Auditing with Technology Flashcards
The practice of using computers to automate or simplify the audit process–can refer to any use of a computer during the audit
Computer assisted auditing techniques
A computerized audit category for test of controls that allows the auditor to gain an understanding of the client program; time-consuming and require a high level of computer expertise, so infrequently used
Program analysis
Type of program analysis that involves actual analysis of the logic of the program’s processing routines; allows auditors to gain a detailed understanding of the program
Code review
A type of program analysis that allows the auditor to compare computerized files (i.e. assuring that the auditor has the same version of the program that hte client is using when auditing)
Comparison programs
A type of progam analysis that is ued to produce a flowchart of a program’s logic and may be used both in mainfraim and microcomputer environments
Flowcharting software
A type of program analysis technique in which each instruction executed is listed along with control information affecting that instruction, allowing the auditor to recognize logic sequences or dormant section of code that may be a potential source of abuse–extremely time consuming
Program tracing and mapping
A program analysis technique that “takes a picture” of the status of program execution, intermediate results, or transactiondata at specfied processing points in the program processing–helps auditor analyize hte prcoessing logic of specific programs
Snapshot
A Computered audit test of controls category of techniques that involves the use of auditor-controlled actual or simulated data–provides direct evidence about the operation of programs and programmed controls
Program testing
A type of program testing in which a set of dummy transactiosn is developed by the auditor and processed by the client’s computer programs to determine whether hte controls which the audtiro inteds to test to restrict control irsk are operating effectively
Test data
A program testing method that introduces dummy transactions into a system in the midst of live trnasactiosn and is usually built into the system during the original design
Integrated test facility (ITF)
A type of program testing that processes actual client data through an auditor’s generalized audit software program and frequently the auditor’s computer–after processing, auditor compares the output obtained with hthat of client
Parallel simulation
A program testing technique that is a variation of parallel simulation that processes actual client data through a copy of hte clien’t’s applcation program
Controlled reprocessing
A computerized audit test of controls techniquue that allows testing of audit data as transactiosn occur–necesssary because audit trails are typically reduced
Continous (concurrent) testing
A type of continous testing that consists of programmed routines incorporated into an application program that are designed to perform an audit function such asa calculation, or logging activity–often not practical b/c requires that hte auditor be involved in system design
Embedded audit module
A type of continous testing that consists of an exit point in an application program that allows ana uditor to subsequently add an auditmodule by activiting the hook to transfer control to an audit module
Audit hook
A type of continous testing that is a log, usually created byan embedded audit module, used to collect information for subsequent review and analysis
Systems Control Audit REview Files (SCARF)
A type of continous testing that attaches addtional data that would not otherwise be saved to regular historic records and thereby helps to provide a more complicated audit trail
Extendded records
A type of continous testing in which an identifier providing a transaction with a special deisgnation is added to the transaction record–often used to allow logging of transactions or snapshot or activities
Transactions tagging
Software that logs changes in programs, program modules, job control language, and other processing activites
Library management software
Software that supplements the phsycial and contorl measures relating oth e computer and is particularly helpful in online environments or in systems iwth date commmunications because of difficulties of physically securing computers—restricts access to computers to authorized personnel thorugh techniques such as “read-only” access and encryption
Acccess control and security software`
Software designed to read, process, and write data with the help of functions performing specific audit routines and wiht self-made macros–a tool in applying computer assisted auditing techniques
Generalized audit software (GAS)
Software that enables access to such databases as the AICPA Professional Standards and various FASB and SEC prounoucements–allows auditors to reserach quickly and requires minimal training
Text retrieval software
Involves examining inputs and outputs form the computer while ignoring processing
Auditing “around” the computer