Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AUD CPA > Auditing IT > Flashcards

Auditing IT Flashcards

1
Q

Effects of Information technology

A

Every component of internal control (CRIME)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Information Technology: Increased risks

A

No automatic judgment or discretion - IT cannot distinguish between reasonable and unreasonable data

No physical trace of “natural” audit trail for online transactions

High concentration of duties - poor separation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IT Controls

A

General Controls - refers to the system built around IT; any weakness in general controls will have a pervasive effect on entire system

Application Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IT: General Controls

A
  1. Separate IT from users of output
  2. IT Department should never authorize or initiate transactions
  3. IT Department only processes transactions
  4. Procedures to review, test, approve, and document:
    -Systems and changes to systems
    -Programs and changes to programs
  5. Hardware/software controls - firewalls, virus protection, anti-hacking software
  6. Access controls - restrict access to hardware, master files, programs, and documentation
  7. Separation of duties within IT: COPAL
    Control Group
    Operators
    Programmers
    Analysts
    Librarians
  8. Physical Safeguards - smoke, fire, and moisture detectors; disaster recovery plan; procedures to back-up files
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IT: Application Controls

A

Controls over input, processing, and output
Input controls:
-All transactions should be properly initiated, authorized, and approved
Control totals, records counts, hash totals

Processing controls:

  • check digits (self checking numbers); control totals; boundary protection
  • limit and reasonableness checks
  • error logs and follow-up procedures

Output Controls:

  • Control totals/record counts reconciled with input and processing totals
  • limit and reasonableness checks
  • error logs and follow-up procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Service Organization

A

Ex. ADP, Paychex

May have their auditor perform an attest examination reporting on the service organization’s controls.

Type 1 Report - Report on management’s description of service organization’s internal control system and suitability of DESIGN of controls; management’s description fairly presented; not suitable for lowering assessed level of control risk

Type 2 Report - Report on management’s description of service orgnaization’s internal control system and suitability of DESIGN AND OPERATING effective of controls; suitable for lowering assessed level of control risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AUD CPA (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions