Scribd Logo
Upload

Welcome to Scribd!

  • 26 views

    The Impact of Information Technology On The Audit Process

    Uploaded by

    Louis Valentino

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    The Impact of Information Technology On The Audit Process

    Uploaded by

    Louis Valentino
    26 views38 pages

    Original Title

    Arens14e_ch12_ppt

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    26 views38 pages

    The Impact of Information Technology On The Audit Process

    Uploaded by

    Louis Valentino

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 38

    The Impact of Information

    Technology on the Audit


    Process

    Chapter 12
    http://downloadslide.blogspot.com

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 5-5


    Learning Objective 1

    Describe how IT improves internal control.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 2


    How Information Technologies
    Enhance Internal Control

    Computer controls
    replace manual
    controls

    Higher-quality
    information is
    available

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 3


    Learning Objective 2

    Identify risks that arise from using an IT-


    based accounting system.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 4


    Assessing Risks of
    Information Technologies
     Risks to hardware and data

     Reduced audit trail

     Need for IT experience and


    separation of IT duties

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 5


    Risks to Hardware and Data

    Reliance on Unauthorized
    hardware and access
    software

    Systematic
    vs.
    Data loss random errors

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 6


    Reduced Audit Trail

    Visibility of
    audit trail

    Lack of
    traditional Detection risk
    authorization

    Reduced
    human
    involvement
    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 7
    Need for IT Experience and
    Separation of Duties
     Reduced separation of duties

     Need for IT experience

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 8


    Learning Objective 3

    Explain how general controls and application


    controls reduce IT risks.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 9


    Internal Controls Specific to
    Information Technology
    Information technology controls

    Application General
    controls controls

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 10


    Relationship Between General
    and Application Controls

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 11


    Categories of General and
    Application Controls

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 12


    Administration of the IT
    Function
    The perceived importance of IT within an
    organization is often dictated by the attitude of
    the board of directors and senior management.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 13


    Segregation of IT Duties

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 14


    Systems Development

    Typical test
    strategies

    Pilot testing Parallel testing

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 15


    Physical and Online Security

    Online Controls:
     User ID control
     Password control
     Separate add-on
    security software
    Physical Controls:
     Keypad entrances
     Badge-entry systems
     Security cameras
     Security personnel
    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 16
    Backup and Contingency
    Planning
    Offsite storage of critical files is a key
    element to a backup and contingency plan

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 17


    Hardware Controls

    These controls are built into computer


    equipment by the manufacturer to
    detect and report equipment failures.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 18


    Application Controls

    Application controls are designed for each


    software application

    Input Output
    controls controls

    Processing
    controls
    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 19
    Input Controls

    These controls are designed by an


    organization to ensure that the
    information being processed is
    authorized, accurate, and complete.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 20


    Batch Input Controls

    Financial total Total for all


    records in a batch

    Total of codes
    Hash total from all batch
    records

    Total of records
    Record count
    in a batch

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 21


    Processing Controls
    Correct file,
    Validation test database, or program?
    Correct
    Sequence test processing order?
    Arithmetic Accuracy of
    accuracy test processed data?
    Data reasonableness Data exceeds
    test preset amounts?
    Completeness
    Completeness test of record fields?
    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 22
    Output Controls

    These controls focus on detecting errors


    after processing is completed rather
    than on preventing errors.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 23


    Learning Objective 4

    Describe how general controls affect the


    auditor’s testing of application controls.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 24


    Impact of Information Technology on
    the Audit Process
     Effects of general controls on system-wide
    applications
     Effects of general controls on software changes
     Obtaining an understanding of client
    general controls
     Relating IT controls to transaction-related
    audit objectives
     Effect of IT controls on substantive testing

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 25


    Auditing in IT Environments
    with Varied Complexity
    Audit around
    LESS the computer
    Smaller IT controls
    companies < effective

    Audit though
    MORE the computer
    Parallel
    Test data
    simulation
    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 26
    Auditing Around and Through
    the Computer

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 27


    Learning Objective 5

    Use test data, parallel simulation, and


    embedded audit module approaches when
    auditing through the computer.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 28


    Test Data Approach

    1. Test data should include all relevant


    conditions that the auditor wants tested.

    2. Application programs tested by the


    auditors’ test data must be the same as
    those the client used throughout the year.

    3. Test data must be eliminated from the


    client’s records.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 29


    Test Data Approach
    Input test
    transactions to test
    key control
    procedures

    Application programs Transaction files


    Master files (assume batch system) (contaminated?)

    Control test
    Contaminated results
    master files

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 30


    Test Data Approach

    Control test
    results

    Auditor-predicted results
    Auditor makes of key control procedures
    comparisons based on an understanding
    of internal control

    Differences between
    actual outcome and
    predicted result
    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 31
    Parallel Simulation

    The auditor uses auditor-controlled software


    to perform parallel operations to the client’s
    software by using the same data files.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 32


    Parallel Simulation
    Production Master
    transactions file

    Auditor-prepared Client application


    program system programs

    Auditor Client
    results results

    Auditor makes comparisons between Exception report


    client’s application system output and noting differences
    the auditor-prepared program output
    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 33
    Embedded Audit Module
    Approach
    Auditor inserts an audit module in the
    client’s application system to identify
    specific types of transactions.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 34


    Embedded Audit Module
    Approach

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 35


    Learning Objective 6

    Identify issues for e-commerce systems and


    other specialized IT environments.

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 36


    Issues for Different IT
    Environments
    Network Database
    Environments Management
    Systems

    Outsourced e-Commerce
    IT systems

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 37


    End of Chapter 12

    ©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 5-5

    You might also like