TASK III

Auditing & Assurance 2

Lecture:
Drs. Sudarmadji Herry Sutrisno, Ak., MM., CPA., CA.

Created By:
Raisafira Astriani (023001800054)
Mutia Rasya Azzahra (023001801148)
Saviera Fasha (023001801199)

JURUSAN AKUNTANSI
FAKULTAS EKONOMI DAN BISNIS
UNIVERSITAS TRISAKTI
JAKARTA
2020
a. Case7.4
Figure 7.1. showed that there are two based levels of regulation and control relating to the
external and internal environment. Assume that you are the auditor of an entity providing
advice to clients on financial statements. You are aware that there have been serious
reductions in the value of shares quoted on pensions in the entry should react in to this
external factor.
• Consider the control environment of the entry and auditors.
Answer
As an auditor, we have to search for the cause of the reduction in the value of shares of
pensions. We have to consider the external environment; the regulatory response to this
reduction because pension is regulated in the government in Undang Undang. We also have
to consider the control environment of integrity, ethical values and competence if the
company has a high level of integrity, ethical value and competence hence we give the
advice regarding the government regulation. Furthermore, we have to consider the control
procedures and the risk assessment of entity because if it is low, then we have to write a
letter to the management.

b. Case 7.5
As organizations have become more dependent on the reliability of information systems,
they have become more aware of the need to maintain quality of system. If you were asked
to set up a quality standards group, what role do you think it should have and what steps
should have and what steps should be taken to renders it effective?
Answer
The system is a group of elements integrated with the same intention to achieve a goal. The
elements in the system consist of input elements, process (transformation) elements, output
elements and feedback elements. Each system has general characteristics which consist of:
system objectives, subsystems, system boundaries, system relationships, system hierarchy,
system environment, input, process and output.

Companies must have an information system with the criteria of interconnected

components, which collect (or get back), process, store, and distribute information to
support decision making and control in an organization. A good quality system is when the
demand and supply aspects are perfectly matched.
 To form an effective system quality standard, the steps taken are to determine company
goals and strategies to achieve them supported by implementing a system that can be
measured with standards such as:
1. Information systems must be in accordance with the budget and quality of human
resources and company goals
2. Functionality. The degree of software meets predefined requirements and has the
following sub-attributes: suitability, accuracy, interoperability, suitability, security and
effectiveness.
3. System reliability such as the amount of time available for software use and has sub-
sub-attributes: maturity, fault tolerance, ability to perform recovery.
4. The system must be clear and not difficult so that it is easy to implement in the
company. In addition, company human resources must also be trained on how to
operate the system so that the output that will be given will be synergistic and satisfying.
5. Standardized information systems must comply with applicable company rules and
regulations.
6. Maintenance, the ability of the software to be modifiable. Modifications can take the
form of corrections, enhancements or adaptations of software to changing
environments, as well as in functional specifications and requirements.
7. Portability, the ability of software to be transferred from one environment to another.

System quality standards can also be set by following ISO 9126. In addition, a quality
system must also be supported by managers who have competency, skills, knowledge, good
decision making and also the employees who are able to operate it properly and have the
skill.

c. Case 7.6
Segregation of duties is a basic requirement of a good control systems. Explain what is
meant by the statement and show how segregation of duties in modern computer systems
might differ from that in a manual system.
Answer
In business, it is important to separate employee duties as it can help protect assets among
many other useful components. Segregation of duties can help place internal control over
company assets. Segregation of duties can help to practice bookkeeping more efficiently
and effectively because it prohibits the allocation of responsibility to one person. That way,
the separation of duties can create a good control system.

In manual system, one of control principles is segregation of functions/duties. This controls

is to mitigate the risk of collusion among functions, control override, and fraudulent
actions. This segregation of functions generally entail dividing the responsibility for
recording (accounting), approving transactions (authorizing), and handling asset (custody),
as well as access control to data.

If the segregation of duties/ functions is not practical and not cost effective, then
management must develop alternative control activities (compensating controls). The same
principle is also applied in IT System, but with different implementation due to different
process. The IT environment tends to consolidate activities. A single application may
authorize, process, and record all aspects of a transaction. Thus, the focus of segregation
control shifts from the operational level (transaction processing tasks that computers now
perform) to higher-level organizational relationships within the computer services function.
Segregation of functions in applications is less visible and to be consolidated, meanwhile
segregation of functions in IT unit is manageable.