, corrected and resubmitted as a separate batch for reprocessing. • Reject the batch: Some errors are associated with the entire batch making the best solution to cease processing. 10/01/2017 7
Run-to-Run Controls 8
Processing Controls • Operator intervention increases potential for human error. Systems with operator intervention controls less prone to processing errors. • Preservation of audit trail important objective of process control. • Transaction logs should record every transaction successfully processed by the system. • All automatically generated transactions should be included in the log with the responsible end user receiving a detailed listing. • Each transaction processed must have a unique identifier. • A listing of all error records should go to the appropriate user to support error correction and resubmission. 9
Transaction Log to Preserve the Audit Trail 10
Stages in the Output Process 11
Output Controls • Ensure system output is not lost, misplaced or corrupted and that privacy policy not violated. Controls for batch system output include: • Output spooling directs output to a magnetic disk rather than to the printer. When resources become available output files are printed. • Creation of the output file presents an added exposure for a computer criminal to access, copy or destroy the file. 12
Output Controls • Print program requires operator interventions to print, monitor and remove the output. Program controls are designed to: • Prevent unauthorized copies and unauthorized browsing of sensitive data by employees. • Printed output reports go through the bursting stage to have pages separated and collated. • Primary control is supervision. • Computer waste represents a potential risk. • Should be shredded before disposal. 13
Output Controls • Data control group sometimes responsible for verifying accuracy of output before distribution. • Report distribution risks include reports being lost, stolen or misdirected. • Secure mailboxes, in person pickup or secured delivery. • End user control include error checking and secure storage until report’s expiration period has expired. • Real-time output threats include interception, disruption, destruction or corruption of output. 14
Computer Aided Audit Tools & Techniques for Testing Controls • Test data method used to establish the application processing integrity. • Results from test run compared to predetermined expectations to evaluate application logic and controls. • Test data includes both valid and invalid transactions. • Base case system evaluation (BCSE) is a variant of test data method in which comprehensive test data goes through repetitive testing until a valid base case is obtained. • When application is modified, subsequent test (new) results can be compared with previous results (base). 15
Test Data Technique 16
Computer Aided Audit Tools & Techniques for Testing Controls • Tracing takes step-by-step walk of application’s internal logic. • Advantages of test data technique: • Provide explicit evidence concerning application function. • Can be employed with only minimal disruption. • Require only minimal auditor computer expertise. • Disadvantages of test data technique: • Auditors must rely on computer services personnel to obtain a copy of the application for testing. • Provides static picture of application integrity and not a convenient means of gathering evidence about ongoing application functionality. • Relatively high cost to implement, auditing inefficiency. 10/01/2017 17
The Integrated Test Facility (ITF) • Automated technique allows auditors to test logic and controls during normal operations by setting up a dummy entity within the application system. • System discriminates between ITF and routine transactions. • Auditor analyzes ITF results against expected results. • Advantages of ITF: • Supports ongoing monitoring of controls as specified by COSO control framework. • Applications can be economically tested without disrupting user operations and without the intervention of computer service personnel, improving efficiency and reliability. • Primary disadvantage of ITF is potential for corrupting data files. 10/01/2017 18
ITF Technique 19
Parallel Simulation • Requires auditor to write program that simulates key features or processes of application under review. • Auditor gains a thorough understanding of application under review and identifies critical processes and controls. • Auditor creates the simulation using program or Generalized Audit Software (GAS). • Auditor runs the simulated program using selected data and files. • Auditor evaluates results and reconciles differences. • Auditor must carefully evaluate differences between test results and production results. 20
Parallel Simulation Technique 21

Recommended

Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and AuditingAmith Reddy
 
Chapter 4 security part ii auditing database systems
Chapter 4 security part ii auditing database systemsChapter 4 security part ii auditing database systems
Chapter 4 security part ii auditing database systemsjayussuryawan
 
James hall ch 8
James hall ch 8James hall ch 8
James hall ch 8David Julian
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controlTommy Zul Hidayat
 
Parallel simulation
Parallel simulationParallel simulation
Parallel simulationkzoe1996
 
09.2 audit siklus pembelian dan pembayaran
09.2 audit siklus pembelian dan pembayaran09.2 audit siklus pembelian dan pembayaran
09.2 audit siklus pembelian dan pembayaranMulyadi Yusuf
 
Auditing the expenditure cycle
Auditing the expenditure cycleAuditing the expenditure cycle
Auditing the expenditure cycleAngela Torres
 

Recommended

Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and AuditingAmith Reddy
 
Chapter 4 security part ii auditing database systems
Chapter 4 security part ii auditing database systemsChapter 4 security part ii auditing database systems
Chapter 4 security part ii auditing database systemsjayussuryawan
 
James hall ch 8
James hall ch 8James hall ch 8
James hall ch 8David Julian
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controlTommy Zul Hidayat
 
Parallel simulation
Parallel simulationParallel simulation
Parallel simulationkzoe1996
 
09.2 audit siklus pembelian dan pembayaran
09.2 audit siklus pembelian dan pembayaran09.2 audit siklus pembelian dan pembayaran
09.2 audit siklus pembelian dan pembayaranMulyadi Yusuf
 
Auditing the expenditure cycle
Auditing the expenditure cycleAuditing the expenditure cycle
Auditing the expenditure cycleAngela Torres
 
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Sreekanth Narendran
 
James hall ch 6
James hall ch 6James hall ch 6
James hall ch 6David Julian
 
Generalized audit-software
Generalized audit-softwareGeneralized audit-software
Generalized audit-softwarekzoe1996
 
Test Data Approach
Test Data ApproachTest Data Approach
Test Data Approachkzoe1996
 
Integrated Test Facility
Integrated Test FacilityIntegrated Test Facility
Integrated Test Facilitykzoe1996
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controljayussuryawan
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized EnvironmentDr. Sushil Bansode
 
James hall ch 5
James hall ch 5James hall ch 5
James hall ch 5David Julian
 
Lecture 8 transaction processing system- james a. hall book chapter 2
Lecture 8 transaction processing system- james a. hall book chapter 2Lecture 8 transaction processing system- james a. hall book chapter 2
Lecture 8 transaction processing system- james a. hall book chapter 2Habib Ullah Qamar
 
03.2 application control
03.2 application control03.2 application control
03.2 application controlMulyadi Yusuf
 
James hall ch 2
James hall ch 2James hall ch 2
James hall ch 2David Julian
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and ControlAsad Raza
 
Lecture 1 accounting information system, an overview
Lecture 1 accounting information system, an overviewLecture 1 accounting information system, an overview
Lecture 1 accounting information system, an overviewHabib Ullah Qamar
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
Chapter 5: Accounting in ERP Systems
Chapter 5: Accounting in ERP SystemsChapter 5: Accounting in ERP Systems
Chapter 5: Accounting in ERP SystemsQuang Ngoc
 
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...Lecture 18 revenue cycle - accounting information systesm james a. hall boo...
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...Habib Ullah Qamar
 
Pp 05-new
Pp 05-newPp 05-new
Pp 05-newSri Apriyanti Husain
 
Conducting an Information Systems Audit
Conducting an Information Systems Audit Conducting an Information Systems Audit
Conducting an Information Systems Audit Sreekanth Narendran
 
Accounting system and control
Accounting system and controlAccounting system and control
Accounting system and controlRaziya Hameed
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptxdotco
 
3.42211- CIS Audit.pdf
3.42211- CIS Audit.pdf3.42211- CIS Audit.pdf
3.42211- CIS Audit.pdfNehemiah27
 

More Related Content

What's hot

Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Sreekanth Narendran
 
Generalized audit-software
Generalized audit-softwareGeneralized audit-software
Generalized audit-softwarekzoe1996
 
Test Data Approach
Test Data ApproachTest Data Approach
Test Data Approachkzoe1996
 
Integrated Test Facility
Integrated Test FacilityIntegrated Test Facility
Integrated Test Facilitykzoe1996
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controljayussuryawan
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized EnvironmentDr. Sushil Bansode
 
Lecture 8 transaction processing system- james a. hall book chapter 2
Lecture 8 transaction processing system- james a. hall book chapter 2Lecture 8 transaction processing system- james a. hall book chapter 2
Lecture 8 transaction processing system- james a. hall book chapter 2Habib Ullah Qamar
 
03.2 application control
03.2 application control03.2 application control
03.2 application controlMulyadi Yusuf
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and ControlAsad Raza
 
Lecture 1 accounting information system, an overview
Lecture 1 accounting information system, an overviewLecture 1 accounting information system, an overview
Lecture 1 accounting information system, an overviewHabib Ullah Qamar
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
Chapter 5: Accounting in ERP Systems
Chapter 5: Accounting in ERP SystemsChapter 5: Accounting in ERP Systems
Chapter 5: Accounting in ERP SystemsQuang Ngoc
 
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...Lecture 18 revenue cycle - accounting information systesm james a. hall boo...
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...Habib Ullah Qamar
 
Conducting an Information Systems Audit
Conducting an Information Systems Audit Conducting an Information Systems Audit
Conducting an Information Systems Audit Sreekanth Narendran
 
Accounting system and control
Accounting system and controlAccounting system and control
Accounting system and controlRaziya Hameed
 

What's hot (20)

Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
Information Systems Control and Audit - Chapter 4 - Systems Development Manag...
 
James hall ch 6
James hall ch 6James hall ch 6
James hall ch 6
 
Generalized audit-software
Generalized audit-softwareGeneralized audit-software
Generalized audit-software
 
Test Data Approach
Test Data ApproachTest Data Approach
Test Data Approach
 
Integrated Test Facility
Integrated Test FacilityIntegrated Test Facility
Integrated Test Facility
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal control
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized Environment
 
James hall ch 5
James hall ch 5James hall ch 5
James hall ch 5
 
Lecture 8 transaction processing system- james a. hall book chapter 2
Lecture 8 transaction processing system- james a. hall book chapter 2Lecture 8 transaction processing system- james a. hall book chapter 2
Lecture 8 transaction processing system- james a. hall book chapter 2
 
03.2 application control
03.2 application control03.2 application control
03.2 application control
 
James hall ch 2
James hall ch 2James hall ch 2
James hall ch 2
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and Control
 
Lecture 1 accounting information system, an overview
Lecture 1 accounting information system, an overviewLecture 1 accounting information system, an overview
Lecture 1 accounting information system, an overview
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information System
 
Chapter 5: Accounting in ERP Systems
Chapter 5: Accounting in ERP SystemsChapter 5: Accounting in ERP Systems
Chapter 5: Accounting in ERP Systems
 
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...Lecture 18 revenue cycle - accounting information systesm james a. hall boo...
Lecture 18 revenue cycle - accounting information systesm james a. hall boo...
 
Pp 05-new
Pp 05-newPp 05-new
Pp 05-new
 
Conducting an Information Systems Audit
Conducting an Information Systems Audit Conducting an Information Systems Audit
Conducting an Information Systems Audit
 
Accounting system and control
Accounting system and controlAccounting system and control
Accounting system and control
 

Similar to Computer-Assisted Audit Tools and Techniques

CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptxdotco
 
3.42211- CIS Audit.pdf
3.42211- CIS Audit.pdf3.42211- CIS Audit.pdf
3.42211- CIS Audit.pdfNehemiah27
 
Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkatasunil patro
 
Information system audit
Information system audit Information system audit
Information system audit Jayant Dalvi
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...
Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...
Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...Chromatography & Mass Spectrometry Solutions
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.pptr209777z
 
Software Engineering Introduction
Software Engineering IntroductionSoftware Engineering Introduction
Software Engineering IntroductionrajeswaricseAvinuty
 
Information system audit
Information system audit Information system audit
Information system audit Jayant Dalvi
 
Auditing in computerized environment.pptx
Auditing in computerized environment.pptxAuditing in computerized environment.pptx
Auditing in computerized environment.pptxinfantemiliya18
 
unit-2_20-july-2018 (1).pptx
unit-2_20-july-2018 (1).pptxunit-2_20-july-2018 (1).pptx
unit-2_20-july-2018 (1).pptxPriyaFulpagare1
 
CISA_WK_1.pptx
CISA_WK_1.pptxCISA_WK_1.pptx
CISA_WK_1.pptxdotco
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsjayussuryawan
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsTommy Zul Hidayat
 
Information system audit 2
Information system audit 2 Information system audit 2
Information system audit 2 Jayant Dalvi
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentKugendranMani
 

Similar to Computer-Assisted Audit Tools and Techniques (20)

CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
 
3.42211- CIS Audit.pdf
3.42211- CIS Audit.pdf3.42211- CIS Audit.pdf
3.42211- CIS Audit.pdf
 
Icai seminar kolkata
Icai seminar kolkataIcai seminar kolkata
Icai seminar kolkata
 
Information system audit
Information system audit Information system audit
Information system audit
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 
Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...
Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...
Chromatography Data System: Getting It “Right First Time” Seminar Series – Pa...
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.ppt
 
UNIT TESTING.pptx
UNIT TESTING.pptxUNIT TESTING.pptx
UNIT TESTING.pptx
 
Software Engineering Introduction
Software Engineering IntroductionSoftware Engineering Introduction
Software Engineering Introduction
 
Audit and Assurance
Audit and AssuranceAudit and Assurance
Audit and Assurance
 
Information system audit
Information system audit Information system audit
Information system audit
 
ISTQB foundation level - day 2
ISTQB foundation level - day 2ISTQB foundation level - day 2
ISTQB foundation level - day 2
 
Auditing in computerized environment.pptx
Auditing in computerized environment.pptxAuditing in computerized environment.pptx
Auditing in computerized environment.pptx
 
unit-2_20-july-2018 (1).pptx
unit-2_20-july-2018 (1).pptxunit-2_20-july-2018 (1).pptx
unit-2_20-july-2018 (1).pptx
 
CISA_WK_1.pptx
CISA_WK_1.pptxCISA_WK_1.pptx
CISA_WK_1.pptx
 
Epitome Corporate PPT
Epitome Corporate PPTEpitome Corporate PPT
Epitome Corporate PPT
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controls
 
Chapter 2 auditing it governance controls
Chapter 2 auditing it governance controlsChapter 2 auditing it governance controls
Chapter 2 auditing it governance controls
 
Information system audit 2
Information system audit 2 Information system audit 2
Information system audit 2
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environment
 

Recently uploaded

SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 

Recently uploaded (20)

SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 

Computer-Assisted Audit Tools and Techniques

  • 2. Learning Objectives • Be familiar with the classes of transaction input controls used by accounting applications. • Understand the objectives and techniques used to implement processing controls, including run-to-run, operator inventions, and audit trail controls. • Understand the methods used to establish effective output controls for both batch and real-time systems. 10/01/2017 1
  • 3. Input Controls • Programmed procedures also known as edits or validation controls. • Perform tests on transaction data to ensure they are error free before processing. Three categories: • Field interrogation involves programmed procedures to examine the characteristics of the data in the field: • Common data input errors are (1) transcription (addition truncation or substitution) and (2) transposition errors. These problems are controlled with Check digits. • Missing data checks are used to check for blank spaces. • Numeric-alphabetic check identify data in the wrong form. • Limit checks test for amounts that exceed authorized limits. • Range checks for upper & lower limits of acceptable values. • Validity checks compare actual against acceptable values. 2
  • 5. Validation in Batch Sequential File System 4
  • 6. Input Controls • Record interrogation procedures valid records by examining the interrelationship of its field values. • Reasonableness check determines if a value is reasonable when considered alone with other data fields. • Sign check verifies the sign of the field is correct. • Sequence check use to determine if a record is out of order. • File interrogation is to ensure the correct file is being processed: • Internal and external label checks verify the file being processed is the one being called for. • Version checks are used to verify the correct version is being processed. 5
  • 7. Processing Controls • Run-to-run controls monitor a batch as it moves from one run to another and ensures: • All records are processed, no record processed more than once. • A transaction audit trail is created. • Accomplished through batch control data that includes: unique batch number, date, transaction code, record count, total dollar value (control total), and a hash total. 10/01/2017 6
  • 8. Processing Controls • Common error handling techniques: • Correct immediately: With the direct data validation approach, error detection and correction can take place during data entry. • Create an error file: Individual errors are flagged to prevent them from being processed, corrected and resubmitted as a separate batch for reprocessing. • Reject the batch: Some errors are associated with the entire batch making the best solution to cease processing. 10/01/2017 7
  • 10. Processing Controls • Operator intervention increases potential for human error. Systems with operator intervention controls less prone to processing errors. • Preservation of audit trail important objective of process control. • Transaction logs should record every transaction successfully processed by the system. • All automatically generated transactions should be included in the log with the responsible end user receiving a detailed listing. • Each transaction processed must have a unique identifier. • A listing of all error records should go to the appropriate user to support error correction and resubmission. 9
  • 11. Transaction Log to Preserve the Audit Trail 10
  • 12. Stages in the Output Process 11
  • 13. Output Controls • Ensure system output is not lost, misplaced or corrupted and that privacy policy not violated. Controls for batch system output include: • Output spooling directs output to a magnetic disk rather than to the printer. When resources become available output files are printed. • Creation of the output file presents an added exposure for a computer criminal to access, copy or destroy the file. 12
  • 14. Output Controls • Print program requires operator interventions to print, monitor and remove the output. Program controls are designed to: • Prevent unauthorized copies and unauthorized browsing of sensitive data by employees. • Printed output reports go through the bursting stage to have pages separated and collated. • Primary control is supervision. • Computer waste represents a potential risk. • Should be shredded before disposal. 13
  • 15. Output Controls • Data control group sometimes responsible for verifying accuracy of output before distribution. • Report distribution risks include reports being lost, stolen or misdirected. • Secure mailboxes, in person pickup or secured delivery. • End user control include error checking and secure storage until report’s expiration period has expired. • Real-time output threats include interception, disruption, destruction or corruption of output. 14
  • 16. Computer Aided Audit Tools & Techniques for Testing Controls • Test data method used to establish the application processing integrity. • Results from test run compared to predetermined expectations to evaluate application logic and controls. • Test data includes both valid and invalid transactions. • Base case system evaluation (BCSE) is a variant of test data method in which comprehensive test data goes through repetitive testing until a valid base case is obtained. • When application is modified, subsequent test (new) results can be compared with previous results (base). 15
  • 18. Computer Aided Audit Tools & Techniques for Testing Controls • Tracing takes step-by-step walk of application’s internal logic. • Advantages of test data technique: • Provide explicit evidence concerning application function. • Can be employed with only minimal disruption. • Require only minimal auditor computer expertise. • Disadvantages of test data technique: • Auditors must rely on computer services personnel to obtain a copy of the application for testing. • Provides static picture of application integrity and not a convenient means of gathering evidence about ongoing application functionality. • Relatively high cost to implement, auditing inefficiency. 10/01/2017 17
  • 19. The Integrated Test Facility (ITF) • Automated technique allows auditors to test logic and controls during normal operations by setting up a dummy entity within the application system. • System discriminates between ITF and routine transactions. • Auditor analyzes ITF results against expected results. • Advantages of ITF: • Supports ongoing monitoring of controls as specified by COSO control framework. • Applications can be economically tested without disrupting user operations and without the intervention of computer service personnel, improving efficiency and reliability. • Primary disadvantage of ITF is potential for corrupting data files. 10/01/2017 18
  • 21. Parallel Simulation • Requires auditor to write program that simulates key features or processes of application under review. • Auditor gains a thorough understanding of application under review and identifies critical processes and controls. • Auditor creates the simulation using program or Generalized Audit Software (GAS). • Auditor runs the simulated program using selected data and files. • Auditor evaluates results and reconciles differences. • Auditor must carefully evaluate differences between test results and production results. 20