A2-The effect of IT on the audit Flashcards
1
Q
what is the effect and auditor’s response regarding high intensive IT system
A
- substantive testing alone may not be sufficient
- test of controls should be performed to assess control risk in a highly computerized system
2
Q
what procedures/techniques can auditor use in evidence gathering in regarding IT system?
A
- manual audit procedures (emphasis on input & output): auditing AROUND the computer - does not directly test the application program. test the input, process independently, then compare the results. Only appropriate for simple batch systems with a good audit trail
- computer-assisted audit techniques CAATS (emphasis on input & processing): auditing THROUGH the computer. Includes:
+ transaction tagging: electronically mark or tag specific transaction and follow them thru the client’s system
+ embedded audit modules: program code that collect transaction data
+ test data: to process a set of test “dummy” data, the results of which are already known; OFFLINE and under auditor’s control. ex: invalid numbers, excess pay rate, excess hours
+ integrated test facility: similar to test data, except the test data is commingled (blended) with LIVE data/ONLINE. Test data must be SEPARATED from the live data before the report are created. allow fictitious and real transactions to be processed together w/out client personnel being aware of the testing process.
+ parallel simulation: reperformance test; to reprocess some or all of client’s live data, then compares with independent results. use archived copy. Process client data on a controlled program under the auditor’s control to test controls in the computer system - or use BOTH
3
Q
what is generalized audit software packages (GASPs)?
A
GASPs allow the auditor to perform tests of controls and substantive tests directly on the client’s system. Advantages:
- allow the auditor to sample and test a much higher percentage of transactions
- require little technical knowledge of the client’s hardware and software features
