Module 8: Auditing with Technology Flashcards
Controlled Processing
A variation of parallel simulation, processes actual client data through a copy of the client’s application program. As with parallel simulation, this method uses actual transactions and the auditor compares the output obtained with output obtained from the client.
Computer General Control Activities
General control activities affect all computer applications. There are four types of general controls:
(a) Developing new programs and systems
(b) changing existing programs and systems
(c) controlling access to programs and data
(d) controlling computer operations
Code Review
This technique involves actual analysis of the logic of the programs processing routines. The primary advantages is that the auditor obtains a detailed understanding of the program. Difficulties of the approach include the fact that it is extremely time consuming, it requires a very high level of computer expertise, and difficulties involved with making certain that the program being verified is in fact the program in use throughout the accounting period.
Data definition language (DDL)
Used to define a database, including creating, altering, and deleting tables and establishing various constraints.
Data manipulation language (DML)
Commands used to maintain and query a database, including updating, inserting in, modifying and querying (asking for data).
Data control language (DCL)
Commands used to control a database, including controlling which users have various privileges
Parallel Simulation
Parallel simulation processes actual client data through an auditor’s generalized audit software program and frequently, although not necessarily, the auditor’s computer. After processing the data the auditor compares the output obtained with output obtained from he client.
Test Data
A set of dummy transactions is developed by the auditor and processed by the client’s computer programs to determine whether the controls which the auditor intends to test (not necessarily all controls) to restrict control risk are operating effectively.
Embedded Audit Modules
Programmed routines incorporated into an application program that are designed to perform an audit function such as a calculation, or a logging activity. Allows continuous monitoring.
