Presentation is loading. Please wait.

Presentation is loading. Please wait.

12 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "12 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12."— Presentation transcript:

1

2 12 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12

3 12 - 2 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Learning Objective 1 Describe how IT improves internal control.

4 12 - 3 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder How Information Technologies Enhance Internal Control Computer controls replace manual controls. Higher-quality information is available.

5 12 - 4 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Learning Objective 2 Identify risks that arise from using an IT-based accounting system.

6 12 - 5 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Assessing Risks of Information Technologies Reliance on the capabilities of hardware and software Visibility of audit trail Reduced human involvement Systematic versus random errors

7 12 - 6 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Assessing Risks of Information Technologies Unauthorized access Unauthorized access Loss of data Reduced segregation of duties Reduced segregation of duties Lack of traditional authorization Need for IT experience

8 12 - 7 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Learning Objective 3 Explain how general controls and application controls reduce IT risks.

9 12 - 8 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Internal Controls Specific to Information Technology General controls Application controls

10 12 - 9 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Relationship Between General and Administrative Controls Cash receipts applicationcontrols SalesapplicationscontrolsPayrollapplicationcontrols Other cycle applicationcontrols GENERAL CONTROLS Risk of unauthorized change to application software Risk of system crash Risk of unauthorized master file update Risk of unauthorized processing

11 12 - 10 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder General Controls Administration of the IT function Segregation of IT duties Systems development Physical and online security Backup and contingency planning Hardware controls

12 12 - 11 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Administration of the IT Function The perceived importance of IT within an organization is often dictated by the attitude of the board of directors and senior management.

13 12 - 12 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Segregation of IT Duties Chief Information Officer or IT Manager SystemsDevelopmentOperationsDataControl Security Administrator

14 12 - 13 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Systems Development Typical test strategies Pilot testing Parallel testing

15 12 - 14 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Physical and Online Security Physical Controls:  Keypad entrances  Badge-entry systems  Security cameras  Security personnel Online Controls:  User ID control  Password control  Separate add-on security software

16 12 - 15 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Backup and Contingency Planning One key to a backup and contingency plan is to make sure that all critical copies of software and data files are backed up and stored off the premises.

17 12 - 16 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Hardware Controls These controls are built into computer equipment by the manufacturer to detect and report equipment failures.

18 12 - 17 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Application Controls Input controls Processingcontrols Output controls

19 12 - 18 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Input Controls These controls are designed by an organization to ensure that the information being processed is authorized, accurate, and complete.

20 12 - 19 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Batch Input Controls Financial total Hash total Record count

21 12 - 20 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Processing Controls Validation test Sequence test Arithmetic accuracy test Data reasonableness test Completeness test

22 12 - 21 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Output Controls These controls focus on detecting errors after processing is completed rather than on preventing errors.

23 12 - 22 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Learning Objective 4 Describe how general controls affect the auditor’s testing of application controls.

24 12 - 23 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Impact of Information Technology on the Audit Process Effects of general controls on control risk Effects of IT controls on control risk and substantive tests Auditing in less complex IT environments Auditing in more complex IT environments

25 12 - 24 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Learning Objective 5 Use test data, parallel simulation, and embedded audit module approaches when auditing through the computer.

26 12 - 25 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Test Data Approach 1 Test data should include all relevant conditions that the auditor wants tested. 2 Application programs tested by the auditor’s test data must be the same as those the client used throughout the year. 3 Test data must be eliminated from the client’s records.

27 12 - 26 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Test Data Approach Application Programs (Assume Batch System) Control test results Master files Contaminated master files Transaction files (contaminated?) Input test Transactions to test Key control Procedures

28 12 - 27 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Test Data Approach Auditor-predicted results of key control procedures based on an understanding of internal control Auditor-predicted results of key control procedures based on an understanding of internal control Control test results results Auditor makes comparisons comparisons Differences between actual outcome and predicted result Differences between actual outcome and predicted result

29 12 - 28 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Parallel Simulation The auditor uses auditor-controlled software to perform parallel operations to the client’s software by using the same data files.

30 12 - 29 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Parallel Simulation Auditor makes comparisons between client’s application system output and the auditor-prepared program output Exception report noting differences Productiontransactions Auditor-preparedprogram Auditorresults Masterfile Client application system programs Clientresults

31 12 - 30 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Embedded Audit Module Approach Auditor inserts an audit module in the client’s application system to capture transactions with characteristics that are of specific interest to the auditor.

32 12 - 31 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Learning Objective 6 Identify issues for e-commerce systems and other specialized IT environments.

33 12 - 32 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Issues for Different IT Environments Issues for microcomputer environments Issues for network environments Issues for database management systems Issues for e-commerce systems Issues when clients outsource IT

34 12 - 33 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder End of Chapter 12

Download ppt "12 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12."

Similar presentations

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder 12 - 1 The Impact of Information Technology on the Audit Process Chapter 12.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.
Presented to the Tallahassee ISACA Chapter

Presented to the Tallahassee ISACA Chapter
Control and Accounting Information Systems

Control and Accounting Information Systems
ITAuditing Using GAS & CAATs

ITAuditing Using GAS & CAATs
Auditing Concepts.

Auditing Concepts.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.

Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Nature of IT Based Systems

Nature of IT Based Systems
Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.

Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.
Chapter 14 System Controls. A Quote “The factory of the future will have only two employees, a man and a dog. The man will be there to feed the dog. The.

Chapter 14 System Controls. A Quote “The factory of the future will have only two employees, a man and a dog. The man will be there to feed the dog. The.
1 Output Controls Ensure that system output is not lost, misdirected, or corrupted and that privacy is not violated. Exposures of this sort can cause serious.

1 Output Controls Ensure that system output is not lost, misdirected, or corrupted and that privacy is not violated. Exposures of this sort can cause serious.
©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 18-1 Accounting Information Systems 9 th Edition Marshall.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 18-1 Accounting Information Systems 9 th Edition Marshall.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Auditing 81.3550 Auditing & Automated Systems Chapter 22 Auditing & Automated Systems Chapter 22.

Auditing Auditing & Automated Systems Chapter 22 Auditing & Automated Systems Chapter 22.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 1 The Impact of Information Technology on the Audit.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley The Impact of Information Technology on the Audit.
Overview of Transaction Processing and Enterprise Resource Planning Systems Chapter 2.

Overview of Transaction Processing and Enterprise Resource Planning Systems Chapter 2.
Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter 10 10-1.

Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter
Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.

Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.
Chapter 12/2 Audit Software Techniques

Chapter 12/2 Audit Software Techniques

Similar presentations

Ads by Google