COMPUTERIZED AUDIT TOOLS

391. AUDIT SOFTWARE – computer programs used to process data of audit significance from the

client’s accounting system

a. Package programs (generalized audit software)

1. Reading computer files

2. Selecting samples

3. Performing calculations

4. Creating data files

5. Printing reports in an auditor-specified format

b. Purpose written programs (special purpose or custom designed programs)

c. Utility programs – they are generally not designed for audit purposes

2. Electronic spreadsheets – contain a variety of predefined mathematical operations and functions

that can be applied to data entered into the cells of a spreadsheet

3. Automated work paper software – designed to generate a trial balance, lead schedules, and

other reports useful for the audit. The schedules and reports can be created once the auditor

has either manually entered or electronically imported through using the client’s account

balance information into the system

4. Text retrieval software – allow user to view any text that ia available in an electronic format. The

software program allows the user to browse through text files much as a user would browse

through books.

5. Database management systems

6. Public databases

7. Word processing software

Factors to consider in using CAAT

1. Degree of technical competence in CIS

2. Availability of CAAT and appropriate computer facilities

3. Impracticability of manual tests

4. Effectiveness and efficiency

5. Timing of tests
Controlling the CAAT application

Procedures to control the use of AUDIT SOFTWARE may include:

1. Participating in the design and testing of computer programs

2. Checking the coding of the program

3. Requesting the client’s CIS personnel to review the operating system instructions

4. Running the audit software on small test files before running them on main data files

5. Ensuring that the correct files were used

6. Obtaining evidence that the audit software functioned as planned

7. Establishing appropriate security measures to safeguard against manipulations of the entity’s

data files

Procedures to control the use of TEST DATA may include:

1. Controlling the sequence of submission of test data where it spans several processing cycles

2. Performing test runs

3. Predicting the results of test data

4. Confirming that the current version of the program was used

5. Obtaining reasonable assurance that the programs used to process the test data were used by

the entity throughout the applicable audit period