You are on page 1of 26

Master of Business Administration- MBA Semester 3

MF0013 – Internal Audit & Control - 4 Credits

(Book ID: B1037)
Assignment Set- 1 (60 Marks)

Q.1 Write the differences between Auditing and Accounting?

Ans:- Difference between accounting and auditing

Accounting is process of identifying, measuring, and communicating economic information to

various users.

Accounting is defined (by the American Institute of Certified Public Accountants) (AICPA) as
"the art of recording, classifying, and summarizing in a significant manner and in terms of
money, transactions and events which are, in part at least, of financial character, and interpreting
the results thereof. Today, accounting is called "the language of business" because it is the
vehicle for reporting financial information about a business entity to many different groups of
people. Accounting that concentrates on reporting to people inside the business entity is
called management accounting and is used to provide information to employees,
managers, owner-managers and auditors..

Accounting requires that an accountant must have accounting knowledge while auditing work
required that an auditor must have accounting as well as auditing knowledge. Accounting is
concerned with current data. It is constructive in nature. Accounting is done on a day-to-day
basis in business. It is the recording of transactions, the accounting for depreciation, debt,
revenue, etc., that are all a part of reporting the company's financial activities.

The main goal of accounting is to provide a company with clear, comprehensive, and reliable
information about its economic activities and status of its assets and liabilities. This information
is presented in the form of accounting reports like the balance sheet, income statement, statement
of changes in equity (also called shareholders’ equity statement), and statement of cash flows
(also called cash flow statement). By means of accounting reports it is possible to perform the
following (list non-inclusive):

• Understand and re-allocate internal resources of the company to ensure its financial
• Review profitability of the company’s economic activities
• Understand the company’s cash inflows and outflows
• Verify conformity of a company’s economic activities to government regulations
Internal users of accounting reports are managers, owners, and employees. External users of
accounting reports are investors, creditors, and government.

Audit is independent appraisal performed by an independent expert of an activity or event. There

are operational, technical, ecological and other types of audit. Most commonly, nevertheless, this
term refers to audits of financial statements.

Audit of financial statements is the process of examining the financial statements and the
underlying records of the company in order to render an opinion as to whether the statements are
fairly presented. Most commonly financial audits are performed on a company’s request for the
benefit of financial information users (i.e. internal and external). Auditors analyze and compare
accounting reports and confirmation documents as well as verify conformity of a company’s
accounting with established standards and regulations (e.g. US GAAP, IFRS). Therefore, the
main goal of an audit is to perform thorough evaluation of a company’s financial records and
reports and provide a company with improvement recommendations based on that evaluation.

As we can see, accounting provides financial information to users of such information, and
auditing is a means to ensure such information is reliable and comforts with established rules and

Q.2 Write the factors to be considered while drawing up the audit programme an auditor
should give attention?

Ans:- Audit planning requires a high degree of discipline on the part of the auditor. In order to
make the planning more meaningful, the auditor should take into consideration the following
matters in relation to the audit engagement:

(a) Preliminary Work to be Done in Addition to the Real Audit Work: This will
include such matters as stocktaking, cash count, debtors’ circularisation and review of
previous year’s working papers. This will remind the auditor of those matters
brought forward from the previous year and any other points to be resolved in the current
year or problems anticipated.

(b) Changes in Legislation or any Auditing Standards or Guidelines: The

promulgation of the Companies and Allied Matters Act, brought with it a lot of changes
in accounting and auditing requirements of companies. Such legislations whether in
respect of all companies or particular industrial group, must be reviewed ahead of the
engagement in order to determine their effects on the operations or reporting
requirements of the enterprise.

(c) Analytical Review of Available Management Accounts and Other Management

Information that Relate to the Accounts : This will assist in establishing valuable
ratios and indicators that will guide the auditor. For instance, the computation of the
gross profit percentage compared with that of the previous year will provide a good
indicator to the auditor of the accuracy and reliability of sales and cost of sales.

(d) Changes in the Business or Management : The appointment of a new Finance

Controller and the establishment of a new business line or the creation of a new branch
are significant changes in the circumstances of the company which will necessitate
changes in the existing audit plans.

(e) Changes in the Accounting System : The introduction of computers such that when
a company introduces significant changes in its operating procedures will require a
review and evaluation of the system of internal control.

(f) Deadlines Established for the Submission of Audit Report : Where a client has set
deadlines for its statutory activities such as the annual general meeting, it is important for
the auditor to work in line with such programmes.

(g) Use of Rotational Testing and Verification : In practice, the auditor may not carry
out a hundred percent testing or verification of the client’s transactions or segments of the
business. Where rotational testing or verification is adopted, it will be necessary for the
auditor to determine ahead of the date of the engagement which aspects of the
businessshould be selected for testing or verification. An example of rotational testing
could be applied on the client’s branches to be visited.

Points for Consideration in Audit Planning Memorandum Audit planning memorandum should
cover the following standing matters which are designed to achieve the desired audit objectives:

(a) Terms of Engagement : In the case of a new audit engagement, a letter of

engagement should be prepared as part of the overall plan of the audit. Even in
subsequent visits,the letter of engagement should be reviewed in the light of current
circumstances to ensure that all aspects of the work undertaken for the client are covered
in the letter especially asthey relate to taxation, accountancy, staff development and
executive search.

(b) Audit Risk Areas : The auditor should critically review all the areas of high risk in
order to ensure that the planned procedures adequately cover such areas and that
competent staff have been assigned to these areas. High risk areas may relate to the
nature of the items, such as cash for a retail establishment with numerous collection
points and outdoor disbursement locations. Risk may also relate to a high probability of
error as in the case of stocks whose quantities are subject to estimation and are
susceptible to pilferage. The risk may also relate to the structure of the organization
especially in cases of joint ownership of an organisation, where the owners are not
equally represented in the management. There is therefore the risk of withholding key
information from some of the directors.
(c) Assets and Liabilities : These will require detailed plans since they are of continuing
relevance to the financial statements of many years and the relevant vouchers may not be
readily accessible. The plans relating to assets should clearly disclose their history such
that current movements may easily be ascertained and adequately verified. These will
apply mainly to plant and long term loans.

(d) Presence of Internal Auditor : Wherever an internal auditor exists in an

organisation, the auditor should develop suitable plans to review the technical
competence of the internal auditor, his degree of independence and scope and quality
of his work in order to determine the extent of reliance to be placed on his work and to
identify the areas of work overlap.

(e) The Need for Specialists : The auditor should determine ahead of his visit those
aspects of the work that may require the services of specialists. This may be internal or
external specialists as relates to stocks, specialist valuation for insurance or computer

(f) Audit Approach : Based on the review of the system of internal control, the auditor
should be able to decide on the audit approach to adopt. This will be based on the extent
of reliance to be placed on the system of internal control.

(g) Timetable : A critical aspect of the audit is the timetable. The auditor should
establish plans to ensure that for each year, the audit is completed within any stated
deadline for submission of the report.

(h) Staffing : The auditor should plan for adequate number of staff with the required
skill for the audit. The training of audit staff is a long term process which will require
that even from the initial appointment of the auditor, he should take steps to train
suitable staff in sufficient number to handle the audit of the client.

(i) Fees : Based on plans already established in terms of time, staff and materials, the
auditor should plan for his fees to cover staff salaries, overhead costs and leave a
sufficient margin for the partners’ share of profit and pension scheme. The planned
fees must be discussed with the client, if not already agreed.

Understanding the Client’s Business

The extent of the knowledge gained of the client’s industry and business organisation greatly
facilitates the performance of the engagement staff. It is essential therefore that all staff engaged
in the audit are encouraged to gain an understanding of the client’s business operations. Such
understanding, in addition to enhancing the overall audit performance, also facilitates
communication with client’s staff and in assessing the reliability of representations from
management and making judgement regarding the appropriateness of the accounting policies
adopted and their disclosure.
The auditor may obtain knowledge of the client’s business by:

• Personal visits to the client’s premises and operating bases and holding discussions with
key officials of the company;
• Reading minutes of meetings and correspondence with the client;
• Reading internal audit report;
• Reading previous year’s audit files and permanent audit files;
• Reading other materials from within the firm, e.g. management consultancy reports and
feasibility reports; and
• Reading relevant materials relating to the business e.g. trade journals, investment
analysis and stockbroker’s report.

Other significant factors which should be considered by the auditor to determine the audit
strategy are as follows:

• The auditor’s responsibilities in accordance with the terms of the engagement;

• The nature of the client’s business;
• The nature and significance of items in the year’s accounts; and
• The principal features of the client’s accounting system and the extent and effectiveness
of the related internal accounting controls, which may be gained from a preliminary
understanding of the system.

Consideration of the above factors should enable the auditor determine an appropriate audit
strategy which should be set out in writing, in an audit strategy memorandum, which should be
approved by the audit partner.

However, the auditor should recognise that this strategy may, if necessary as a result of changing
factors, be reviewed and revised as the audit progresses. For existing clients, the auditor should
have much of the information he needs to determine his audit strategy in his audit files.

Nevertheless, he should still discuss with the clients management whether there have been any
changes in the company’s circumstances that might affect his audit approach.

The external auditor is appointed to carry out audit in accordance with specific regulatory or
statutory requirements, such as the Companies and Allied Matters Act or in accordance with
generally accepted auditing standards within the country concerned. In these circumstances, the
terms and conditions will not call for any special consideration when determining the audit
strategy. The auditor should, however, consider whether additional responsibilities arise from
request by the client’s management or because the client is required to conform to special
regulatory or other requirements.

Q.3 Write the Guidelines for internal check for Big Departmental stores?
Ans:- Guidelines for internal check for Big Departmental stores

1. Stocks to be stores in assigned areas.

2. Stocks are to be insured against fire, theft, flood , riot etc.

3. Record of such insurance policies to be reviewed.

4. Value of stock for insurance purpose should be decided by top authority.

5. Perpetual stock records are to be kept.

6. Stock records are to be compared with accounting records periodically.

7. Periodical verification of inventory and reporting is a must.

8. Stock levels are to be maintained.

9. ABC analysis of inventory is to be made.

10. Inventory verification should be in a prescribe mode and time.

11. Verification should be done by independent person.

12. Variations should be properly explained.

13. Stocks at other places like, with customers, consignees, contractors, warehouses
or third parties to be confirmed by such parties.

14. Records to be maintained for scrap, by-products or returnable containers.

15. Requisition notes from production departments must be formal and duly

16. Valuation methods should be authorized and based on accounting standards.

Q.4 Distinguish between internal control, internal check and internal Audit?

Ans:- Distinguish between internal control, internal check and internal Audit

Sometimes people get confused and interchange the terms-internal control, internal check and
internal audit. Hence it is necessary to know the differences between these terms.
Internal control is all the procedures and policies set up by management to achieve
organizational goals. The process of internal control is designed to provide reasonable assurance
that an organization's assets are safeguarded, that operations are managed effectively and
efficiently, and that financial reports are reliable. They vary according to organizational size,
complexity, and management structure.

Internal check is “check on day to day transactions which operate continuously as a part of the
routine system whereby the work of a person is proved independently or is complementary to the
work of another, the object being the prevention or early detection of errors or frauds”

• Existence of checks on day-to-day transactions.

• Continuous operation of checking.
• Work of one person is checked by another person.

Thus basically internal check uses the features of “segregation of duties” of internal control.
Thus internal check is only a part of internal control.

Internal audit, as we have seen encompasses review and appraisal of internal control itself and
hence is much broader concept. Internal audit is a kind of audit which is not a statutory audit.
Internal audit is a tool of management and required for controlling the internal matter. Through
the Internal audit the financial transactions are regular and the mistakes are detected. The
Internal audit is done not only after completion of the year, but it can be done during each
financial year whenever required. In many cares it becomes continuous or routine audit. In the
care of statutory audit only statutory matters or points are audited which in care of internal audit
almost all the financial transactions are audited.

Q.5 Write the essential requirement of Computer Assisted Auditing Techniques (CAAT)?

Ans:- In auditing with the computer, auditors employ CAATs with other auditing techniques to
perform their work. As its name suggests, CAAT is a tool to assist auditors in performing their
work faster, better, and at lower cost. As CAATs become more common, this technical skill is as
important to auditing profession as auditing knowledge, experience and professional judgement.

The implementation of computerization greatly improved accounting information processing

speed and accuracy, can provide users with timely and accurate accounting information, the
accounting industry in the history of an unprecedented leap forward. However, in this leap also
audit work great, and summarized in the following aspects:

An audit trail of changes in

Since the implementation of computerization of accounting, so that the audit trail has greatly
changed, the traditional manual accounting system audit trail in the computerized system will be
interrupted or even disappear. In the manual system, from the original documents to the
accounting vouchers, from posting to the financial statements have been prepared, documented
every step, there are handling signature, audit trail is very clear. Auditor trial lines, as needed
Shun can search, reverse search, or random. However, in computerized accounting system, the
traditional is not the books, and most of the transcripts disappeared, replaced by the existence of
accounting information disk and tape, which is based on the information on magnetic media,
machine-readable form, the naked eye does not recognize. In addition, from the raw data into the
machine, the output of the financial statements, which focused on the middle of all the
accounting treatment of automatically by a computer program instructions according to
preservation, the traditional audit trail here interrupted, and disappeared. The traditional guard of
the computerized accounting entity is no longer fully applicable. In order to effectively audit the
computerization of the accounting entity, in the computerized accounting system design and
development of audit requirements must pay attention to the new audit trail left behind. For
example, to leave a detailed record of each business, rather than leaving only the updated current
balance. Some systems in the temporary files, after a certain period of time should be deleted. If
the audit need to check these documents should be copied in order to search.

Second, changes in the accounting system of internal control

Modern international audit are based on system-based, that is the auditor of the accounting
system to review and evaluate internal controls, as a development of the scope of the audit
program and decide on the basis of spot checks. Because of the computerized accounting system
implementation, manual control of the existing accounting system can not meet the new features
of data processing can not effectively reduce the computerized accounting system-specific risk.
For example, in computerized accounting systems, accounting information processing and
storage are highly concentrated in the computer, make some of the manual accounting system,
separation of duties, each send control system failure. In order to secure the system and the
system processing and storage of accounting information accurate and complete, we must
consider the characteristics of computerized systems, for its inherent risks, the establishment of
new internal controls. In addition to these internal controls related to electronic data processing
system for the implementation of process control and artificial, the internal control procedures of
computerized accounting information system is an important feature. How to identify, review
and evaluation of these new content control, especially the process of internal control is a
computerized accounting for a further new audits. American Institute of Certified Accountants
Association, No. 3 of the Introduction to Auditing Standards states: "If a customer in its
accounting system, the use of electronic data processing, whether it is a simple band is complex,
the auditor must fully understand the entire system, allowing to identify and evaluation system of
basic accounting controls features. including the more complex electronic data processing
applications, cases, the auditors in the implementation of the necessary audit program that will be
on the application of specialized expertise in electronic data processing. " Computerized
accounting conditions, due to changes in internal controls, and auditors must study computerized
system of internal control, master of its assessment methods. Of process control, the auditor
should audit the use of computer-assisted audit techniques. For Computerized Accounting
Information System of internal control weaknesses, auditors must be able to assess its impact to
the Pishendanwei suggestions for improvement.

Third, changes in the contents of the audit

Computerization of accounting under the conditions of the trial so that the monitoring functions,
though not changed, but the audit of the substance was changed. In the computerized accounting
information systems, accounting matters automatically by a computer according to the
procedures for processing, if the system an application error or unlawfully altered, then the
computer will only process given the same wrong way to deal with all of the relevant accounting
matters, the system can be without our noticing them embedded in illegal and corrupt process,
criminals can use these procedures for a large number of corrupt misappropriation of property.
Does the system deal with compliance, legal, safe and reliable, with the computer system
processing and control functions are directly related. The characteristics of computerized
accounting information system and its inherent risks, the decision to increase the content of the
audit of the computer system processing and control functions under review. Under the condition
of computerized accounting, the audit staff to spend more time and effort to understand and
review the functions of a computer system to confirm the legitimacy of its processing, accuracy
and completeness to ensure the system safe and reliable.

When a system has been completed and put into use, and then to improve it, than in the system
design, development stage is much more difficult, costs much more expensive. Therefore, in
addition to right to vote after use computerized accounting information systems post-audit
services, but also to promote the system's design, development stage, the audit should be carried
out in advance, and things involved in the audit. They are in the system design and development
at all stages of review and assessment should pay attention to the following questions: First, the
system is functioning properly, complete, users can meet the accounting and management
requirements; second is the system of data flow approach is in line with the accounting system,
regulations, decrees and financial discipline requirements; third is whether the system is set up
properly process control, to prevent or timely detection of unintentional errors or intentional
fraud; 4 whether to keep the system a full audit trail, can successfully develop for the future the
audit to provide the necessary conditions; 5 is the system's security measures and management
system is sound, whether the system safe and reliable operation of the future system of
development control. Audit staff also participated in the system debugging, testing and
acceptance, as timely as possible to find that the system matters, and suggest improvements.

Fourth, changes in audit techniques

In the manual processing conditions, the audit can be carried out according to specific
circumstances shun investigation, reverse search, or random. Review commonly used to review,
check, compare, investigate and prove such. All the reviews are done by hand. Computerized
accounting conditions, determine the characteristics of the accounting audit and technical
change. Although a variety of manual review of technology is still very important, but machine-
assisted auditing techniques is essential to the audit.

Computerized information processing and information storage of the electromagnetic, if not all
of the accounts table printout paper documents, magnetic media on the accounting information is
the naked eye can not recognize, the audit staff can only use computers to review it. Even
though, the entire account must be in hard copy form, using the computer more quickly than the
hand can be more effective to complete review, verification, analysis, comparison of the review.
For example, the computer can help auditors to review the accounts file, find the accounting
records to meet the specified conditions; can be a large number of accounting matters of
statistical sampling in order to extract samples of the auditors of the lack of further review; also
be recorded in accordance with accounting information system to calculate various financial
ratios, rates of change and conducting a variety of analysis and comparison and so on.

Computerization of accounting under the conditions of both the computer system processing and
control functions to review, but also using computer-assisted audit techniques. Review of the
computer system functions, you must run the computer, let the computer perform various
operations and processing, that is, the use of computers to carry out the audit. This review is not
to leave the computer only by manual methods to complete.

Another computer-assisted audit techniques, in computerized accounting information system

design and development process, can be audited in advance of the embedded computer systems
audit procedures. These programs can perform the audit oversight, to establish an audit trail
documents, records the transactions meet the specified conditions and the operation processing
of relevant information for future audit staff actively tracing. These programs can also perform
some special audit function.

Fifth, higher demand for auditors

Computerization of accounting under the condition of content control as an audit trail, content,
and auditing techniques change, the decision on the audit staff requirements high. The auditors
do not understand computers because of changes in the audit trail can not be active audit; do not
know the characteristics of computerized accounting systems and risk can not be identified and
the trial of its internal controls; do not know how so that the computer can not review or use of
computer the computer audit. Therefore, it requested the auditors not only have the accounting,
auditing, and practical knowledge, but also access to computers and computerized accounting
knowledge and skills.

Seen from the above, the accounting computerization to the audit made a number of new, new
requirements. The traditional manual audit can not meet the requirements of computerization. ,
And to carry out computer audit, the audit department and audit staff of new subjects and new

Q.6 Write the Audit programme in an EDP environment?


To give you a view about what Electronic Data Process (EDP) auditing is we give you first a
definition about EDP auditing:

“It is the independent and impartial appraisal of the reliability, security, effectiveness and
efficiency of automated computer systems, the organization of the automation department and
the technical/organizational infrastructure of the automated fact processing.”

When we look at the six EDP auditing independent and impartial appraisals we see that these are
the main factors for business processes for an EDP auditor. These are the key factors where an
EDP auditor is checking a system described in the literature. At the Symposium were we
presented our research a lecturer from Ernst & Young, an EDP auditor, had given his lecture
about EDP auditing & Innovation. He told us that before he become an EDP auditor he had
learned about these six key factors were the basic of EDP auditing was relied on but in the reality
it is more than these factors.

The first appraisal, Reliability, gives an EDP auditor the view about in which the business
processes are reliable for the automated system. Nowadays the automated systems have more
transactions and more processes than before. This gives an EDP auditor more processes to
examine at the Reliability of the system.

The second appraisal, Security, gives an EDP auditor the view about in which way the security
has been established. His methodology focuses on the analysis of the structure and performance
of control processes. Representative transactions are examined by the auditor to assure that these
processes are functioning consistently and correctly. An EDP auditor has also different kind of
checking tools to checks leaks in the automated system. The goal of the EDP auditor is not to
check fraud because the perpetration of a fraud typically manipulates the purpose and content of
specific transactions, rather than the process itself. For an EDP auditor this kind of fraud is not to
see, because the manipulated transaction is fully blend into normal (legitimate) transaction flow
and through the administrative process is being compromised .

The third appraisal, Effectiveness, is about in which way an automated system is effective.
How is the processes of the system effective regulated. In this way an EDP auditor views the
system and gives recommendation in which way the system is effective. To do that an EDP
auditor van use scripts or doing it by hand. Nowadays with the rise of the emerging information
technologies the use of audit computer-assisted techniques are more effectively used because of
the new generation system are using more data mining, object-oriented architecture and
intelligent agents processes in the automated system.

The fourth appraisal, Efficiency, is about in which way the processes are optimally regulated.
In the efficiency method the EDP auditor looks if resources are optimally used in the automated
system. Here the EDP-auditor can recommend whether the resources must be downgraded or be
extended to give a better business performance. Nowadays EDP auditors have many specific
tools to use like Cobit, but the use of these IT tools is less. Auditors are doing mostly their
recommendation by hand and with their use of knowledge.

The fifth appraisal, the organization of the automation department, is the fact in which way for
example the segregation of duties is regulated for the employee to check or to place orders for in
the system. The EDP auditor looks on this fact how does and how many employees are used for
the resources of any business process in the system. He is using his experience and his
knowledge to recommend if there are more employees necessary or that it is better to re-engineer
your system.

The technical/organizational infrastructure of the automated fact processing is about in which

way the automated processes are regulated at the company and how this is reliable for the goals
of the company. The EDP auditor reviews this and recommends the business processes to be
optimal and that the technical infrastructure is regulated in the way that gives the company an
efficient and effective way of business performance.

Work field EDP-auditor

EDP auditor as his main function is to assure that management exercises effective control over
the way in which the organizations assets are used and that these factors for business processes is
related so that use are current and accurate. Its work is focused on the reasonableness and
consistency of the processing methods used and the accuracy, completeness and currency of the
data itself, this is called the fairness issue .

Also where it is focuses on is the custody and use of organization assets in general. In these both
instances significant attention is paid by the EDP auditor to the means used to detect and correct

If we look at the business processes at the work field for an EDP auditor we see that much of
these factors can be automated to give a better and accurate decision support for an EDP auditor.
Since the more using of complex systems and systems that are hand shaped for a company an
EDP auditor needs more IT tools to give a better recommendation and spit through the resources
for its decision support.

Master of Business Administration- MBA Semester 3

MF0013 – Internal Audit & Control - 4 Credits
(Book ID: B1037)
Assignment Set- 2 (60 Marks)
Note: Each question carries 10 Marks. Answer all the questions

Q.1 What are the essential qualities and qualification of an auditor should possess for efficient discharge of
Ans:- These qualities are essential in every case of audit and in every type of auditor-whether internal or

Independence:- Independence is the personal quality of an auditor. This quality is desirable for independent opinion
on business activities. He cannot be influence directly or indirectly by other people. An auditor must be independent
at the time of programming investigation and reporting. He cannot change his programme due to management

Integrity:- Integrity is acting honestly. It may also mean acting in a trustworthy manner. Stakeholders rely on
auditor’s opinion. Acting dishonestly and providing wrong opinion might lead to wrong decision making by
stakeholders of a business.

Competence and Skill :- Auditor should be capable of handling an audit. He should have the required qualification,
experience. He should also have knowledge of the business conducted by the auditee. This is more essential in case
of internal audits.

Objectivity:- Auditor should be impartial and unbiased during his audit. This quality is dependent on the qualities
of independence and integrity.

Due diligence and care:- Auditor should not be negligent in his duties. Due professional care is required at every
stage during the audit. Documentation of audit will prove that auditor exercised this care during an audit.

Confidentiality:- Just like in medical profession where confidentiality is maintained, confidentiality of the
i9nformation of the auditee is to be maintained. Auditor cannot reveal the vital information about the business of his
client to any person, unless he is legally bound.

Tactful:- It is also the personal quality of an auditor. Technical information is required to comment and criticize the
policies of management. In case of missing can collect it from the client.

In addition to these basic qualities an auditor should also have qualities like good communication skills, logical
ability etc.

Qualification of an Auditor (Section 226 (1) and (2)

Following persons are qualified to be appointed as auditor of a company.

1. Practicing Chartered Accounts (Sec 226 (1)J) :A person shall not be qualified for appointment as auditor of a
company unless he is a chartered accountant within the meaning of the chartered accountant act 1949.

A chartered accountant means a person who is the member of the institute of chartered accountant of Pakistan. He
will be Deemed to be in practice. When individually or in partnership with other chartered accountants in practice he
for consideration received or to be received.

Practice of Accountancy : He engages himself in the practice of accountancy.

Verification : He offers to perform or performs the services involving the auditing or verifications of
the financial transactions, books of accounts or records or the preparation, verification or certification of
financial accounting and related statement or holds himself out to the public as an accountant.

Professional Services: He renders the professional services or assistance in or about matters of

principal or detail relating to accounting procedure to the recording, presentation or certification of financial
facts or data.

Renders the Services : Renders the services as, in the opinion of the council are or may be renders by a
chartered accountant in practice.

2. Certified Auditor (Sec 226 (2)) : A part from practicing chartered accountants, a person holding a certificate
under the restricted auditor's certificate rules, 1965 is also qualified to be appointed as auditor of a company. Such
certified auditors are subject to the rules framed in this behalf by the central Government.

The object of the provisions as to qualified is to ensure that only persons of proven worth and standing and under the
discipline of a statutory body, are appointed as auditor.

Disqualification {Sec 226 (3)(4)(5)}

The following person cannot become the auditor of the company according section 254.

• A body corporate

• An officer or employee of the company

• A person who is the employment of an officer or employee of the company.

• A person who is indebted to the company for an amount exceeding Rs. 1000 or who has
given any guarantee of any third person to the company for an amount exceeding Rs. 1000.

• The spouse of a director of the company.

• A person who was a director other officer or employee of the company at any time during the
preceding three years.

• A person who is a partner of a director, officer or employee of a company

According to Section 226(4) a person shall not be qualified for appointment as auditor of any body corporate.
Further if the auditor already holds the appointment as auditor in the specified number of companies as per
Section {Section 224(1-13)}, he will be disqualified for further appointment as auditor in any other company.

Q.2 Write the short notes on

1. Cash Audit
2. Special Audit
3. Periodical Audit
4. Social Audit
5. Partial Audit
Ans:- 1. Cash Audit

Cash audits are an important internal control for businesses to use when reviewing proper procedures for cash.
Restricting the number of individuals involved in the cash process or the number of duties handled by any one
individual in the cash process limits any type of fraudulent activity regarding cash.

Cash Access : Cash process audits should determine how many individuals handle cash at the main cash
collection point. Cashiers and front office managers should be the only individuals who handle money as it comes
into the business. Audits should also ensure that money is entered into a log book or safe and is signed off by
the cashier and front office manager. Two individuals should be present when the cash is removed from
the safe and taken to the accounting office or bank.

Deposit Preparation: Preparation of the cash for a bank deposit should be handled by individuals other
than the cashier or front office manager. Audits should determine which individuals prepare the deposits and
if they are reviewed by a supervisor in the accounting office. Most companies require several forms to be filled
out when recording and preparing the deposit. Each form should be audited to ensure that all
deposit-preparation procedures have been followed.

Deposit Posting: Audits should focus on the posting system that records each deposit in the accounting
information system. Electronic records should be reviewed to ensure that each deposit was posted to the
system in a timely manner. Delayed deposit posting creates tough situations in an accounting office by
lengthening the cash flow collection period. In most companies, deposits are posted to the information
system by individuals separate from those who prepare the deposits.

Bank Reconciliation: After the deposits are recorded into the accounting information system, bank
reconciliations are prepared and reviewed by the accounting department to ensure that all deposits are
processed by the bank in a timely manner. Depending on the size of the company, reconciliations may be prepared
on a daily or monthly basis.

When auditing bank reconciliations, auditors should review when the deposits are recorded by the
bank and if they are consistent with dates entered into the information system in the accounting office.
Reconciliation audits should also test that the account balances from the information system match the
reconciled balances of the bank statement.

Disbursement Review : Cash disbursements should be audited in a similar fashion to cash deposits.
Accounts payable (A/P) invoices entered into the accounting information system should be reviewed to
ensure that the invoice amount matches the system amount. Checks cut to vendors for payments should also
be reviewed on the bank reconciliation statement to ensure that all checks are cleared through the bank.
Any outstanding checks should be reviewed for validity. If a company requires A/P clerks to balance invoices
to vendor statements, these reconciliations should be audited for accuracy and validity.
2. Special Audit
A special audit report is the report issued by an auditor after inspecting the financial records of a company following
a directive for the audit to be performed before the usual annual audit. The government may order a special audit
conducted on a corporation if there is evidence that its financial affairs are not being run in accordance with proper
accounting practice. Shareholders of a company may also pass a resolution to have a special audit done on their
company if they feel recent management decisions have put its survival in jeopardy.

Unqualified Opinion :This is a special audit report whose conclusion is that the financial records
of the company are in order. This means that the company management has presented a true reflection of
the real financial transactions without hiding some or exaggerating others. The company's financial reporting has
complied with the Generally Accepted Accounting Principles (GAAP).

Qualified Opinion : A qualified opinion special audit report is issued when an auditor discovers
anomalies in the financial statements of an organization. Situations that make an auditor give a qualified opinion
report include when a company's financial statements have failed to include certain transactions over a
certain period or to reflect depreciation in the value of asserts. The auditor gives an opinion that they should
be corrected.

Adverse Opinion : An adverse special audit report is issued when an auditor discovers outright
distortions that make the financial statements of a company unreliable. In most cases, these discrepancies are a
deliberate attempt to conceal the real financial position of the company being audited. An American
company may, for instance, fail to state that it sold its South African subsidiary for $3 million so as to hide the fact
that the money was siphoned out of the business after the sale.

Disclaimer of Opinion : A disclaimer of opinion special audit report is issued when an auditor is unable
to conduct an audit of a particular organization. The reasons range from the deliberate failure of the
organization's management to provide crucial financial information to interference in his audit. An
extreme case of this interference would be an attempt to bribe the auditor so that he can give a positive

Internal Audit : This is a special audit report that is commissioned by a company's management. It
may be initiated by the company's executive management or the board of directors. The aim of the internal
audit may be to establish the value of the company or investigate internal fraud.

External Audit : External special audit report is commissioned from outside the company. A
multinational company that owns subsidiaries in foreign countries may commission a special audit of these
subsidiaries so as to determine their viability. A government may also commission a special audit of one of its
ministries to establish how money for a certain project was used. External audits are usually the most
credible though critics have accused audit firms of unethical behavior.

3. Periodical Audit
An audit which is commenced at the end of the financial year or trading period and is carried on by the auditor until
its completion. This kind of audit is adopted by almost all business concerns but in case of large business concerns it
takes more time to complete the audit.
The merits of final audit are:
• Checking Complete Records : All the facts about the financial year relating to the accounts for the year
under review are before the auditor.
• Less Danger of Alteration : After final audit it becomes very difficult for any one to change the figures of
accounts fraudulently as the checking of these accounts have already been conducted by the auditor.
• Cost Effective : Final audit is comparatively less expensive as compared to continuous audit as less time
is consumed to conduct this kind of audit.
• Convenient : Final audit saves both the parties, i.e. the client and the auditor from continuous disturbance,
as the auditor needs not to make frequent visits and simultaneously the Work of the client is not dislocated.
• Sequence of Work not lost : There is no interval in this type of audit and it caries on until its completion,
hence, the audit staff do net lose the sequence in the work already performed.

The demerits of final audit are given below:
• No Detailed Checking : It is extremely difficult for the auditor to check the accounts in detail and hence
he applies test check in order to save time.
• Delay in Report Presentation : If the work of audit will not be completed in time, the audit report cannot
be presented before the shareholders. This creates problems for the company’s business and its good will.
• Work not Up to Date : As the auditor visits once a year, i.e. after the close of the financial year, so his
visit has no moral impact on the client staff to maintain the accounts books up to date and correct.
• Early Detection and Rectification of Errors Impossible : As the mistakes cannot be discovered by the
auditor at an early stage, hence, rectification of certain errors becomes next to impossible before the close
of the financial year.

4. Social Audit
The social audit is a business statement published every year to present a set of information about the social
projects, benefits and actions addressed to employees, investors, market analysts, shareholders and the community at
large. It also functions as a strategic instrument to evaluate the practice of corporate social responsibility. Through
its social audit the company shows what it does on behalf of its professional staff, their families, collaborators and
the community at large. Transparency is given to the activities developed to improve quality of life. Its main
function is to make public the company's social responsibility, thereby strengthening the links between company,
society and environment. When put together by multiple professionals, the social audit shows and measures the
company's concern about people and about life in our planet.

Social Audit is a systematic, regular and objective accounting procedure that enables rganisations to establish social
values and criteria against which they can measure external and internal performance and their social plans. Local
Livelihoods has developed a practical Social Audit model designed for Community Enterprises to plan, manage and
evaluate non-financial activities and to create a system for communicating with stakeholders.

The four main components of a Social Audit are:

1. Statement of Purpose – engaging the community in setting priorities: long term vision – medium term
strategy – short term operational criteria
2. External View - stakeholder and service assessment: benefits received – problems identified – solutions
designed, planned and implemented
3. Internal View – organisational assessment: effectiveness of operational methodology – efficiency of
management systems – satisfaction of board members, staff and volunteers
4. Review and Planning – the learning loop: learning lessons from the previous years planned and actual
results, making changes and planning the next years strategy and criteria

The Social Audit cycle starts with the Statement of Purpose and Planning, this reviews the results of last year's
purpose and plans and establishes this year's purpose and plans.

The External View engages a wide range of stakeholders and forms a view of the organisation's position within the
wider context.

The Internal View engages with the board of directors, staff and volunteers in assessing and designing satisfactory
ways of working and reward, and makes sure the organisation management and systems are able to achieve the
purpose and plans.

The Monitoring and Evaluation element is where the Social Audit Team manages the Social Audit and measures

For each stage a number of practical exercises have been designed to fit within the overall methodology of Social
Audit. The progressive accumulation of understanding that can be gained from measuring and managing social
performance enables organisations to manage effectively.

5. Partial Audit
In a partial audit, the work of the auditor is curtailed. The auditor is asked to check a few books, e.g. he may be
asked to check the payment side of the cash book.

Partial audit is not permitted in case of limited companies because according to the Companies Act, the duties of an
auditor of a company cannot be curtailed. Again in case of a very big proprietary firms, it may not be possible for
the proprietor himself to disburse all payments and if he suspects misappropriation of cash , he may appoint an
audit or to check only the cash book.
When an auditor is appointed to conduct partial audit, he must make it clear in his report that he has performed
partial audit as per the instruction of client.

Advantages of Partial Audit

• It serves the specific interest of the client.

• There is much scope to render quick service, as the auditor has to deal with only one or two aspects of
business transactions.
• Critical analysis of the book of account relating to a particular item or group of items is made possible.
• It may act as a moral check on the part of persons who intend to falsify account.

Disadvantages of Partial Audit

• The conduct of this type of audit is strictly restricted under the Companies act.
• The audit report does not reflect the financial position of the business as a whole.
• It cannot be widely used.
• This type of audit is conducted only for a particular purpose.

Q.3 “Discuss Continuous Audit Double edged Weapon”.

Ans:- Auditing is always a double edged sword. When you need to determine what happened, you want all the
information that you can possibly have. However when you don't have issues, you have this huge volume of
information to wade through, most of which doesn't really make sense. Balancing these two can be difficult, but it is
something that you want to keep in mind and think long and hard about what you audit and how much you keep.
You also want to be sure that you capture enough information that you can trace back the true issues that you face.

So how do you decide what you audit? Well, the first place I start is with any regulations that apply. If you work in
the financial arena, chances are that your database needs to audit any transactions that take place with some type of
audit trail. If you manage a database the runs a meat packing plant, you might need to audit slightly different items. I
usually start by looking back at issues in the past where you have not been able to determine what happened or who
made a change. These are usually prime fields for auditing. Since I don't know your system, I'll work with one that I
do know, an Asset Tracking system. This system is designed to ensure that assets in the company are accounted for
and maintained properly. Now there is quite a bit of data work that has to be manually input, and this system can't
control that, instead, it's designed to ensure that what data is put into the system is intact and is not altered.

In fact it's a double edged weapon. For Example, if you file an amended return, it will raise eyebrows and IRS may
take your return for audit. But at the same time, if you do it correctly, your chances of getting audited are reduced
Sometimes you make mistakes inadvertently. Your math is fine, your supporting papers are appropriately inserted,
your tax strategies are correct, but then some things slip off your mind.

Don't worry. This is not something incurable. If you find a mistake in your tax return, the best way is to correct it
quickly. It may be a modified W-2 in favour of IRS or an unclaimed deduction in your favor, just proceed to correct

There is a specific form for such corrections - Form 1040X

This form is very easy to fill in. It has three parts - one for what you filled in originally, then one for what changes
you wish to make and the last one for final numbers. You can explain the changes at the back of the form.

Take this opportunity to show your sincerity to IRS. If you are claiming a deduction which was originally missed,
then attach relevant receipt. If you want to correct any third party document, attach a copy. This will support your

This will minimize your chances of making it in the audit list. Just because you have filed an amended return, it will
NOT initiate the audit process. There are some extra checks which IRS will perform on amended returns. The
concerned officer will call up the original return and compare it with changes you have made in the amended return.

This gives IRS an opportunity to double check your return. So its important to 'prove' your intentions. For example,
if you have missed out a charitable contribution, then its better to attach a receipt with the amended return, which
will automatically resolve the issue. This will convince the reviewing person that you are sincere in your approach
and you know the rules.

Within how much time you can amend your return?

The legal limitation is three years. So you get three years from the date your original return was due. For example,
amendment to your return filed on April 15, 2005 should have been made before April 15, 2008. So if you have filed
a return by April 15, 2006, then you can still amend it before April 15, 2009. But take my advice, don't prolong too

This provision of limitation is very important if you are due for a refund and still not filed your return for the current
year. Some people just delay it, thinking that they don't owe anything to IRS so delay is fine. But they are wrong in
that assumption, because if the period of three years expires, they lose their tax refunds.

In fact that refund of overpaid money could have been used for paying your subsequent taxes. But due to the delay,
the money is lost. IRS admits from time to time that it is holding billions of dollars in unclaimed refunds.

Remember, there are penalties for non-filing - even if you don't owe any tax. So just go ahead and file. IRS
computers may be looking for the corrections!

If you file an amended return claiming a deduction, which was legitimate and unclaimed, say before two
years, IRS will give you interest on holding your money. (That interest is taxable, of course!)

Q.4 Explain the Auditor in relation with Computer based system?

Ans:- An audit of a computer application will typically contain steps to assess the integrity of the application,
including the completeness, timeliness, and accuracy of the data. An audit of an operational entity, on the other
hand, may rely on the data from an application system, but will probably not fully assess the integrity of that data.
Thus, the auditor is at risk of drawing inappropriate conclusions.

The degree of risk associated with using the data in an audit is proportional to the reliance the auditor places on the
results of the data analyses. When the results are an integral part of the audit, the data's reliability is crucial to
satisfying the audit objectives. In such cases, the auditor should make a more complete assessment of the integrity of
the data before using that data to assess the client's operations.

The issue of data integrity requires the auditor to determine how and to what degree the data integrity must be
examined. How much is too much, resulting in over-auditing, and when is the examination not enough, risking
under-auditing? The answer to this dilemma can be determined by first assessing the "reliability risk," or the
inherent risk of relying on the data analyses, and then determining the amount of data testing that must be done.

Assessing Reliability Risk

As a general rule, auditors cannot simply assume that the computer-based data are reliable. Steps must be taken to
provide reasonable assurance that the data and the results of the analyses will be valid. The evaluation of the data
integrity begins with an assessment of the reliability risk. The reliability risk depends on the planned use of the data,
or how integral the data is to the audit, and on the auditor's knowledge of the system.

Planned Use Knowledge of System = Reliability Risk

The more reliance the auditor is going to place on the results of the data analyses and the less experience the auditor
has with the system, the higher the risk of drawing inappropriate conclusions. The relationship between these
variables can be depicted as follows:

Reliability Risk

The integrity of the data may be the single most significant limitation in the use of CAATTs. However, by following
the guidelines such as those described, the auditor can reduce the likelihood of over-auditing the data where the
controls are strong and the integrity is judged to be high, or under-auditing the data where the integrity is
questionable and the analysis is a key factor in the assessment of the client operations.

The auditor should always evaluate the situation when determining whether or not CAATs should be used to assess
the client operations. There may be times when a 15 percent error rate in the data does not adversely affect the audit
results, but there may also be times when a three percent error rate invalidates the audit findings.

Data testing results can provide the auditor with a much needed measure of the integrity of the data and may also
identify ways to reduce the likelihood of forming invalid opinions. A good understanding of the data integrity issues
can help to ensure that CAATTs remain an effective audit tool.

The development of audit assertions should naturally evolve from this early survey work. The assertions enumerate
expected outcome resulting from anticipated shortcomings in performance. For example, an audit assertion might
state, "Inventory levels are likely to be high in relation to usage levels." Expressed this way, the assertion constitutes
a hypothesis against which an audit test could be designed. At this stage, however, internal auditors should focus on
indentifying risk exposures rather than choosing the specific CAAT applications to use in testing

Q.5 List of accounting standards formulated by the Accounting standards Board of India.

Ans:- Accounting standards

The term standard denotes a discipline, which provides both guidelines and yardsticks for evaluation. As guidelines,
accounting standard provides uniform practices and common techniques of accounting. As a general rule,
accounting standards are applicable to all corporate enterprises. They are made operative from a date specified in the
standard. The Institute of Chartered Accountant of India (ICAI) constituted the Accounting Standards Board (ASB)
in April, 1977 for developing accounting standards. However, the International Accounting Standards Committee
(IASC) was set up in 1973, with its headquarter in London (U.K.).

The Accounting Standards Board is entrusted with the responsibility of formulating standards on significant
accounting matters keeping in view the international developments, and legal requirements in India.

The main function of the ASB is to identify areas in which uniformity in standards is required and to develop draft
standards after discussions with representatives of the Government, public sector undertaking, industries and other

In the initial years the standards are of recommendatory in nature. Once an awareness is created about the benefits
and relevance of accounting standards, steps are taken to make the accounting standards mandatory for all
companies. In case of non compliance, the companies are required to disclose the reasons for deviations and its
financial effect :

Till date, the IASC has brought out 40 accounting standards. However, the ICAI has so far issued 29 accounting
standards. These are :

AS-1 Disclosure of accounting policies (January 1979). This standard deals with the disclosure of
significant accounting policies in the financial statements.

AS-2 Valuation of Inventories (June 1981). This standard deals with the principles of valuing
inventories for the financial statements.

AS-3 (Revised) Cash flow statement (June 1981, Revised in March 1997). This standard deals with the
financial statement which summaries for a given period the sources and applications of an enterprise

AS-4 Contingencies and events occurring after the Balance Sheet date (November 1982, Revised in April,
1995) This standard deals with the treatment of contingencies and events occurring after the balance sheet date.

AS-5 Net profit or loss for the period, prior period (period before the date ofbalancesheet) items and
changes in accounting policies (November 1982, Revised in February 1997). This standard deals with the
treatment in financial statement of prior period and extraordinary items and changes in accounting

AS-6 Depreciation Accounting (November 1982). This standard applies to all depreciable assets.
But this standard does not apply to assets in the category of forests, plantations and similar natural resources and
wasting assets.

AS-7 Accounting for construction contracts (December 1983, revised in April 2003). This standard
deals with accounting for construction contracts in the financial statements of contractors.

AS-8 Accounting for Research and Development (January 1985). This standard deals with the
treatment of costs of research and development in financial statements.

AS-9 Revenue Recognition (November 1985). This standard deals with the bases for recognition of
revenue in the statement of profit and loss of an enterprise.
AS-10 Accounting for fixed assets (November 1991). This standard deals with recognition of fixed assets
grouped into various categories, such as land, building, plant and machinery, vehicles, furniture and Mgifts,
goodwill, patents, trading and designs.

AS-11 Accounting for the effects of change in foreign exchange Rates. (August 1991 and Revised
in 1993). This standard deals with the issues relating to accounting for effect of change in foreign exchange rates.

AS-12 Accounting for Government grants (April 1994). This standard deals with the accounting for
government grants.

AS-13 Accounting for investments (September 1994). This standard deals with accounting aspect
concerning investments in the financial statements. These include classification, determination of cost for
initial recognition, disposal and re-classification of investment.

AS-14 Accounting for amalgamation (October 1994). This standard deals with accounting treatment of
any resultant goodwill or reserves in amalgamation of companies.

AS-15 Accounting for retirement Benefits in the financial statements of employers (January 1995).
This standard deals with accounting for retirement benefits in the financial statements of employers.

AS-16 Borrowing Costs (April 2000). This standard deals with the uses involved relating to capitalization
of interest on borrowing for purchase of fixed assets.

AS-17 Segment reporting (October 2000). This standard applies to companies which have an annual
turnover of Rs 50 crores or more. These companies have to present financial statements and consolidated
financial statements.

AS-18 Related party disclosures (October 2000 revised 1st July 2003). This standard requires certain
disclosure which must be made for transactions between the enterprise and related parties.

AS-19 Leases (January 2001). This standard deals with the accounting treatment of transactions
related to lease agreements.

AS-20 Earning per share (April 2001). This standard deals with the presentation and computation of
earning per share (EPS).

AS-21 Consolidated financial statements (April 2001). This standard deals with the preparation of
consolidated financial statements with an intention to provide information about the activities of a group.

AS-22 Accounting for taxes on Income (April 2001). This standard deals with determination of the
account of tax expenses for the related revenue.

AS-23 Accounting for investments in Associates in consolidated financial statements (July 2001). This
standard deals with the principles and procedures to be followed for recognising, in the consolidated financial

AS-24 Discontinued operations (February 2002). This standard deals with the principles of discontinuing
operations of an enterprise with the activities which are continuing.

AS-25 Interim financial reporting (February 2002). This standard deals with the minimum content of
interim financial report.
AS-26 Intangible Assets (February 2002). This standard prescribed the accounting treatment for
intangible assets which are not covered by any other specific accounting standard.

AS-27 Financial reporting of interest for joint venture (February 2002). This standard sets
principles and procedure for accounting for interest in joint venture.

AS-28 Impairment of Assets (2004). This standard prescribed procedure to ensure that an asset is
carried at no more than its carrying amount and procedures as to when to recognise an asset as impaired.

AS-29 Provision for contingent labilities and contingent assets (2004). This standard deals with
measurement and recognition criteria in three areas, namely provisions, contingent liabilities and contingent

All the above standards issued by the Accounting Standards Board are recommended for use by companies listed on
a recognized stock exchange and other large commercial, industrial and business enterprises in the public and
private sectors.

Q.6 Write the CAAT or special Techniques for Auditing in EDP environment?

Ans:- Electronic data processing is the function of planning, recording, managing and reporting business
transactions by the use of computers and related peripherals. In EDP data is first taken from source documents such
as invoices, revenue receipts, payment vouchers, written checks etc. There after data inputs to the computer where it
is entered via the keyboard or other data entry peripherals. The entered data is then processed according to the
accounting package in use; since there are different structures of modules used in sundry accounting application
software, processing of the same data may differ from one package to another. As I said earlier that reporting is one
of processing features, then it is apparent or undoubted that types of reports produced by different packages may
vary from one system or package to another. For example some system may provide almost all basic financial
reports such as

• The trial balance,

• The statement of financial position commonly known as the balance sheet ,
• The statement of financial performance which is commonly known as the statement of income and
expenditure or The profit and loss account,
• The statement of cash flows,
• The statement of changes in equity

These types of packages offering almost all financial reports may be said to be compatible to all types of financial
processing needs and are really expensive and used in many business and non business entities.


EDP Audit can be conducted with the help of following parameters:

Planning Process: The auditor should gather information about the EDP environment that is relevant to the audit
plan, including information on:
• How the EDP function is organized and the extent of concen¬tration or distribution of computer processing
throughout the entity,
• The computer hardware and software used by the entity,
• Each significant application processed by the computer, the nature of the processing (e.g., batch, online)
and data retention policies, and
• Planned implementation of new applications or revisions to existing application.

While formulating his overall plan, the auditor should consider matters such as the following:

• Determining the degree of reliance that he expects to place on the EDP controls in his overall evaluation of
internal control.
• Planning how, where and when the EDP function will be reviewed including scheduling the work of EDP
experts, as applicable.
• Planning auditing procedures using computer-assisted audit techniques.

Skills and Competence of the professional: For conducting audit in an EDP environment, the auditor should have
an understanding of computer hardware, software and processing systems sufficient to plan the rendezvous and to
understand how the EDP affects the study and appraisal of internal control and the application of auditing
procedures including computer assisted audit techniques.

The auditor should also have a good working knowledge of EDP to put into operation the auditing procedures,
depending on the particular audit come within reach of adoption..

Work Performed by others: In support of forming and expressing an independent judgment on the financial
statements that is to say, Income statement and Balance sheet examined by him, an auditor to some extent has to
depend upon the work of others. While delegating work to his staff or using the work of pervious auditors or
experts, the auditor must be contented with the EDP techniques to direct, administer and review the work of his staff
and to obtain reasonable declaration that the work performed by other auditors or experts with EDP skills is
adequate to serve his rationale, as applicable.

Accounting System and Internal Control: At some stage in the review and preliminary assessment of internal
control, the auditor should acquire knowledge of the accounting system to gain an understanding of the overall
control environment and the flow of transactions. If the auditor plans to rely on internal controls in conducting his
audit, he should consider the manual and computer controls affecting the EDP function (general EDP controls) and
the specific controls over the relevant accounting applications (EDP application controls).

Audit Evidence : An EDP environment may have an effect on the application of observance and substantive
procedures in several ways.

The use of computer-assisted audit techniques may be required due to:

• The absence of input documents (e.g., order entry in online systems) or the generation of accounting
transactions by computer programs (e.g., automatic calculation of discounts) which may prevent the auditor
from examining documentary evidence.
• The lack of a visible audit trial, which would preclude the auditor from visually following transactions
through the computerized accounting system.
• The lack of visible output that may necessitate access to data retained on files readable only by the
Timing of Audit: The timing of auditing procedures may be affected because data may not be retained in computer
files for a sufficient length of time for audit use, and the auditor may have to make specific arrange¬ments to have it
retained or copied. The effectiveness and efficiency of auditing procedures may be improved through the use of
computer-assisted audit techniques in obtaining and evaluating audit evidence, for example:

• Some transactions may be tested more effectively for a similar level of cost by using the computer to
examine a greater number of transactions than would otherwise be selected.
• In applying analytical review, procedures, transactions or balance details may be reviewed and reports of
unusual items printed more efficiently by using the computer than by manual methods.