Professional Documents
Culture Documents
Chap 4 - Audit in Automated Environment
Chap 4 - Audit in Automated Environment
in
4
Marks
0
May-18 Nov-18 May-19 Nov-19 May-20 Nov-20 May-21 -
Series1 4 4 5 4
*From May 2019, Marks are given only for subjective questions.
take place. You are required to name the components and its example of
Q.2 SA 315 requires the auditor to obtain an understanding of the entity and
Or
of the following:
Q.3 In a controls-based audit, the audit approach can be classified into three
Or
Or
Audit:
A. Planning Stage
disclosures.
misstatement.
Narratives.
end process.
B. Executing Stage
Controls Governance.
• Segregation of duties,
Application Controls.
C. Reporting Stage
Information
produced by
the entity at
completion
stage
Q.4 The volatility, unpredictability and pace of fast changes that exists in the
have a need to continuously manage such risks. State various risks which
environment today is far greater than in the past. Some of the reasons
1. Market Risks;
5. Operational Risks;
6. Credit Risk;
9. Environmental Risks.
any, which in the opinion of the Board may threaten the existence
of the company.
controls.
3. Program change.
4. Access security.
application controls.
3. Limit Checks.
4. Reasonable Checks.
(i) Price master configured in the sales master can only be edited by
(ii) Invoice cannot be booked in SAP in case Purchase orders are not
approved.
(iii) Inventory ageing report is pulled out from the system based on which
(iv) All invoices are signed by warehouse personnel before the goods are
(v) Credit limit is assigned to the customer and goods cannot be sold in
manager.
(vii) Ageing report is pulled out from SAP based on which provisioning is
controller.
(viii)PO, GRN (Good received note) and invoice are matched by the system
order.
pulled out from the system after which provision for inventory
is manually approved.
(iv) Manual control as sign off is required to be done for the invoice
crossed.
(vi) Manual control as sign off is required for every change to the
credit limit.
Q.10 Distinguish between: Direct Entity Level Controls and Indirect Entity
Level Controls.
Or
While evaluating the risks and controls at entity level, the Auditor should
take cognizance of the prevalent direct and indirect entity level controls
operating in the entity. Explain what they pertain to with few examples.
[May 18 (4 Marks)]
Answer: Direct Entity Level Controls (ELCs) and Indirect Entity Level
Controls:
Direct ELCs
ELCs are:
Indirect ELCs
auditors can apply the concepts of data analytics for several aspects of
Or
can be used to get various insights into the way business operates. This
to the organization
following:
1. Preliminary Analytics;
2. Risk Assessment;
3. Control Testing;
5. Evaluation of Deficiencies;
and the data analytics methods used in an audit are known as Computer
Answer: Suggested approach to get the benefit from the use of CAATs:
(iii) Section 404 of SOX Act, 2002: Section 404 of Sarbanes Oxley
--------------------------