This document provides an introduction to Computer Assisted Auditing Techniques (CAAT). It discusses two main audit methodologies in a computer environment: auditing around the computer using a "black box" approach, and auditing through the computer using a "white box" approach. The black box approach treats the computer as a bookkeeping machine without examining internal processing, while the white box approach examines internal workings to verify system controls and testing. CAAT techniques allow auditors to test entire populations of transactions more efficiently compared to traditional audit sampling methods.
3. INTRODUCTION TO CAAT
Auditing means the systematic examination &
verification of accounts books, transactions etc.
Till computing age auditing was done manually.
Auditing task became simple by the introduction to
the computing system.
This is an approach to audit the accounts using
computer software.
Business audit analysis became faster & accurate
after computer systems.
4. AUDIT ANALYSIS
Trend analysis is the analysis of changes in an
account balance over time.
Ratio analysis is the comparison of
relationships between financial statement
accounts, the comparison of an account with
non-financial data, or the comparison of
relationships between firms in an industry.
Reasonableness testing is the analysis of
account balances or changes in account
balances within an accounting period in terms of
their “reasonableness” in light of expected
relationships between accounts.
Statistical analysis is the analysis of data using
statistical methods.
5. AUDIT METHODOLOGIES
IN COMPUTER ENVIRONMENT
1. Audit around computer
(black box approach)
2. Audit through computer
(white box approach)
6. AUDIT AROUND COMPUTER
(BLACK BOX APPROACH)
Early days approach
Computer functions
replicated manual
processes in a
straightforward fashion.
And we let computer to
perform trail of work
tasks.
Ignoring what was
happening inside the
computer.
A reliance is completely
on the EDP(Electronic
Data Processing) system.
7. AUDIT AROUND COMPUTER
SYSTEM VERYFICATION
To ensure correct & complete data being
made available for processing.
To ensure checks & controls on output for
accuracy & completeness.
To provide adequate data security.
To prevent unauthorized alterations.
To provide for error detection & correction.
8. AUDIT AROUND COMPUTER
SUMMERY
In this approach computers are considered as another type
of bookkeeping machine.
Here the auditor simply audits the input given & the output
delivered by the system without checking the authenticity
of the processing performed within.
The assumption is that the processing is accurate & as
desired.
10. AUDIT THROUGH COMPUTER
(WHITE BOX APPROACH)
Auditor examines the internal working
of the computer system.
The auditor can verify the program
herself & technically satisfy herself
that systems, checks, controls, error
detection & data security procedures
are satisfactory.
Auditor uses test-checks to test the
system in operation.
11. AUDIT THROUGH COMPUTER
AUDITOR’S MAIN CONCERN
To check system controls.
Examination & testing of
computer implemented controls.
To improve quality of audit.
To reduce time spent on
detailed verification of
transactions.
13. TECHNIQUES
CATEGORIES
Auditors have recognized that the power &
speed of computers can greatly assist them in
their work.
CAAT can be used to help audit in more
effective, efficient & timely manner.
There are two general categories:
1. CAATs for retrieving data;
2. CAATs for verifying system
controls.
14. ADVANTAGES OVER TRADITIONAL
METHODS
Auditors in a traditional method audit with limited
sample of population & generalized their
conclusion based on the limited sample
population which may not be true every time.
However, with CAAT techniques every
transaction can be audited & variations could
be detected.
Also CAAT helps the auditors in testing specific
15. TECHNIQUES
ADVANTAGES OVER TRADITIONAL METHODS - EXAMPLE
TRADITIONAL METHOD:
An insurance company may want to ensure that it doesn't pay any
claims after a policy is terminated.
Using traditional audit techniques this risk would be very difficult to
test.
The auditor would randomly select a statistically valid sample of
claims .
They would then check to see if any of those claims were
processed after a policy was terminated.
Since the insurance company might process millions of claims the
odds that any of those randomly selected claims occurred after the
policy was terminated is extremely unlikely.
16. TECHNIQUES
ADVANTAGES OVER TRADITIONAL METHODS – EXAMPLE
Continued…
CAAT METHOD:
Using CAAT the auditor can select claim that had
a date of service after the policy termination date.
The auditor then can determine if any claims
were inappropriately paid.
If they were, the auditor can then figure out why
the controls to prevent this failed.
CAATs are used to simplify or automate the data
analysis process.