Lecture_07_S22009 - The University of Sydney ACCT3014...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
The University of Sydney ACCT3014 – Auditing and Assurance Semester 2, 2009 Week 7 Lecture Auditing in an Information Technology (IT) Environment z The Impact of an IT Environment on: Business Risk, and Internal Control Evaluation Additional Optional Reading : ICAA Audit Manual, pp. 57-68 and 63-67 2 Key Elements of the IT System z Technology (e.g. hardware, software) z People (e.g. database administrators, data entry operators) z Procedures (e.g. policies and guidelines, training) 3 IT Process at an Organisation / Business z Planning and organisation (e.g. defining IT strategic plan and infrastructure, technological direction, managing investment and assessing risk) z Acquisition, implementation and maintenance ( e.g. acquiring and maintaining application software and technology infrastructure; developing and maintaining procedures) z Delivery and support (e.g. educating and training users, managing problems, ensuring continuous service and security) z Monitoring (e.g. monitoring processes, assessing adequacy of internal control)
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Business Information Requirements of a Business z Availability (when required now and in future) z Confidentiality (protected and secure from unauthorised internal and external access/ disclosure) z Integrity (accurate, complete, valid) z Effectiveness (relevant, timely, correct) z Efficiency (delivered through optimal use of resources) z Compliance (with laws, regulations and contractual agreements) 5 Auditing IT Systems z Planning : level of IT dependence / IT business related risks IT related IC strengths and weaknesses z Audit Evidence : use of CAATs for z tests of controls z substantive testing 6 Examples of IT Risks Relevant to the Auditor z Planning and Organisation IT strategy not aligned with the business strategy Î unable to support business information needs / accounting processes and increasing risk of errors
Background image of page 2
7 Examples of IT Risks Relevant to the Auditor (cont.) z Acquisition, Implementation and Maintenance implementation of new accounting application under time pressure Î e.g. inadequate testing may lead to operation problems and processing errors unauthorised changes to programs Î increase risk of processing and reporting errors interface problems Î loss, duplication or corruption of data 8 Examples of IT Risks Relevant to the Auditor (cont.) z Delivery and Support unauthorised access to application, operating systems and data Î improper initiation, approval or execution of
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/18/2010 for the course ACCT 3014 taught by Professor - during the Three '09 term at University of Sydney.

Page1 / 9

Lecture_07_S22009 - The University of Sydney ACCT3014...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online