AUDITING A

COMPUTERISED AIS
AUDITING AIS - INTRODUCTION
Auditing a computerised accounting information system requires
expertise.
Audit firms have specialised software programmes used to carry out
their auditing functions.
Audits are carried out by both internal and external auditors.
AUDITING – INTERNAL AUDITORS
• Internal auditing is an independent appraisal function established within
an organisation to examine and evaluate its activities as a service to the
organisation.
• Internal auditors perform a range of activities such as conducting financial
audits, examining an operation’s compliance with organisational policies,
reviewing the organisation’s compliance with legal obligations, evaluating
operational efficiency, detecting and pursuing fraud within the firm and
conducting IT audits.
• Internal auditors represent the interests of the organisation. Internal audit
function can assist external auditors in performing financial audits and this
is done to achieve audit efficiency and reduce audit fees.
AUDITING – TYPES OF INTERNAL
AUDITS
1. Financial audit – deals with reliability & integrity of financial
transactions & financial statements
2. Information systems audit - primarily focuses on reviewing controls
of an AIS to assess compliance with internal control policies &
procedures and its effectiveness in safeguarding assets. Areas
reviewed relate to input, output, processing controls, back up,
system security & computer facilities.
3. Operational audit - Focus is to assess efficiency & effectiveness use
of resources & attainment of established goals & objectives
AUDITING – TYPES OF INTERNAL
AUDITS
4. Compliance audit - assesses whether entities are complying with
relevant laws, regulations, policies & procedures.
Recommendations are provided for improving where weaknesses
are noted.
5. Investigative audit – this audit examines cases of possible fraud,
misappropriation of assets, waste & abuse or other issues deemed
improper.
AUDITING – EXTERNAL AUDITORS
These are also referred to as independent auditors and they are certified public
accountants. The external auditors are also independent of the organisation being
audited. External auditors represent interests of third party stakeholders in the
organisation such as stockholders, creditors and government agencies. Their main focus
is on financial audit. At the end of the audit they issue an opinion and management
letter.
Assessing Risk
• Audit risk is the probability that the auditor will issue an unqualified (clean) opinion on
financial statements that are in fact materially misstated. Errors may cause material
misstatements or irregularities or both. Errors are unintentional mistakes. On the
other hand irregularities are intentional misrepresentations to perpetrate fraud or to
mislead the users of financial statements. The auditor’s objective is to minimize audit
risk and there are three components of such risk.
AUDITING – TYPES OF RISKS
1. Inherent risk. It is the susceptibility/vulnerability to material risk in the absence of controls.
2. Control risk. It is the risk that a material misstatement will get through the internal control
structure and into financial statements. A company with weak internal controls has a higher
control risk than one with strong controls. Control risk can be determined by reviewing the
control environment and considering weaknesses identified in prior audits and assessing or
evaluating how they have been rectified.
3. Detection risk. It is the risk that auditors and their Audit procedures will not detect a
material error or misstatement.

In their planning the auditors show procedures needed to achieve audit objectives & minimize
these audit risks
 
AUDITING - FINAL
• After the external auditors have collected audit evidence through
observing operating activities, vouching of source documents and
evaluate the audit evidence they document findings.
• They formulate audit conclusions
• They develop management letter with recommendations based on
weaknesses found.
• Prepare a report with either a clean opinion or qualified/adverse
opinion.