Week 6 - Testing and Evaluation of Systems Flashcards
Reliance on controls
Judgement
Compliance tests
Test of controls
Test that is carried out to ensure the organisation is following its own policies and procedures in a particular area
To confirm whether or not internal controls are satisfied and whether they can be relied upon
Compliance test questions
Is it as description?
Is it the same throughout the year? (Seasonal)
Any practical weaknesses not apparent?
Are sale transactions properly authorised?
Check returns records to credit notes
Compliance test examples
Extended walk-through tests of info/audit trail = cradle to grave Block testing one aspect of system -easy but not statistical test Interviews w/ staff Observation of staff Re-performance of control procedures -counts/reconciliation Exam of management reviews
Auditor computer system strategies
Round the computer
Through the computer
With the computer
Auditing Round the computer
Picking source documents at random and verifying the corresponding output with inputs
Auditing through the computer
Also known as CAATs - computer assisted audit techniques
Used for:
Testing system - test of controls
Testing data - transactions&balances
Auditing with the computer
Using it as a tool
Specific test of controls in computer systems
Code review of programs
Test data
Program code comparison
Code of reviews
Designed to determine if there are defects in programs that will cause incorrect processing of data
Tend to be costly in time
Need expert knowledge-auditor reliance
Test data
Assembled by auditor and passed through the system to see if the data are processed as expected Must be representative of real data - some use computer-generate test data Live test data - normal processing run Dead test data - outside normal run Issues : corruption of files
Program code comparison
Used to compare the program being tested with a program known to be authorised version
Interpretation of results needs expertise
The discrepancies might reveal that unauthorised changes have been made to program - don’t detect defensive programs
Continuous review of data
Integrated test facility (ITF)
Systems control and review file (SCARF)
ITF
Integrated test facility (IFT)
Created simulated transactions - w/ special code - and then processed with client data
Issues:
Need data reviewed
Have to be reversed correctly
Can be random throughout year
Client can identify data and process differently to real data
Substantive tests
Tests to obtain audit evidence to detect material misstatements in financial statements
Analytical procedures
Other substantive procedures - tests if details of transactions and balances
