Auditing and assurance services 14e by arens chapter 12
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (1.04 MB, 38 trang )
The Impact of Information
Technology on the Audit
Process
Chapter 12
/>gvn/
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
5-5
Learning Objective 1
Describe how IT improves internal control.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 2
How Information Technologies
Enhance Internal Control
Computer controls
replace manual
controls
Higher-quality
information is
available
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 3
Learning Objective 2
Identify risks that arise from using an ITbased accounting system.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 4
Assessing Risks of
Information Technologies
Risks to hardware and data
Reduced audit trail
Need for IT experience and
separation of IT duties
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 5
Risks to Hardware and Data
Reliance on
hardware and
software
Data loss
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
Unauthorized
access
Systematic
vs.
random errors
12 - 6
Reduced Audit Trail
Visibility of
audit trail
Lack of
traditional
authorization
Detection risk
Reduced
human
involvement
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 7
Need for IT Experience and
Separation of Duties
Reduced separation of duties
Need for IT experience
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 8
Learning Objective 3
Explain how general controls and application
controls reduce IT risks.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 9
Internal Controls Specific to
Information Technology
Information technology controls
Application
controls
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
General
controls
12 - 10
Relationship Between General
and Application Controls
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 11
Categories of General and
Application Controls
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 12
Administration of the IT
Function
The perceived importance of IT within an
organization is often dictated by the attitude of
the board of directors and senior management.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 13
Segregation of IT Duties
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 14
Systems Development
Typical test
strategies
Pilot testing
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
Parallel testing
12 - 15
Physical and Online Security
Online Controls:
User ID control
Password control
Separate add-on
security software
Physical Controls:
Keypad entrances
Badge-entry systems
Security cameras
Security personnel
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 16
Backup and Contingency
Planning
Offsite storage of critical files is a key
element to a backup and contingency plan
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 17
Hardware Controls
These controls are built into computer
equipment by the manufacturer to
detect and report equipment failures.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 18
Application Controls
Application controls are designed for each
software application
Input
controls
Output
controls
Processing
controls
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 19
Input Controls
These controls are designed by an
organization to ensure that the
information being processed is
authorized, accurate, and complete.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 20
Batch Input Controls
Financial total
Hash total
Record count
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
Total for all
records in a batch
Total of codes
from all batch
records
Total of records
in a batch
12 - 21
Processing Controls
Validation test
Correct file,
database, or program?
Sequence test
Correct
processing order?
Arithmetic
accuracy test
Accuracy of
processed data?
Data reasonableness
test
Data exceeds
preset amounts?
Completeness test
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
Completeness
of record fields?
12 - 22
Output Controls
These controls focus on detecting errors
after processing is completed rather
than on preventing errors.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 23
Learning Objective 4
Describe how general controls affect the
auditor’s testing of application controls.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 24
Impact of Information Technology on
the Audit Process
Effects of general controls on system-wide
applications
Effects of general controls on software changes
Obtaining an understanding of client
general controls
Relating IT controls to transaction-related
audit objectives
Effect of IT controls on substantive testing
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 25
