Scribd Logo
Upload

Welcome to Scribd!

  • The Impact of Information Technology On The Audit Process

    Uploaded by

    Syifa Noor Alifah
    2 views38 pages

    Original Title

    Arens14e_ch12_ppt.ppt

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2 views38 pages

    The Impact of Information Technology On The Audit Process

    Uploaded by

    Syifa Noor Alifah

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 38

    The Impact of Information

    Technology on the Audit


    Process
    Chapter 12

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    5-5

    Learning Objective 1
    Describe how IT improves internal
    control.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 2

    How Information
    Technologies Enhance
    Internal Control
    Computer controls
    replace manual
    controls

    Higher-quality
    information is
    available
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 3

    Learning Objective 2
    Identify risks that arise from using an
    IT-based accounting system.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 4

    Assessing Risks of
    Information Technologies
    Risks to hardware and data
    Reduced audit trail
    Need for IT experience and
    separation of IT duties

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 5

    Risks to Hardware and Data


    Reliance on
    hardware and
    software

    Data loss
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    Unauthorized
    access

    Systematic
    vs.
    random errors
    12 - 6

    Reduced Audit Trail


    Visibility of
    audit trail
    Lack of
    traditional
    authorization

    Detection risk

    Reduced
    human
    involvement
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 7

    Need for IT Experience and


    Separation of Duties
    Reduced separation of duties
    Need for IT experience

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 8

    Learning Objective 3
    Explain how general controls and
    application controls reduce IT risks.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 9

    Internal Controls Specific to


    Information Technology
    Information technology controls

    Application
    controls

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    General
    controls

    12 - 10

    Relationship Between
    General
    and Application Controls

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 11

    Categories of General and


    Application Controls

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 12

    Administration of the IT
    Function

    The perceived importance of IT within an


    organization is often dictated by the attitude o
    the board of directors and senior management

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 13

    Segregation of IT Duties

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 14

    Systems Development
    Typical test
    strategies

    Pilot testing

    Parallel testing

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 15

    Physical and Online Security


    Online Controls:
    User ID control
    Password control
    Separate add-on
    security software

    Physical Controls:
    Keypad entrances
    Badge-entry systems
    Security cameras
    Security personnel

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 16

    Backup and Contingency


    Planning
    Offsite storage of critical files is a key
    element to a backup and contingency plan

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 17

    Hardware Controls
    These controls are built into computer
    equipment by the manufacturer to
    detect and report equipment failures.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 18

    Application Controls
    Application controls are designed for each
    software application

    Input
    controls

    Output
    controls

    Processing
    controls
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 19

    Input Controls
    These controls are designed by an
    organization to ensure that the
    information being processed is
    authorized, accurate, and complete.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 20

    Batch Input Controls


    Financial total

    Total for all


    records in a batch

    Hash total

    Total of codes
    from all batch
    records

    Record count

    Total of records
    in a batch

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 21

    Processing Controls
    Validation test

    Correct file,
    database, or program?

    Sequence test

    Correct
    processing order?

    Arithmetic
    accuracy test

    Accuracy of
    processed data?

    Data reasonableness
    test

    Data exceeds
    preset amounts?

    Completeness test
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    Completeness
    of record fields?
    12 - 22

    Output Controls
    These controls focus on detecting errors
    after processing is completed rather
    than on preventing errors.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 23

    Learning Objective 4
    Describe how general controls affect
    the auditors testing of application
    controls.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 24

    Impact of Information
    Technology on the Audit Process
    Effects of general controls on system-wide
    applications

    Effects of general controls on software chan


    Obtaining an understanding of client
    general controls
    Relating IT controls to transaction-related
    audit objectives
    Effect of IT controls on substantive testing
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 25

    Auditing in IT Environments
    with Varied Complexity
    Audit around
    the computer

    LESS

    Smaller IT controls
    companies < effective
    Audit though
    the computer

    MORE

    Parallel
    simulation
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    Test data
    12 - 26

    Auditing Around and


    Through the Computer

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 27

    Learning Objective 5
    Use test data, parallel simulation, and
    embedded audit module approaches
    when auditing through the computer.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 28

    Test Data Approach


    1.

    Test data should include all relevant


    conditions that the auditor wants tested.

    2.

    Application programs tested by the


    auditors test data must be the same as
    those the client used throughout the year.

    3.

    Test data must be eliminated from the


    clients records.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 29

    Test Data Approach


    Input test
    transactions to test
    key control
    procedures

    Master files

    Contaminated
    master files

    Application programs
    (assume batch system)

    Transaction files
    (contaminated?)

    Control test
    results

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 30

    Test Data Approach


    Control test
    results

    Auditor makes
    comparisons

    Auditor-predicted results
    of key control procedures
    based on an understanding
    of internal control

    Differences between
    actual outcome and
    predicted result
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 31

    Parallel Simulation
    The auditor uses auditor-controlled software
    to perform parallel operations to the clients
    software by using the same data files.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 32

    Parallel Simulation
    Production
    transactions

    Master
    file

    Auditor-prepared
    program

    Client application
    system programs

    Auditor
    results

    Client
    results

    Auditor makes comparisons between Exception report


    clients application system output and noting differences
    the auditor-prepared program output
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 33

    Embedded Audit Module


    Approach
    Auditor inserts an audit module in the
    clients application system to identify
    specific types of transactions.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 34

    Embedded Audit Module


    Approach

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 35

    Learning Objective 6
    Identify issues for e-commerce
    systems and other specialized IT
    environments.

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    12 - 36

    Issues for Different IT


    Environments
    Network
    Environments

    Outsourced
    IT
    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    Database
    Management
    Systems

    e-Commerce
    systems
    12 - 37

    End of Chapter 12

    2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley

    5-5

    You might also like