Professional Documents
Culture Documents
Auditing in EDP
Environment
Submitted To :- Submitted By :-
Mrs. Monika Bhatia Ma’am Rohan Singh
Introduction
➔ In recent years there has been a rapid development in the use of computers as a means of
producing financial information. This development has created certain problems for the auditor
in that although general auditing principles have not been affected.
➔ As a result of this, there has emerged from within the accounting profession a group of
electronic data processing (EDP) audit specialists, equipped with sufficient technical expertise to
make an intelligent analysis of complex computer audit situations.
Functions of EDP Audit
To commence the auditing process, auditors must first retrieve the data stored in the
computer. Documents such as sales receipts and supplies invoices are used to verify the
data entered into the computer. This ensures that correct information was input into the
computer.
2. Data Conversion
Organizations use different types of software to store their data. This data should be
converted from the stored software to the auditing software. This is done using special
software programs known as package and utility programs. This ensures that there is no
inconsistency when auditing data stored in different software.
3. Compliance Test
Auditors need to verify that procedures followed when entering data into the data
processing system are being applied as prescribed. These procedures act as the
underlying evidence of whether the accounting data is correctly fed into the processing
system. Obtaining this evidence involves reviewing the accounting journals, ledgers and
worksheets.
4. Substantive Test
Auditors obtain evidence to verify the completeness, validity and accuracy of a client's
records. This evidence is an important factor in determining the auditor's opinion on the
records. Substantive tests in a merchandising firm would include examining inventory at
the end of the period to verify that the levels of such inventory are as indicated in the
records
5. Reporting
1. Organisational Review
2. System Review
1. Organisational Review
Serious weaknesses in internal control within the EDP department itself can
throw doubt on the validity of all the data it produces.
2. System Review
System review is a detailed review of the controls operating within each computer-based
accounting system. This review seeks to establish that controls operate within each individual
system which, inter alia, ensure the following:
Both types of review are carried out by the use of questionnaires and these questionnaires
are based on the ‘key question’ principle. It is necessary to evaluate both the general and
computer questionnaires together to obtain a proper understanding of the system and to
assess the significance of individual controls.
Approaches to EDP Auditing
Rapid changes in hardware and software have changed the conceptual approach to
auditing in an EDP environment.
In earlier times, audit approach consisted of ignoring the existence of computer, was
treated it as a black box and audit was conducted around the computer.
However, the increasing developments of computers has since led to computers being
used in two different ways:
Auditing around the computer involves arriving at a conclusion through examining the
internal control system for computer installation and the input and output only for
application systems.
On the basis of the quality of the input and output of the application system, the auditors
take decision about the quality of the processing carried out.
Usually the auditors adopt this approach of auditing around the computer, when any of the
following conditions are fulfilled.
The auditor can use the computer to test the logic and controls existing within the system and the
records produced by the system.
Depending upon the complexity of the application system being audited, the approach may be fairly
simple or require extensive technical competence on the part of the auditor.
Following are the situations where auditing through computer must be adapted:
● The logic of the system is complex and there are large portions that facilitate use of the system or
efficient processing.
● The application system processes large volumes of inputs and produces large volumes of output
that makes extensive direct examination of the validity of input and output difficult.
● Because of cost-benefit considerations, there are substantial gaps in the visible audit trial.
● Significant parts of the internal control system are embodied in the computer system.
Special Techniques for Auditing in an
EDP Environment
The techniques, which involve the use of the computer for audit
purposes, are known as ‘Computer assisted audit techniques’
(CAATs).
What are CAATs?