ISLAMIC CALL UNIVERSITY COLLEGE

NAME: BUKENYA ERNEST

FACULTY: FACULTY OF BUSINESS AND MANAGEMENT
COURSE: BBA
YEAR:III
SEMESTER:II
COURSE UNIT: ELEMENTS OF AUDITING
REG NUMBER: 192-22114-11179
LECTURER: MR KIZITO NASIIF
QESTIONS
a)Define audit.
b)Explain six objectives of audit.
c)Explain in detail five types of audit.
d)What are the common incidences of computer fraud and abuse?
a)The term “audit” has been derived from the Latin word “audire,” which means “to
hear.” Hence, an auditor is a person who hears or listens. For centuries, audits were
“oral hearings” in which people entrusted with fiscal responsibilities justified their
stewardship. An audit is one assurance service provided by competent and qualified
professional accountants.
According to the audit definition given by the International Federation of Accountants
(IFAC), “An audit is the independent examination of financial information of any entity,
whether profit-oriented or not and irrespective of its size, or legal form when such an
examination is conducted to express an opinion thereon.”
According to R.R. Comber, “Audit is an independent examination of the financial books
and records of some person or persons responsible or accountable to the third party
with a view of verifying the accountancy of statement prepared by or for the accounting
party.”
According to Montgomery, “Auditing is a systematic examination of the books and
records of a business or the organization to ascertain or verify and to report upon the
facts regarding the financial operation and the result thereof.”

b) Objectives of an audit.

This is to express an opinion on financial statements The objectives of the audit can be
categorized into;

1. primary objectives of the audit,

2. subsidiary objectives of the audit.

Primary Objectives of Audit

The main objectives of the audit are known as the primary objectives of the audit.They
are as follows:

1. Examining the system of internal checks.

2. Checking arithmetical accuracy of books of accounts, verifying posting, casting,
balancing, etc.
3. Verifying the authenticity and validity of transactions.
4. Checking the proper distinction between capital and revenue nature of
transactions.
5. Confirming the existence and value of assets and liabilities.
Subsidiary Objectives of Audit

These are such objectives that are set up to help in attaining primary objectives. They
are as follows:

Detection and prevention of errors.

Detection and prevention of fraud.

Under-or over-valuation of stock.

c)Types of audit

1. Internal Audits
Internal audits assess internal controls, processes, legal compliance, and the protection
of assets. The internal audit process can be a helpful tool for businesses to evaluate risk
and identify actionable ways to improve performance.Internal audits are performed by
individuals within the organization. While these individuals aren’t independent of the
organization, they should be independent of the activities they’re auditing.

Advantages of internal audit

More Effective Management
The internal auditor will be able to point out any weaknesses of the organization in the
operations or internal controls of the company.So the management can use these
insights to better the chances of achieving their goals.

On going Review
They do not have to wait for the end of the year to review the company’s performance.
This also means that if they are not on the correct path, this will help them change
course and correct their mistakes immediately.

Performances of Staff Improve

The staff of the company remains alert and active. This is because there is the fear of
their mistakes being caught by the internal auditor almost immediately. This will help
improve their efficiency and performance
Ensures Optimum Use of Resources
It will help point out the areas in which resources are being underutilized or wasted. And
then these can be corrected. It will help control the costs and expenses of the company.
Division of Work
Internal audit helps promote the division of labor. It is important to keep a check on and
observe the activities of all the departments and all of their employees. Division of labor
will help in achieving this
Disadvantages of internal audit
Shortage of Qualified Staff
The work of an audit requires years of study and experience. An inexperienced auditor
can cause more damage than good. So usually, the company will find it somewhat
difficult to find enough qualified staff members for the process of an internal audit.
Time Lag
There will always be a time lag between accounting and auditing. Internal audit cannot
begin till the accounting is complete. They cannot be done simultaneously. So if the
accounting process is delayed, so is the internal audit.

Ignorance of Management
Their findings are only forwarded to the management. internal audit reports points out
to the shortcomings of the company or the errors in the financial statements, the
management may not take corrective action.

2. External Audits
A third party – such as an independent CPA firm – conducts external audits. Once the
audit is complete, a report is distributed to shareholders and stakeholders outside of the
organization. While external audits may vary in what they audit (financial statements,
usage of federal funds, etc.), the main benefit is the independence and objectivity of
the audit team. This gives shareholders and external stakeholders more confidence in
the audit process and report. Example: A manufacturer of car parts is a publicly-traded
company. Publicly traded companies and corporations that sell their shares to the public
are required to have an external auditor audit their financial statements.
3.Financial Statement Audits. These involve independent auditors who will report on
whether a company’s financial statements align with the applicable financial reporting
standards. Auditors are required to accomplish three things:

1. Identify and assess risks of material misstatement, whether due to fraud or error
2. Obtain sufficient audit evidence about whether material misstatements exist
3. Form an opinion on the financial statements or determine that an opinion can’t
be formed
According to the AICPA, these audits are “typically appropriate and often required when
seeking high levels of financing or outside investors, or when selling a business.” The
report can help other businesses, investors, stakeholders, etc., make informed decisions
about the company.Example: If a small business holds a loan or line of credit with a
bank, the bank may require the business to undergo a financial statement audit

4. Performance Audits

Performance audits cover a wide variety of assessments. An entity may request or

require a performance audit to evaluate any of the following objectives:

1. Program effectiveness and results

2. Internal controls
3. Compliance with certain requirements
4. Prospective analysis
Examples of performance audits include:

 Ensuring government services and benefits are delivered to citizens based on

eligibility
 Providing conclusions on current and projected trends and the potential impact
on the business
 Analyzing the cost-effectiveness of a program or activity based on benefits
provided and results achieved
5. Operational Audits
Operational audits review an organization’s activities in relation to specific objectives.
An auditor will analyze processes, procedures, and systems; and evaluate operational
effectiveness, efficiency, and productivity. Benefits of an operational audit include
finding opportunities for improvement and developing recommendations.

Example: A business may have an auditor review its human resources department.
The auditor will investigate department procedures and how efficiently it uses
resources. The final report should include a full department review and identify
opportunities for improvement.
6. Employee Benefit Plan Audits
These analyze and evaluate your benefit plan’s financial statements. This type of audit
can highlight opportunities for improvement within plan operations, efficiencies,
controls, and how well the plan complies with select regulations. Independent public
accountants are the only professionals qualified to perform employee benefit plan
audits.
Example: If your company offers a benefit plan (including 401(k), 403(b), and
employee stock ownership plans), a defined benefit pension plan, or a health plan to
more than 100 eligible participants, you may need an audit.
7.Compliance Audits A compliance audit is when an entity is audited to determine if
it complies with a government’s rules, standards, and requirements. A government sets
the requirements and hires an auditor to evaluate the entity’s compliance with them.
This type of audit determines whether the entity is complying with local laws,
regulations, rules, and provisions of contracts or grant agreements.
Example: A compliance audit can determine if a mill is following the Environmental
Protection Agency (EPA) guidelines for waste disposal. The EPA would send their
internal auditor or hire an audit firm to assess the business and report their findings.

d) Incidences of computer fraud and abuse.

Computer fraud is a cybercrime and the act of using a computer to take or alter
electronic data, or to gain unlawful use of a computer or system.

Computer abuse is the legal term for the use of a computer to carry out improper or
illegal activities, but which do not constitute financial crimes that would be classified as
wire fraud.

The following are the common incidences of computer fraud and abuse.

1.Distributing hoax emails. A hoax is a widely publicized falsehood so fashioned as

to invite reflexive, unthinking acceptance by the greatest number of persons of the
most varied social identities and of the highest possible social pretensions to gull its
victims into putting up the highest possible social currency in support of the hoax.

2.Engaging in data mining via spyware and malware. Data mining is the process
of extracting and discovering patterns in large dat sets involving methods at the
intersection of machine learning, statistics, and data base systems.
3.Hacking into computer systems. To illegally access personal information, such
as credit cards or Social Security Numbers. A security hacker is someone who explores
methods for breaching defenses and exploiting weaknesses in a compute system or
network.
4.Sending compute viruses with the intent to destroy or ruin another party's
computer or system. A computer virus is a type of computer program that, when
executed, replicates itself by modifying other computer programs and inserting its
own code.

5.Accessing unauthorized computers. Unauthorized access could also occur if a

user attempts to access an area of a system they should not be accessing. When
attempting to access that area, they would be denied access.

6. Identity theft.This is a crime that involves one person appropriating the personal
information of another in order to commit fraud. Identity thieves wrongfully obtain the
names, addresses, birth dates, Social Security numbers, and bank account numbers of
their victims and use this information to open credit card accounts, apply for loans, or
open bank accounts
7.White collar crime.This is a non-violent act involving deception, typically
committed by a business person or public official. Evidence in a white collar crime
usually involves a "paper trail," of evidence that investigators use to prosecute the case.

References
Auditing and Assurance Services 16th Edition
The Internal Auditing Pocket Guide: Preparing, Performing, Reporting and
Follow-up
Simplified Approach to Advanced Auditing and Professional Ethics.