A U D I T I N G A N D C O R P O R AT E G O V E R N A N C E

S A K S H A M G U P TA
RECENT TRENDS IN AUDITING
 ARTIFICIAL INTELLIGENCE AND ROBOTIC
AUTOMATION

• Improvement in the accounting process

• Increased responsibility of the auditors
• Increased automation
 SOCIAL AUDIT

• Formal review of a company's endeavors in social responsibility

• Optional
• No fixed standards
 INFLATION ACCOUNTING

• Adjustment of prices as per inflation

• Also known as price level accounting
 HUMAN RESOURCE AUDIT

• Judge organisations performance and effectiveness of HR management

 OBJECTIVES OF HR AUDIT

1) To review every aspect of management of HR to determine the effectiveness of each

programmes in an organisation.
2) To seek explanation and information in respect of failure and success of HR.
3) To evaluate implementation of policies.
4) To evaluate the performance of personnel staff and employees.
5) To seek priorities, values and goals of management philosophy.
 COMPUTERIZED AUDITING

C O M P U T E R A U D I T I N G I S A S Y S T E M AT I C A N D
L O G I C A L P R O C E S S T H AT F O L L O W S A R I S K B A S E D
A P P R OAC H TO D E T E R M I N E W H E T H E R T H E
I N F O R M AT I O N S Y S T E M S O F A N E N T I T Y,
I N C L U D I N G I T S D E TA I L E D I N F O R M AT I O N
TECHNOLOGY PROCESS, CONTROLS AND
AC TI VI TI ES, WI L L AC HI EVE I TS I T OB J EC TI VES
W I L L T H E R E B Y U LT I M AT E LY E N A B L E T H E
O R G A N I S AT I O N T O A C H I E V E T H E I R
O R G A N I S AT I O N A L G O A L S .
 BENEFITS OF COMPUTERIZED AUDIT

• SPEED
• AC C URAC Y
• G R E AT E R E C O N O M Y
• BETTER RECORDS
• G R E AT E R I N F O R M AT I O N
• AVO I D OV E RT I M E
• REDUCTION IN AUDIT FEE
D I S A D VA N TA G E S O F C O M P U T E R I Z E D
AUDIT
• SET UP COST
• TIME CONSUMING
• IT SKILLS REQUIRED
• LACK OF TRAINING
• C O R R U P T I O N O F D ATA
 COMPUTER AIDED
AUDIT TECHNIQUES
MEANING

• Tool which is used by the auditors.

• Computer assisted audit techniques (CAATs) refer to the use of technology to help you
evaluate controls by extracting and examining relevant data.
• Helps the auditor to work in an efficient and productive manner.
• Facilitates them(auditors) to make search of the irregularities from the given data.
AUDIT SAMPLING

Audit sampling can be defined as the process of applying auditing procedures to under
100% of different items in an organization's account balance in a way that every single unit
might have an equal probability of being selected.
DISASTER RECOVERY SYSTEM

• Involves a set of policies, tools and procedures to enable the recovery or continuation of vital
technology infrastructure and systems following a natural or human-induced disaster
• Involves keeping all essential aspects of a business functioning despite significant disruptive
events. Disaster recovery can therefore be considered as a subset of business continuity.[2
IDEA

IDEA Smart Analyzer is a collection of queries and tasks that can be used on
every audit engagement to improve audit quality and consistency. IDEA Smart Analyzer
offers an extensive set of routines for the analysis of general ledger, accounts receivable,
inventory, fixed assets and accounts payable transactions.
HISTORY OF EDP AUDITING
• Electronic Data Process (EDP) Auditing developed largely as a result of the rise in technology
in accounting systems.
• In 1968, the American Institute of Certified Public Accountants (AICPA) had the Big Eight (now
the Big Four) accounting firms participate in the development of EDP auditing. The result of
this was the release of Auditing & EDP. The book included how to document EDP audits and
examples of how to process internal control reviews.
• EDP auditors formed the Electronic Data Processing Auditors Association (EDPAA). The goal of
the association was to produce guidelines, procedures and standards for EDP audits. In 1977,
the first edition of Control Objectives was published. This publication is now known as Control
Objectives for Information and related Technology (CobiT).
• CobiT is the set of generally accepted IT control objectives for IT auditors. In 1994, EDPAA
changed its name to Information Systems Audit and Control Association (ISACA). The period
from the late 1960s through today has seen rapid changes in technology from
the microcomputer and networking to the internet and with these changes came some major
events that change IT auditing forever.
• The formation and rise in popularity of the Internet and E-commerce have had significant
influences on the growth of IT audit.
EDP ENVIRONMENT

• CONSIDERATIONS TO BE TAKEN IN ACCOUNT IN A EDP ENVIRONMENT:

o Skill and competence
o Work performed by others adequate for his purpose
o Planning
o Accounting system and internal control
o Audit procedures
INTERNAL CONTROL IN AN ELECTRONIC DATA
PROCESSING SYSTEM
INTERNAL CONTROLS IN COMPUTER BASED
ACCOUNTING SYSTEM ARE OF TWO BASIC
TYPES:

1) GENERAL CONTROLS OR ORGANIZ ATION

CONTROLS
2) APPLICATION OR PROCEDURAL CONTROLS
General controls
This control covers the environment in which computer processing is conducted. Some of the
objectives of general control include:
a) To ensure adequate segregation of duties, that is, division of functional responsibilities
b) To protect information contained in computer records etc. General controls can be
subdivided into:
i) Systems development and control
ii) Administrative controls
• Authorization:
• File conversion:
• Documentation:
• Standards:
ADMINISTRATIVE CONTROLS
THIS INCLUDES:
a) Division or segregation of duties:
b) Control over computer operators
c) File control:
i) File storage procedure:
ii) Protection rings
iii) File identification procedures:
iv) File reconstruction procedures:
v) General security:
APPLICATION OR PROCEDURAL CONTROL:

a) Input controls:
b) Processing control
i. Check digit verification
ii. Characteristics presence check
iii. Limit or range check
iv. Completeness check
v. Sequence check
vi. Screen check
c)Output control
d)Master file controls
• Use of non-EDP segment of internal control.
• Traces data from output to source documents and from source documents to output.
• Involves auditor's actual evaluation of the hardware and software under EDP environment.
 • Retrieve the data stored in the computer.
GET
• vouching sales receipts, supply invoices, etc. to verify the data entered into
ELECTRONIC
DATA
the computer.

• Conversion of data from stored software to auditing software.

DATA • Ensures consistency when data is stored in different softwares.
CONVERSION

• Verification of procedure followed.

• Obtaining evidence.
COMPLIANCE
TEST • Examination of internal control.

• Verification the completeness, validity and accuracy of a client's records.

• Physical verification of tangible items.
SUBSTANTIVE
TEST • Confirmation from suppliers.

• Written and signed.

• Includes auditor's opinion and his recommendations.
REPORTING • Should be objective, clear, concise and timely.
• Use of non-EDP segment of internal control.
• Traces data from output to source documents and from source documents to output.
• Involves auditor's actual evaluation of the hardware and software under EDP environment.
 WHAT SKILLS ARE
REQUIRED FOR AN
EDP AUDITOR?
• Critical Thinking
• Complex Problem Solving
• Judgment and Decision Making
• Active Learning
• Systems Analysis
• Troubleshooting
• Learning Strategies
• Operations Analysis
• Systems Evaluation
WHAT KNOWLEDGE IS
NEEDED TO BE AN EDP
AUDITOR?
• Clerical
• Engineering and Technology
• Administration and Management
• Mathematics
• Communications and Media
• Computers and Electronics
WHAT ARE THE
WORK STYLES OF
AN EDP AUDITOR?
• Dependability
• Attention to Detail
• Analytical Thinking
• Integrity
• Initiative
• Innovation
• Adaptability/Flexibility
• Stress Tolerance
• Persistence