For what reasons does an auditor obtain an understanding of the internal control structure?

The auditor should have an understanding of the components of the internal control of the company
that are applicable to the audit, including the assessment of the nature of the control; and the
determination of whether it has been implemented. Because having effective internal control can
reduces the risk of asset losses and helps us ensure that the information on the plan is correct and
precise, that the financial statements are credible and that the activities of the plan are carried out in
compliance with the rules of the relevant laws and regulations. When internal control is successful, you
have clear knowledge that the strategy is fulfilling its financial reporting goals.

Will there be a difference on the consideration of internal control for EDP?

No, because many of the control processes used in manual processing in CIS environment. For example,
transaction authorization, proper separation of duties and independent verification. The elements of
internal control for EDP are the same; the software only modifies the methods under which these
elements are applied.

What are the internal controls that may be applied on EDP activities?

The internal controls that may be applied on EDP activities are the general controls and application
controls where the general controls will defined the strengths and weaknesses that will included in the
examination of the program system it includes reviewing documents, interviewing data-processing
employees and customers, and evaluating the internal activity of general controls. Application Controls
in the other hand, is provide appropriate evidence that the documentation, collection and monitoring of
data is taken out correctly.