AUDITING COMPUTER-BASED

INFORMATION SYSTEM
AND
THE REVENUE CYCLE: SALES TO CASH
COLLECTIONS
Group 6:
Florencia Irene Purwanto (1813098)
Yuro Dwinanda Liwan (1813108)
Michelle Loeferdy (1813109)
1. Financial audit

2. Information systems AUDITING

3. Operational audit TYPES OF INTERNAL AUDITS

4. Compliance audit

5. Investigative audit
 Overview Audits may be divided into four
The Of The stages:
Audit 1. Planning
Process 2. Collecting evidence
Nature 3. Evaluating evidence
4. Communicating audit results
of The Risk- Framework for conducting
Based information system audits:
Audit 1. Determine the threats facing the company
Auditing Approach 2. Identify the control procedures
3. Evaluate control procedures
4. Evaluate control weaknesses
 Information
Systems
Audits

When performing an information systems audit, auditors

should ascertain that the following six objectives are met:
1. Security provisions protect computer equipment, programs,
communications, and data from unauthorized access, modification, or
destruction.
2. Program development and acquisition are performed in accordance with
management's general and specific authorization.
3. Program modifications have management's authorization and approval.
4. Processing of transactons, files, reports, and other computer records is
accurate and complete.
5. Source data that are inaccurate or improperly authorized are identified and
handled according to prescribed managerial policies.
6. Computer data files are accurate, complete, and confidential
 Audit Software
Most popular audit software packages
are:
1. Audit control language (ACL)
2. Interactive data extraction and
analysis (IDEA)

Operational
Audits of an AIS
The step in an operational audit are:
1. Audit planning
2. Evidence collection.
 Revenue Cycle
Information System
AOE’s customers can place orders directly via the Internet. In addition, salespeople use
portable laptops to enter orders when calling on customers. The sales department enters
customer orders received over the telephone, by fax, or by mail. Regardless of how an order is
unitially received, the system quickly verifies customer credit worthiness, checks inventory
availability, and notifies the wareheuse and shipping departments about the approved sale.

ACTIVITY THREATS CONTROLS

 Sales Order Entry
ln the past, customers orders were entered into the system by employees. lncreasingly, organizations seek to
leverage IT to have customers do more of the data entry themselves. One way to accomplish this is to have
customers complete a form on the company's Web site. Another is for customers to use electronic data interchange
(EDI) to submit the order electronically in a fomat compatible with the company's sales order processing system.
Both techniques improve efficiency and costs by eliminating the need for human involvement in the sales order entry
process.

1 2 3

ACTIVITY THREATS CONTROLS

Shipping
The picking ticket generated by the sales order entry process
triggers the pick and pack process. Warehouse workers use the
picking ticket to identify which products, and the quantity of each
product, to remove from inventory.

ACTIVITY THREATS CONTROLS

 Billing

The basic document created in the billing process is the sales

invoice which notifies customers of the amount to be paid and
where to send payment. Like many companies, AOE still prints
paper invoices that it mails to many of its smaller customers Larger
customers, however, receive invoices via EDI.

1 2 3

ACTIVITY THREATS CONTROLS

 Cash Collections

Because cash and customer checks can he stolen easily, it is important to take appropriate
measures to reduce the risk of theft. As discussed more fully in the section on controls, this
means that the accounts receivable function. which is responsible for recording customer
remittances, should not have physical access to cash or checks. lnstead, the cashier, who
reports to the treasurer, handles customer remittances and deposits them in the bank.

ACTIVITY THREATS CONTROLS

THANK YOU