Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 1 The Impact of Information Technology on the Audit.

Similar presentations


Presentation on theme: "©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 1 The Impact of Information Technology on the Audit."— Presentation transcript:

1 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 1 The Impact of Information Technology on the Audit Process Chapter 11

2 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 2 Learning Objective 1 Describe how IT improves internal control.

3 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 3 How Information Technologies Enhance Internal Control Computer controls replace manual controls. Higher-quality information is available.

4 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 4 Learning Objective 2 Identify risks that arise from using an IT-based accounting system.

5 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 5 Assessing Risks of Information Technologies Reliance on the capabilities of hardware and software Visibility of audit trail Reduced human involvement Systematic versus random errors

6 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 6 Assessing Risks of Information Technologies Unauthorized access Loss of data Reduced segregation of duties Lack of traditional authorization Need for IT experience

7 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 7 Learning Objective 3 Explain how general controls and application controls reduce IT risks.

8 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 8 Internal Controls Specific to Information Technology General Controls Application Controls

9 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 9 General Controls Administration of the IT function Segregation of IT duties Systems development Physical and online security Backup and contingency planning Hardware controls

10 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 10 Application Controls Input controls Processing controls Output controls

11 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 11 Relationship Between General and Administrative Controls Cash Receipts Application Controls Sales Applications Controls Payroll Application Controls Other Cycle Application Controls Risk of unauthorized change to application software Risk of system crash Risk of unauthorized master file update Risk of unauthorized processing GENERAL CONTROLS

12 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 12 Administration of the IT Function The perceived importance of IT within an organization is often dictated by the attitude of the board of directors and senior management.

13 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 13 Segregation of IT Duties Chief Information Officer or IT Manager Security Administrator Systems Development Operations Data Control

14 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 14 Systems Development Typical test strategies Pilot testing Parallel testing

15 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 15 Physical and Online Security Physical Controls:  Keypad entrances  Badge-entry systems  Security cameras  Security personnel Online Controls:  User ID control  Password control  Separate add-on security software

16 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 16 Backup and Contingency Planning One key to a backup and contingency plan is to make sure that all critical copies of software and data files are backed up and stored off the premises.

17 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 17 Hardware Controls These controls are built into computer equipment by the manufacturer to detect and report equipment failures.

18 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 18 Input Controls These controls are designed by an organization to ensure that the information being processed is authorized, accurate, and complete.

19 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 19 Batch Input Controls Financial total Hash total Record count

20 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 20 Processing Controls Validation test Sequence test Arithmetic accuracy test Data reasonableness test Completeness test

21 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 21 Output Controls These controls focus on detecting errors after processing is completed rather than on preventing errors.

22 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 22 Learning Objective 4 Describe how general controls affect the auditor’s testing of application controls.

23 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 23 Impact of Information Technology on the Audit Process Effects of general controls on control risk Effects of IT controls on control risk and substantive tests Auditing in less complex IT environments Auditing in more complex IT environments

24 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 24 Learning Objective 5 Use the test data, parallel simulation, and embedded audit module approaches when auditing through the computer.

25 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 25 Test Data Approach Test data should include all relevant conditions that the auditor wants tested. Application programs tested by the auditor’s test data must be the same as those the client used throughout the year. Test data must be eliminated from the client’s records. 1 2 3

26 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 26 Test Data Approach Application Programs (Assume Batch System) Control Test Results Master Files Contaminated Master Files Transaction Files (Contaminated?) Input Test Transactions to Test Key Control Procedures

27 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 27 Test Data Approach Control Test Results Auditor Makes Comparisons Differences Between Actual Outcome and Predicted Result Auditor-predicted Results of Key Control Procedures Based on an Understanding of Internal Control

28 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 28 Parallel Simulation The auditor uses auditor-controlled software to perform parallel operations to the client’s software by using the same data files.

29 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 29 Parallel Simulation Production Transactions Master File Auditor- Prepared Program Client Application System Programs Auditor Results Client Results Auditor Makes Comparisons Between Client’s Application System Output and Understanding of the Client Systems Via the Parallel Simulation Exception Report Noting Differences

30 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 30 Embedded Audit Module Approach Auditor inserts an audit module in the client’s application system to capture transactions with characteristics that are of specific interest to the auditor.

31 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 31 Learning Objective 6 Identify issues for e-commerce systems and other specialized IT environments.

32 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 32 Issues for Different IT Environments Issues for microcomputer environments Issues for network environments Issues for database management systems Issues when clients outsource IT Issues for e-commerce systems

33 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 33 End of Chapter 11


Download ppt "©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 1 The Impact of Information Technology on the Audit."

Similar presentations


Ads by Google