Professional Documents
Culture Documents
Chapter 12
5-5
Learning Objective 1
Describe how IT improves internal control.
12 - 2
Learning Objective 2
Identify risks that arise from using an ITbased accounting system.
12 - 4
12 - 5
Data loss
2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
12 - 8
Learning Objective 3
Explain how general controls and application controls reduce IT risks.
12 - 9
Application controls
General controls
12 - 10
12 - 11
12 - 12
12 - 13
Segregation of IT Duties
12 - 14
Systems Development
Typical test strategies
Pilot testing
Parallel testing
12 - 15
Physical Controls: Keypad entrances Badge-entry systems Security cameras Security personnel
12 - 16
12 - 17
Hardware Controls
These controls are built into computer equipment by the manufacturer to detect and report equipment failures.
12 - 18
Application Controls
Application controls are designed for each software application
Input controls
Output controls
Processing controls
2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 12 - 19
Input Controls
These controls are designed by an organization to ensure that the information being processed is authorized, accurate, and complete.
12 - 20
Hash total
Record count
Processing Controls
Validation test Sequence test Arithmetic accuracy test Data reasonableness test Completeness test
2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
Correct file, database, or program? Correct processing order? Accuracy of processed data? Data exceeds preset amounts? Completeness of record fields?
12 - 22
Output Controls
These controls focus on detecting errors after processing is completed rather than on preventing errors.
12 - 23
Learning Objective 4
Describe how general controls affect the auditors testing of application controls.
12 - 24
Smaller companies
MORE
12 - 27
Learning Objective 5
Use test data, parallel simulation, and embedded audit module approaches when auditing through the computer.
12 - 28
2.
Application programs tested by the auditors test data must be the same as those the client used throughout the year. Test data must be eliminated from the clients records.
3.
12 - 29
Master files
Parallel Simulation
The auditor uses auditor-controlled software to perform parallel operations to the clients software by using the same data files.
12 - 32
Parallel Simulation
Production transactions Auditor-prepared program
Auditor results Auditor makes comparisons between clients application system output and the auditor-prepared program output
2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley
Master file
12 - 34
12 - 35
Learning Objective 6
Identify issues for e-commerce systems and other specialized IT environments.
12 - 36
Outsourced IT
e-Commerce systems
12 - 37
End of Chapter 12
5-5