Auditing & Investigations I IT in Auditing

Computer-assisted audit techniques Note Computer-assisted audit techniques

1. Introduction Computer-assisted audit techniques (CAATs) are the applications of auditing procedures using the computer as an audit tool. The overall objectives and scope of an audit do not change when an audit is conducted in a computerized environment. The application of auditing procedures may require auditors to consider techniques that use the computer as an audit tool.

CAAT CAATs may be used in performing various auditing procedures, including the following: Tests of details of transactions and balances Analytical review procedures Tests of computer information system controls

Application of CAAT Major Steps: Set the objective of the CAAT application Determine the content and accessibility of the entity's files. Define the transaction types to be tested. Define the procedures to be performed on the data. Define the output requirements.

Cont’d Identify the audit and computer personnel who may participate in the design and application of the CAAT Refine the estimates of costs and benefits Ensure that the use of the CAAT is properly controlled and documented. Arrange the administrative activities, including the necessary skills and computer facilities Execute the CAAT application Evaluate the results

Types of CAATs Audit software - consists of computer programs used by the auditors, as part of their auditing procedures, to process data of audit significance from the entity's accounting system. Test data - used in conducting audit procedures by entering data into an entity's computer system, and comparing the results obtained with pre-determined results.

Advantages of CAAT Auditors can test program controls as well as general internal controls associated with computers. Auditors can test a greater number of items more quickly and accurately than would be the case otherwise. Auditors can test transactions rather than paper records of transactions that could be incorrect.

Cont’d CAATs are cost effective in the long term if the client does not change its systems. Results from CAATs can be compared with results from traditional testing – if the results correlate, overall confidence is increased.

Disadvantages Setting up the software needed for CAATs can be time consuming and expensive. Audit staff will need to be trained so they have a sufficient level of IT knowledge to apply CAATs. Not all client systems will be compatible with the software used with CAATs. There is a risk that live client data is corrupted and lost during the use of CAATs.

End Thank you

Practical Approaches to Sampling Planning the Sample

Practical Example The auditor of the company wishes to use statistical sampling in order to audit sales and accounts receivable in an efficient and effective way. The following data has been extracted. Total sales for the year $2m Approximate number of invoices 14,000 Maximum error from any cause $10,000 Audit risk assessment High How many invoices should he select?

Solution Using tables of the Poisson probability distribution he would assess high risk as a confidence level of 95% with a zero expectation of error. This is the same as an audit risk of 5%. The tables would provide a reliability (R factor) of 3. Note that a medium risk would give an R factor of 2 and a low risk would give an R factor of 1.

Solution The sample size is the ratio of R factor/error rate. In this example an error of $10,000 is an error rate of = 0.5%. This would indicate a sample size of = 600 items. Sample sizes vary with risk. If the audit risk was low the sample size would fall to or 200 items.

End Thank you