Unit 6 - Module 14 Flashcards
Access tests
Tests that ensure that the application prevents authorized users from unauthorized access to data.
Validity tests
Ensure that the system processes only data values that conform to specified tolerances. Examples include range tests, field tests, limit tests, and reasonableness tests. Validity tests also apply to transaction approvals, such as verifying that credit checks and AP three-way-matches are properly performed by the application.
Accuracy tests
Tests that ensure that the system processes only data values that conform to specified tolerances.
Completeness tests
Tests identifying missing data within a single record and entire records missing from a batch.
Redundancy tests
Tests that determine that an application processes each record only once.
Audit trail tests
Ensures that the application creates an adequate audit trail.
The Test Data Technique
Examples of Tests of IT Application Controls
Testing Customer Credit Approvals
Testing Accuracy of Postings to Customer Accounts
Testing the Three-Way Match
Testing Multilevel Security and Access Privileges in the Purchases/AP System
Testing Rounding Error Routines in Financial Systems
Rounding Error Algorithm
salami fraud
Fraud in which each of multiple victims is defrauded out of a very small amount, but the fraud in total constitutes a large sum.
black box approach
An approach that does not require the auditor to create test files or to obtain a detailed knowledge of the application’s internal logic. Instead, auditors can analyze flowcharts and interview knowledgeable personnel in the client’s organization to understand the functional characteristics of the application.
Parallel simulation
Technique that requires the auditor to write a program that simulates key features of processes of the application under review.
generalized audit software (GAS)
Software that allows auditors to access electronically coded data files and perform various operations on their contents.
