100%(6)6 out of 6 people found this document helpful
This preview shows page 55 - 56 out of 79 pages.
Due to the nature of these types of controls, application controls generally link directly to one or more specific transaction objectives. For example, the credit approval application control directlylinks to the existence objective for sales. Auditors typically identify both manual and computer-performed application controls for each transaction-related objective using a control risk matrix similar to the one discussed in Chapter 10.12-10“Auditing around the computer” represents an audit approach whereby the auditor does not use computer controls to reduce control risk. Instead, the auditor uses non-IT controls to support a reduced control risk assessment. In these situations, the use of IT does not significantly impact the audit trail. Typically, the auditor obtains an understanding of internal control and performs tests of controls, substantive tests of transactions, and account balance verification procedures in the same manner as if the accounting system was entirely manual. The auditor is still responsible for gaining an understanding of general and application computer controls because such knowledge is useful in identifying risks that may affect the financial statements.12-11The test data approach involves processing the auditor’s test data using the client’s computer system and the client’s application software program to determine whether the computer-performed controls correctly process the test data. Because the auditor designs the test data, the auditor is able to identify which test items should be accepted or rejected by the computer. When using this approach the auditor should assess the following:How effectively does the test data represent all relevant conditions that the auditor wants to test?How certain is the auditor that the application programs being tested by the auditor’s test data are the same programs as those used by the client throughout the year to process actual transactions?How certain is the auditor that test data is effectively eliminated from the client’s records once testing is completed?Parallel simulation with audit software involves the auditor’s use of an auditor-controlled software program to perform parallel operations to the client’s software by using the same data files. Because the auditor’s software is designed to parallel an operation performed by the client’s software, this strategy is referred to as parallel simulation testing. Parallel simulation could be used in the audit of payroll by writing a program that calculates the accrued vacation pay liability for each employee using information contained in the employee master file. The total liability calculated by the auditor’s software program would then be compared to the client’scalculation to determine if the liability for accrued vacation pay is fairly stated at year-end.