Chapter 9.4 & 11.4 Paper F8 Audit and Assurance (International) ations/student_accountant/archive/sa_aug09_byrn.

Slides:



Advertisements
Similar presentations
Internal Control in a Financial Statement Audit
Advertisements

Audit of Autonomous District Councils (in an IT environment using FAAM)
Overview of Transaction Processing and Enterprise Resource Planning Systems Chapter 2.
Auditing Concepts.
Auditing Computer-Based Information Systems
Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.
Auditing Computer-Based Information Systems
The Islamic University of Gaza
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.
MODERN AUDITING 7th Edition
Computer Assisted Audit Techniques
4-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 4 Materiality and Risk.
Concurrent Auditing Techniques
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Auditing Auditing & Automated Systems Chapter 22 Auditing & Automated Systems Chapter 22.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley The Impact of Information Technology on the Audit.
Overview of Transaction Processing and Enterprise Resource Planning Systems Chapter 2.
Chapter 13 Auditing Information Technology
INTERNAL CONTROL OVER FINANCIAL REPORTING
Chapter 12/2 Audit Software Techniques
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
The Islamic University of Gaza
Auditing Internal Control over Financial Reporting
Charteredaccountants.com.au/training Fundamentals of Auditing in 2007 Chartered Accountants Audit Conference ASA 530 – Audit Sampling and Other Means of.
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
Chapter 5 Internal Control over Financial Reporting
Auditing Complex EDP Systems
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Implications of Information Technology for the Audit Process
Internal Control in a Financial Statement Audit
Copyright © 2007 Pearson Education Canada 1 Chapter 13: Audit of the Sales and Collection Cycle: Tests of Controls.
Understanding the IT environment of the entity. Session objectives Defining contours of financial accounting in an IT environment and its characteristics.
S4: Understanding the IT environment of the entity.
THE STUDY & EVALUATION OF INTERNAL CONTROL. Definition Professional Standards Data-Oriented  Small, simple systems  Weaker controls System-Oriented.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Chapter 6 Internal Control in a Financial Statement Audit Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution.
Copyright © 2007 Pearson Education Canada 5-1 Chapter 5: Audit Responsibilities and Objectives.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
AUDIT IN COMPUTERIZED ENVIRONMENT
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.
Auditing Data Management Systems Chapter 3 with added info.
IS 630 : Accounting Information Systems Auditing Computer-based Information Systems Lecture 10.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.
MODERN AUDITING 7th Edition Developed by: Gregory K. Lowry, MBA, CPA Saint Paul’s College John Wiley & Sons, Inc. William C. Boynton California Polytechnic.
Audit Evidence Process
Chapter 10 Auditing the Revenue Process McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Copyright © 2007 Pearson Education Canada 1 Chapter 11: Overall Audit Plan and Audit Program.
Specialized Audit Tools: Sampling and Generalized Audit Software
The Impact of Information Technology on the Audit Process
Chapter 8-1 Chapter 8 Accounting Information Systems Information Technology Auditing Dr. Hisham madi.
Chapter 3-Auditing Computer-based Information Systems.
1 CHAPTER 5 - b INTERNAL CONTROL OVER FINANCIAL REPORTING.
F8: Audit and Assurance. 2 Designed to give you knowledge and application of: Section A: Audit Framework and Regulation Section B: Internal audit Section.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
8 INTERNAL CONTROL. Definition Duty  mgt (CEO)  Board  Internal auditor  Employee  External person.
Auditing Concepts.
Internal Control in a Financial Statement Audit
PLANNING, MATERIALITY AND ASSESSING THE RISK OF MISSTATEMENT
Developing the Overall Audit Plan and Audit Program
Auditing Information Technology
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
Auditing & Investigations I
Dr. Donald McConnell Jr. The University of Texas at Arlington
Effects of IT on Consideration of Internal Control in a Financial Statement Audit Dr. Donald McConnell Jr. 12/1/2018.
Types of CAATs Session 3.
AUDIT TESTS.
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Presentation transcript:

Chapter 9.4 & 11.4 Paper F8 Audit and Assurance (International) ations/student_accountant/archive/sa_aug09_byrn e.pdf December 14, 10 IK University of Greenwich 1

 Understand controls in a computer-based environment and the impact on the audit. December 14, 10 IK University of Greenwich 2

 Identify weaknesses and associated risks within a computerised environment.  Suggest internal control improvements to a computerised environment, make this applicable to particular control objectives and assertions.  Discuss the impact a computerised environment has on audit risk and audit procedures. December 14, 10 IK University of Greenwich 3

 Discuss the application and general controls within a computerised environment.  Discuss the use of CAATs and practically incorporate CAATs in audit procedures; discuss benefits and disadvantages associated with CAATs. December 14, 10 IK University of Greenwich 4

December 14, 10 IK University of Greenwich 5

2 Types of IT controls: 1. General 2. Application Controls in a computerised environment comprise of: 1. Manual procedures & 2. Procedures designed into the computer program December 14, 10 IK University of Greenwich 6

 Remember: 1. ISA 300 – Planning an audit of f/s 2. ISA 315 – Identify and assess the risk of material misstatement through understanding the entity and its environment 3. ISA 330 – The auditor’s responses to assessed risks December 14, 10 IK University of Greenwich 7

December 14, 10 IK University of Greenwich 8

December 14, 10 IK University of Greenwich 9

December 14, 10 IK University of Greenwich 10

DEFINITION “(1)application controls relate to procedures(manual/operated) used to initiate, record, process and report (2)transactions or other financial data. These controls help(3) ensure that transactions occurred, are authorised and are completely and accurately recorded and processed (ISA 315 (Redrafted)).” (ensure integrity of accounting records) December 14, 10 IK University of Greenwich 11

DEFINITION continued… (4)Application controls normally function at business process level for instance sales, purchases and wages procedures. (5)These controls can be both preventative or detective. December 14, 10 IK University of Greenwich 12

December 14, 10 IK University of Greenwich 13

December 14, 10 IK University of Greenwich 14

December 14, 10 IK University of Greenwich 15

 DEFINITION  Policies and procedures that relate to many applications and support the effective functioning of application controls by ensuring continued proper operation of information systems.  General IT controls that maintain the integrity of information and security of data. December 14, 10 IK University of Greenwich 16

 DEFINITION continued  Commonly include controls over data centre and network operations, system software acquisition, change and maintenance, access security, application system acquisition, development and maintenance.  Effectiveness usually essential to effectiveness of application controls. First assess general controls before assessing application controls. December 14, 10 IK University of Greenwich 17

December 14, 10 IK University of Greenwich 18

December 14, 10 IK University of Greenwich 19

December 14, 10 IK University of Greenwich 20

December 14, 10 IK University of Greenwich 21

 The auditors will have to consider how general controls affect the computer applications that are significant to the audit.  Based on this they will test some or all general controls.  First review general controls as these play a big role in application controls. December 14, 10 IK University of Greenwich 22

 Give two examples of each type of General control: December 14, 10 IK University of Greenwich 23

 Should manual controls provide reasonable assurance that system output is: 1. Complete 2. Accurate 3. Authorised  Auditor may decide to focus on manual controls instead of computerised controls. December 14, 10 IK University of Greenwich 24

 If the auditor needs to test information produced by the computer or contained within the computer->test controls by examining output (manually or computerised).  Output can be printouts, microfilm or magnetic media.  The auditor can also choose to test the control via computer. December 14, 10 IK University of Greenwich 25

 If IMPRACTICLE OR IMPOSSIBLE to test controls by examining user controls or system output, test controls by: 1. Using computer 2. Reprocessing data OR 3. Examining coding of application program. December 14, 10 IK University of Greenwich 26

 Generalised audit software Packaged computer programs used on a variety of computers during audit field work to read computer files, select information, perform calculations, create data files, and print reports in a format specified by the auditor. December 14, 10 IK University of Greenwich 27

 Application of auditing procedures using the computer as audit tool. 3 Main categories of CAATs: 1. Audit software 2. Test data 3. Other December 14, 10 IK University of Greenwich 28

Definition: Computer software used to interrogate a client’s computer files; mainly used for SUBSTANTIVE testing. Types of programs: 1. Package (Generalised, pre-prepared for use on different types of systems. Not adapted for a specific system.) 2. Purpose-written (Perform specific functions. Can be adapted to client’s system. Costly) December 14, 10 IK University of Greenwich 29

3. Enquiry programs (These are part of the client’s system. Used to do things like:  Sort and print data  Accounting software with search facilities within modules could be used for things like finding customers with credit balances or inventory items in excess of a certain amount. December 14, 10 IK University of Greenwich 30

 The auditor uses this to scrutinise LARGE volumes of data. The review of the data by the software produces results that should be investigated further. The software has program logic to perform functions like: 1. Select a sample 2. Report exceptional items 3. Compare files December 14, 10 IK University of Greenwich 31

4. Analyse, summarise and stratify (group based on certain criteria). See further examples p 206 of BPP set text December 14, 10 IK University of Greenwich 32

 Definition: Data submitted by the auditor to be processed by the client’s computer system. The results are compared with pre- determined results  Can be used to test controls such as access controls. Can also be used to test processing characteristics (eg input invalid data).  Dummy data will be processed that include errors & data that are correct December 14, 10 IK University of Greenwich 33

Examples of errors. Input:  supplier account codes that do not exist  employees earning in excess of a certain limit  sales invoices that contain addition errors  data with incorrect batch control totals. Two test environments: Live (within client’s production run; could corrupt client’s master files) December 14, 10 IK University of Greenwich 34

 Dead – Outside normal processing, use copies of master files. Less assurance that client’s normal/actual production programs were used. December 14, 10 IK University of Greenwich 35

 Live test data can corrupt files – removal of data may be difficult.  Dead test data does not necessarily use the same programme as the actual client system used within the accounting process.  Test data only tests the operation of the system at a single point in time. December 14, 10 IK University of Greenwich 36

 Integrated test facility – run test data live, but use dummy records, such as dummy departments or dummy customers to which dummy data can be processed. These dummy items can then be ignored when records are printed out and can easily be reversed. Note that this can also be grouped under Test data.  Embedded audit facilities-the auditor’s own program code is resident in the client’s application software.(use at selected times or every time the application program is used) December 14, 10 IK University of Greenwich 37

 1)Create a SCARF (system control and review file. Gather and review live info for subsequent audit review.)  2)Spot and record/tagging. (Gather transactions that meet the auditors’ definition of exceptional as per the code in the auditor software). Disadvantages of embedded audit software: Costly & might require auditor input at development stage of client software. December 14, 10 IK University of Greenwich 38

 It does not alter the key stages in the process.  Impact on planning (ISA 300): The overall audit strategy must incorporate the availability of data and the expected use of CAATS.  Impact on risk assessment (ISA 315) Auditor needs to understand information systems as part of understanding internal control relevant to the client. December 14, 10 IK University of Greenwich 39

 If the auditor places reliance on internal controls on an assertion level he needs to understand and test both manual and automated controls.  Impact on testing (ISA 330) Auditor needs to design and perform audit procedures whose nature, timing and extent are based on the assessed risk of material misstatement at the assertion level. December 14, 10 IK University of Greenwich 40

 Def: The auditor reconciles input to output and does not test the processing of transactions.  Why? In the past this was done because of limited audit software. Cost is still an issue.  What is the antonym of around the machine? Through the machine, this is the approach where we use CAATs to test satisfactory operation of computer-based application controls. December 14, 10 IK University of Greenwich 41

 In small computer-based systems IF the auditor can gain sufficient evidence by testing input and output. December 14, 10 IK University of Greenwich 42

 Auditors can test programme controls and general internal controls associated with computers.  Increases the speed at which items can be tested & testing is more accurate.  Actual transactions instead of paper records are tested, paper records might not reflect actual transactions. December 14, 10 IK University of Greenwich 43

 Cost-effective in the long term IF the client does not change his/her system.  Results from CAATs can be compared with results from non-CAATs. Correlation increases confidence.  See steps in applying CAATs – p205. December 14, 10 IK University of Greenwich 44

December 14, 10 IK University of Greenwich 45

1. Read chapter 9, section 4 of the textbook.(p152) 2. Read chapter 11, section 4 of the textbook(p205) 3.Read ountant/archive/sa_aug09_byrne.pdf 3. BPP ACCA F8 Textbook Q9.3 (p156) +11(p341) 4. BPP ACCA F8 Textbook Q11.5 (p213) 5. Give examples of how you’d use CAATS to test wages. December 14, 10 IK University of Greenwich 46

1. You are the audit manager for a new client PPP Ltd – a client with a highly computerised accounting environment. Discuss your considerations in planning the financial statement audit. 2.Upon receiving a management report with numerous control weaknesses, the audit committee of AAA Plc mandated a review of the total internal control structure of the company. December 14, 10 IK University of Greenwich 47

As manager of the accounting department, a department that relies heavily on computers, they’ve asked you to draft a proposal of general and application controls that can be implemented in your department. December 14, 10 IK University of Greenwich 48

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.