Professional Documents
Culture Documents
Auditing, Assurance, and Internal Control
Auditing, Assurance, and Internal Control
Syllabus
Course Description
Textbooks
Course Objectives
Exams
Research Papers
Assignments
Class Schedule
Performance Evaluation
Syllabus (cont.)
Class Format
Lecture
and Discussion
In-Class Assignments
Short Presentations
Academic Dishonesty
Disruption of the Academic Process
IT AUDITS
FRAUD AUDITS
EXTERNAL AUDITS
SECs role
Sarbanes-Oxley Act
FASB - PCAOB
CPA
AICPA
6
ASSURANCE
IT Risk Management
I.S. Risk Management
Operational Systems Risk Management
Technology & Security Risk Services
Typically a division of assurance services
ATTEST definition
Written assertions
Practitioners written report
Formal establishment of measurement criteria
or their description
Limited to:
Examination
Review
Application of agreed-upon procedures
THE IT ENVIRONMENT
10
The IT Audit
The IT Audit
INTERNAL CONTROL
14
15
16
Accounting provisions
2.
3.
4.
2.
17
2.
3.
Is widely adopted
18
2.
19
of risk
Destruction
of assets
Theft of assets
Corruption of information or the I.S.
Disruption of the I.S.
20
controls
Detective controls
Corrective controls
Which
controls
21
The
control environment
Risk assessment
Information & communication
Monitoring
Control activities
22
SAS 78
SAS 78
(#1:Control Environment -- elements)
The
SAS 78
(#1:Control Environment -- elements)
Managements methods of assessing
performance
External influences
Organizations policies and practices for
managing human resources
25
SAS 78
(#1:Control Environment -- techniques)
SAS 78
(#2:Risk Assessment)
Changes in environment
Changes in personnel
Changes in I.S.
New ITs
Significant or rapid growth
New products or services (experience)
Organizational restructuring
Foreign markets
New accounting principles
27
SAS 78
(#3:Information & Communication-elements)
28
SAS 78
(#3:Information & Communication-techniques)
Accounting
Processing
steps:initiation to inclusion in
financial statements (illustrate)
Financial
SAS 78
(#4: Monitoring)
30
SAS 94
The Effect of Information Technology on the Auditors Consideration of
Internal Control in a Financial Statement Audit
31
SAS 78
(#5: Control Activities)
32
Transaction authorization
Segregation of duties
Example:
Supervision
33
Access controls
Fraud
Disaster Recovery
Independent verification
Examples
34
IT Risks Model
Operations
Data
management systems
New systems development
Systems maintenance
Electronic commerce (The Internet)
Computer applications
35
End Ch. 1
36