Module 6: Business Application Software Audit Chapter 1: Business Application Software Audit 1.

Slides:



Advertisements
Similar presentations
Internal Control in a Financial Statement Audit
Advertisements

COBIT® 5 for Assurance Introduction
Presentation Subject Header Connected for Success Appendix C- Audit Requirements Economic Benchmarking Backcast Data Template.
Information System Assurance Practices in China Key players doing IS Assurance In China Regulatory Regime and Professional Organizations -Regulatory AuthoritiesRegulatory.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Quality evaluation and improvement for Internal Audit
Internal Control in a Financial Statement Audit
The Information Systems Audit Process
SAFA- IFAC Regional SMP Forum
Mª ANGELA JIMENEZ 1 UNIT 4. EXTERNAL AUDIT BASIS CONCEPTS.
1 Performance Auditing  In IT Environment  Evidence Gathering & Analysis Techniques  Computer Assisted Techniques  Use of IDEA.
COBIT®. COBIT - Control Objectives for Information and related Technology C OBI T was initially created by the Information Systems Audit & Control Foundation.
1 Homologues Group Meeting Slovenia, October 2009 Republika SlovenijaEuropean Union Ljubljana, October 2009 Introduction to IT audits PART II IT.
Audit objectives, Planning The Audit
This Lecture Covers Review of Internal Control Definitions.
Chapter Three IT Risks and Controls.
Internal Control in a Financial Statement Audit
Audit Planning & Audit Evidence
Internal Control in a Financial Statement Audit
Chapter 8: Client Risk Profile and Documentation
Evaluation of Internal Control System
Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Audit Planning and Types of Audit Tests Chapter Five.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 5-1 Chapter Five Audit Planning and Types of Audit Tests Chapter.
Chapter 6 Internal Control in a Financial Statement Audit Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution.
1 Internal Audit. 2 Definition Is an independent activity established by management to examine and evaluate the organization’s risk management processes.
1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.
ISSAI 400 Compliance Auditing
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
COBIT®. COBIT® - Control Objectives for Information and related Technology. C OBI T was initially created by the Information Systems Audit & Control Foundation.
ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.
MODULE 7: CONDUCT OF GOVERNANCE AUDIT GOVERNANCE AUDITOR ACCREDITATION COURSE.
LECTURE 5 Nangwonvuma M/ Byansi D. Components, interfaces and integration Infrastructure, Middleware and Platforms Techniques – Data warehouses, extending.
COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
Chapter 4 : Audit Program and Audit Notes T.Y. B com (Honours) Academic Year : Trimester : V.
AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
 Planning an audit of cost statements, records and other related documents is considered necessary to ensure achievement of audit objectives with available.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
ACC 403 Something Great For More Tutorials
Jean-Pierre Garitte Budapest 29 March 2017
Internal Control in a Financial Statement Audit
Internal Control Principles
Software Quality Control and Quality Assurance: Introduction
COBIT® 5 for Assurance Introduction
Auditing & Investigations II
PLANNING, MATERIALITY AND ASSESSING THE RISK OF MISSTATEMENT
Internal Control in a Financial Statement Audit
Auditing & Investigations II
Materiality and Risk Chapter 8.
The ISSAIs for Financial Audit ISSAIs
MODULE 2 INTRODUCTION TO GOVERNANCE AUDIT
Internal control objectives
Prof. Joshua Onome Imoniana
INTRODUCTION TO Compliance audit METHODOLGY and CAM
COSO Internal Control s Framework
Megan Zietsman, Task Force Chair IAASB Meeting, New York, USA
PERFOMING THE AUDIT & EVALUATION OF MISSTATEMENTS
COBIT® 5 for Assurance Introduction
COBIT® 5 for Assurance Introduction
Statement of Auditing Standard No. 94
Change Management and COBIT®. ISACA London Chapter Presentation
COBIT 5: Framework, BMIS, Implementation and future Information Security Guidance Presented by.
COBIT® 5 for Assurance Introduction
OBJECTIVE AND GENERAL PRINCIPLES GOVERNING AN AUDIT OF FINANCIAL STATEMENTS Lecture 2.
An overview of Internal Controls Structure & Mechanism
Security Policies and Implementation Issues
Presentation transcript:

Module 6: Business Application Software Audit Chapter 1: Business Application Software Audit 1

Basic 2

Learning Objectives 3

4

5

6

Part 1: Enterprise Business Models 7

Introduction 8

Business Models and Controls 9

10

Business Model, Business Process and Business Applications 11

Business Process 12

Business Processes and Control Structure 13

Business Applications “Business Application”, may be defined as applications used by entity to run its business. The consideration is whether the said application covers / incorporates the key business processes of the entity. Another important consideration is whether the control structure as available in the Business Application is appropriate to help entity achieve its goals. 14

Business Applications 15

Business Model and Risk Assessment 16

Auditing Standards 17

Auditing Standards 18

Auditing Standards 19

Auditing Standards 20

Steps To Audit 21

Internal Audit Standards 22

Risk Assessment for a Business Application used by entity 23

Risk Assessment for a Business Application used by entity 24

Risk Assessment for a Business Application used by entity 25

Case Study 26

Case Study 27

Case Study 28

Conclusion: The part addressed the following. 29

Case for participants 30

Part 2: Business Application Software as per Enterprises Business Model 31

Introduction 32

Business Application Software: Parameters of selection 33

Business Application Software: Parameters of selection 34

Business Application Software: Parameters of selection 35

Types Business applications can be classified based on processing type or source or based on function covered. The most critical way for management is based in function it performs. 36

Types 37

Types Other Business Applications: 38

Types Other Business Applications: 39

Key Features and Controls for Business Applications 40

Conclusion: This part dealt with 41

Questions 42

1. Initial adoption of Business Model adopted by an organisation is dependent upon: 43 A. Business Applications B. Business Objective C. Controls in business applications D. Business Laws Answer: B Business Objectives shall be the prime reason for adoption of business models. Other answers may be valid reasons but are never the first reason for adoption of a specific business model. “A business model describes the rationale of how an organization creates, delivers, and captures value (economic, social, cultural, or other forms of value). The process of business model construction is part of business strategy.”rationaleorganizationbusiness strategy

2. The first activity to be assessed by IS Auditor is: _____________. 44 A. Business Application B. Business Controls C. Business Model D. Business Laws Answer: C Business Model, needs to be assessed first by IS Auditor. The, b and d, are assessment to be made later on. As an IS Auditor it becomes important to understand the business model adopted by an organisation for a better understanding of risk associated with business model adopted by an organisation.

3. Arrange the following in chronological order 45 A. Establishing the expected degree of reliance to be placed on internal control B. Determining and programming the nature, timing, and extent of the audit procedures to be performed C. Coordinating the work to be performed D. Acquiring knowledge of the client’s accounting system, policies and internal control procedures The correct serial order: A, B, C, D D, A, B, C D, C, B, A B, C, D, A Answer: B As per SA 00 SA 00 on “OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH STANDARDS ON AUDITING, the steps to audit as mentioned at point b.

4. ISACA ITAF 1202, states IS auditor needs the following for an enterprise: 46 A. Inherent Risk and Audit Risk. B. Detection Risk and Control Risk. C. Subject matter risk and Audit risk. D. None of above Answer: B ISACA ITAF 1202, states IS auditor needs to consider subject matter risk and audit risk. Subject matter risk, relates to business risk, country risk, contract risks. Audit risk, is define as auditor reaching incorrect conclusion after an audit. The components of audit risk being control risk, inherent risk and detection risk.

5. The best definition which fits ‘COBIT 5’ is that it is a: 47 A. Business framework for the governance and management of enterprise IT. B. System Audit Tool C. Management tool for corporate governance D. IT management tool Answer: A COBIT 5 can be best described as “Business framework for the governance and management of enterprise IT by ‘a’. Other answers are part of COBIT framework but not full Framework.

Thank you! Questions? 48