Test Data Method 1. They employ 1. Auditors rely on the
through-the-computer client’s IT personnel to testing, thus providing obtain a copy of the the auditor with explicit production application evidence concerning under test. The audit application functions. risk here is that the IT personnel may 2. If properly planned, intentionally or test data runs can be accidentally provide the employed with only auditor with the wrong minimal disruption to version of the the organization’s application. operations. 2.Test Data Method 3. They require only produce a static minimal computer picture of application expertise on the part of integrity at a single auditors. point in time. They do not provide a convenient means for gathering evidence of ongoing application functionality.
3. High cost of implementation
Generalize Audit 1.Relatively easy to 1.The high cost of their
Software learn and use. development. It provides a limited 2.Improved efficiencies avility to verify by automating manual programming logic procedures because its application is usually directed to 3.Reduce risk by testing testing client files or entire populations databases reducing reliance on 2. It involves auditing sampling 4.GAS can be after the client has applied to wide variety processed the data of clients with minimal rather than while the customization. This is a data is being single program that can processes. be applied to a wide range of task without having to incur the cost or inconvenience of developing individualized programs. 6.Provides documentation of each test performed in the software that can be used as documentation in auditor's work papers. 7.Independent of the system being audited and needs a ready-only copy of the file. Integrated Test Facility 1.Support continuous 1.The potential of monitoring of controls. corrupting data files 2. Economically tested with test data that may without disrupting the end up in the financial user's operations and reporting process. without the intervention of computer services personnel. 3.Testing can be unscheduled and unknown to other staff. 4. It provides prima facie evidence of correct program functions. Parallel Simulation Is a possibility than Lies in significant cost auditor’s program could of audit programming if have additional controls written uniquely for embedded, which one client. enables the valuation of effects of non-existent control procedures. Embedded Audit 1.Information about 1.CAATs provide the Module control violations and auditor to set up his dollar errors is captured own program to on a continuous, real evaluate transactions time basis. If EAMs are moving through the not present, the audit computer system for organization would processing. have no choice but to 2. Several employ traditional ex- disadvantages in this post auditing setup include that the approaches. Traditional auditor experiences sampling approaches extra overhead in using require the auditor to extra programs to infer the quality of install into the accounting outputs company's software. based on results of 3.The auditor must applying audit note when an unusual procedures to the transaction happens, sample. which may be difficult 2.Using EAMs the audit if not understanding organization is not the normal types of confined to sampling business transactions. processes at the 4.The auditor also runs traditional interim or the risk of security year-end periods. Since issues if unauthorized properly designed EAMs users access the should capture all software program. transaction errors, substantive testing at year end should be virtually eliminated when compared to traditional sampling- approaches. 3. EAMs provide a superior method of ensuring that material errors or control violations are trapped. Even if EAMs are operative only intermittently, sampling risk is reduced, since the auditor has knowledge of all errors in the periods sampled. 4. Since the audit organization can capture control violations and dollar errors at will, this approach would seemingly reduce the extent of compliance testing compared to approaches where EAMs are not used. 5.Where EAMs are to be used only intermittently, their use provides a “surprise” test capability, since the application personnel should not be aware that the auditor has activated the EAMs. Base Case System 1.It develops test data 1.Time consuming Evaluation that purports to test every possible condition 2. Expensive to that an auditor expects develop a client's software will confront. 2. Provides auditor with much more assurance that test data alone.