CH9 Audit_1

CH9 Audit_1 - CHAPTER 9 AUDITING COMPUTER-BASED INFORMATION...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
1 CHAPTER 9 CHAPTER 9 AUDITING COMPUTER-BASED INFORMATION SYSTEMS
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 REPETITION! REPETITION! This chapter repeats much of the information on internal controls covered in chapters 5 through 8 The information is simply grouped in a logical way by the various parts of the information system I will only present the new material You should go through the Self-Study Module on your own
Background image of page 2
3 AUDITING AUDITING Auditing is a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic events An audit ascertains the degree of correspondence between the assertions and established accounting criteria An audit requires the communication of the results to interested users
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 SAS #94 SAS #94 Requires the auditor to use the computer to check the adequacy of the systems controls, data and output Auditors may need specialized skills to: Evaluate how their audit strategy could be affected by the company’s use of information technology Assess and evaluate information technology controls Design and perform both tests of the information technology controls and substantive tests
Background image of page 4
5 INTERNAL AUDIT TYPES INTERNAL AUDIT TYPES FINANCIAL AUDIT Examines the reliability and integrity of the accounting records INFORMATION SYSTEMS AUDIT or INTERNAL CONTROL AUDIT Reviews the general and applications controls over the computer systems Assesses the system’s compliance with internal control policies and its effectiveness at safeguarding assets
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 INTERNAL AUDITS CONT’D INTERNAL AUDITS CONT’D OPERATIONAL OR MANAGEMENT AUDIT Reviews if resources are used economically and efficiently to accomplish an organization’s goals and objectives
Background image of page 6
7 Risk-Based Information Risk-Based Information Systems Audits Systems Audits 1. What are the threats (errors or frauds) that can occur? 2. Perform a Systems Review – What internal controls exist to address each threat? Are the controls preventive, detective, or limiting in nature? 3. Perform a Test of Controls – Are the internal controls actually followed ?
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 RISK BASED CONT’D RISK BASED CONT’D 1. Evaluate control weaknesses (lack of controls) to determine the additional audit procedures to perform and suggestions for management. If a control deficiency exists, are there compensating controls or procedures in other areas that mitigate (reduce the risk) of a lack of specific controls?
Background image of page 8
9 INFORMATION SYSTEMS INFORMATION SYSTEMS AREAS AUDITED AREAS AUDITED SECURITY Table 9-1 PROGRAM DEVELOPMENT AND ACQUISITION and PROGRAM MODIFICATION Tables 9-2, 9-3 PROCESSING Table 9-4 SOURCE DATA Table 9-5 DATA FILES Table 9-6
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 SECURITY SECURITY FOCUS IS: The protection of computer hardware, software, communications, and data From unauthorized access, modification, or destruction
Background image of page 10
11 SECURITY CONT’D SECURITY CONT’D COMPENSATING CONTROLS Personnel policies on hiring and firing Segregation of incompatible duties User training in internal controls
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 07/30/2011 for the course ACCT 302 taught by Professor Brown during the Spring '11 term at Maryland.

Page1 / 44

CH9 Audit_1 - CHAPTER 9 AUDITING COMPUTER-BASED INFORMATION...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online