Scribd Logo
Upload

Welcome to Scribd!

  • Bab 12. Pengaruh Teknologi Informasi Dalam Proses Audit

    Uploaded by

    Erlangga
    75 views28 pages
    This document discusses the impact of information technology on the audit process. It describes how general controls and application controls in an IT environment affect control risk and substantive testing. It also discusses audit approaches for less complex IT environments that rely more on manual controls versus more complex IT environments that utilize networks, databases, e-commerce systems, and outsourced IT functions.

    Original Description:

    audit

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses the impact of information technology on the audit process. It describes how general controls and application controls in an IT environment affect control risk and substantive testing. It also discusses audit approaches for less complex IT environments that rely more on manual controls versus more complex IT environments that utilize networks, databases, e-commerce systems, and outsourced IT functions.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    75 views28 pages

    Bab 12. Pengaruh Teknologi Informasi Dalam Proses Audit

    Uploaded by

    Erlangga
    This document discusses the impact of information technology on the audit process. It describes how general controls and application controls in an IT environment affect control risk and substantive testing. It also discusses audit approaches for less complex IT environments that rely more on manual controls versus more complex IT environments that utilize networks, databases, e-commerce systems, and outsourced IT functions.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 28

    Bab 12

    Pengaruh Teknologi Informasi


    dalam Proses Audit
    Bagaimana Teknologi informasi
    Meningkatkan Pengendalian intern
     Pengendalian komputer menggantikan
    pengendalian manual

     Tersedianya informasi yang berkualitas tinggi


    Penilaian risiko
    Teknologi Informasi

     Risiko perangkat keras dan data


     Mengurangi audit trail

     Kebutuhan pengalaman dan


    pembagian tugas teknologi informasi
    Risiko Perangkat Keras dan Data

     Ketergantungan pada kemampuan fungsi


    perangkat keras dan perangkat lunak.

     Kesalahan sistematis dan acak

     Akses tanpa otorisasi

     Kehilangan data
    Mengurangi Audit Trail

     Visibility of audit trail

     Mengurangi keterlibatan manusia

     Berkurangnya otorisasi tradisional


    Kebutuhan pengalaman dan
    pembagian tugas teknologi informasi

     Mengurangi pembagian tugas

     Membutuhkan pengalaman teknologi informasi


    Pengendalian intern Dalam
    Teknologi Informasi

     Pengendalian umum
     Pengendalian aplikasi
    Hubungan antara Pengendalian Umum
    dan Pengendalian Aplikasi
    Risk of unauthorized change
    Risk of system crash
    to application software

    Cash receipts
    application
    controls
    Sales Payroll
    application application
    controls controls
    Other cycle
    application
    controls

    Risk of unauthorized GENERAL CONTROLS Risk of unauthorized


    master file update processing
    General Controls

     Administrasi fungsi IT

     Pembagian tugas IT

     Pengembangan sistem

     Keamanan phisik dan online

     Backup and contingency planning

     Pengendalian perangkat keras


    Administration of the IT Function

    Masalah penting IT dalam suatu organisasi tergantung


    sikap dan tangggungjawab Dewan Komisaris dan
    Senior Management
    Segregation of IT Duties

    Chief Information Officer or IT Manager

    Security Administrator

    Systems Data
    Development Operations Control
    Systems Development

    Typical test
    strategies

    Pilot testing Parallel testing


    Physical and Online Security

    Physical Controls: Online Controls:


     Keypad entrances  User ID control
     Badge-entry systems  Password control

     Security cameras  Separate add-on


    security software
     Security personnel
    Backup and Contingency Planning

    One key to a backup and contingency plan


    is to make sure that all critical copies of
    software and data files are backed up
    and stored off the premises.
    Hardware Controls

    These controls are built into computer


    equipment by the manufacturer to
    detect and report equipment failures.
    Application Controls

     Input controls

     Processing controls

     Output controls
    Input Controls

    These controls are designed by an


    organization to ensure that the
    information being processed is
    authorized, accurate, and complete.
    Batch Input Controls

     Financial total

     Hash total

     Record count
    Processing Controls

     Validation test

     Sequence test

     Arithmetic accuracy test

     Data reasonableness test

     Completeness test
    Output Controls

    These controls focus on detecting errors


    after processing is completed rather
    than on preventing errors.
    Impact of Information Technology
    on the Audit Process
     Effects of general controls on control risk

     Effects of IT controls on control risk and


    substantive tests

     Auditing in less complex IT environments

     Auditing in more complex IT environments


    Test Data Approach

    1. Test data mencakup semua kondisi yang relevan


    sesuai dengan uji yang dilakukan auditor.

    2. Program aplikasi diuji oleh auditor dengan


    menggunakan test data harus sama seperti
    yang digunakan klien selama suatu periode

    3. Test data harus dieliminasi dari catatan klien.


    Test Data Approach

    Input test
    transactions to test
    key control
    procedures

    Application programs Transaction files


    Master files (assume batch system) (contaminated?)

    Control test
    Contaminated results
    master files
    Test Data Approach

    Control test
    results

    Auditor-predicted results
    Auditor makes of key control procedures
    comparisons based on an understanding
    of internal control

    Differences between
    actual outcome and
    predicted result
    Parallel Simulation

    The auditor uses auditor-controlled software


    to perform parallel operations to the client’s
    software by using the same data files.
    Parallel Simulation

    Production Master
    transactions file

    Auditor-prepared Client application


    program system programs

    Auditor Client
    results results

    Auditor makes comparisons between Exception report


    client’s application system output and noting differences
    the auditor-prepared program output
    Embedded Audit Module Approach

    Auditor inserts an audit module in the


    client’s application system to identify
    specific types of transactions.
    Issues for Different
    IT Environments

     Issues for network environments

     Issues for database management systems

     Issues for e-commerce systems

     Issues when clients outsource IT

    You might also like