CAATs_original

CAATs_original - CAATs InternalAuditofInternalControl...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
CAATs
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Internal Audit of Internal Control Business Impact and Risk An application is the procedures and processes necessary to fulfill a  business function. This may be financial (general ledger, accounts payable,  accounts receivable, payroll), order entry (however an order is defined, i.e.,  claims, product orders, banking transactions), operational (inventory transfer  and logistics), or involving intellectual property, human resources and other  business-related processes. The volume of transactions necessitates the  reliance on the functionality and internal controls of a business application.    Failure to implement effective, efficient and appropriate internal controls  may result in the following general risks: Loss or underutilization of assets Invalid or incorrectly processed transactions  Loss of reputation due to inability to deliver services or disclosure of internal issues Costly compensating controls Reduced system availability and questionable integrity of information Inability to satisfy audit/assurance charter, requirements of regulators or external  auditors
Background image of page 2
If we have good ITGC’s and  Application /ITD Controls, why  should Internal Audit test? Fraud Testing In practice, controls in ERPs rarely implemented  in comprehensive way ERP application control for duplicate  payments should be on but may be off Management override of controls may be  pervasive Pragmatic model is to independently test all  transactions and not rely exclusively upon  system implemented controls
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Internal Control Audit Control evaluation  – tests of specific controls to determine if they are  working as intended. Examines transactions to determine if evidence of an  exception to a control rule  Access control to a particular system Payments over authority limits Appropriate approvals of transactions Review of entries that may indicate a management override of controls Split purchase orders Examines transactions to determine if there is an indication  of events occurring for which no control rule has been established Fraud/Recovery opportunities Duplicate payments Travel expense irregularities
Background image of page 4
Computer Assisted Audit Tools Productivity Tools Generalized Audit Software Tools
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 09/27/2011 for the course 6K 180 taught by Professor Staff during the Spring '11 term at University of Iowa.

Page1 / 31

CAATs_original - CAATs InternalAuditofInternalControl...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online