Process of a CIS Audit Examine the CIS environment the boundaries in which the

Process of a cis audit examine the cis environment

This preview shows page 11 - 19 out of 35 pages.

Process of a CIS Audit Examine the CIS environment – the boundaries in which the systems are used Examine accounting applications software eg payroll, accounts receivable, accounts payable etc Tests of CIS controls Substantive testing Examine financial statements Prepare audit report
Image of page 11
ASA 315 ASA 315.79 The auditor shall obtain an understanding of the control environment. ASA 315.109 The auditor shall obtain an understanding of how the entity has responded to risks arising from IT. ASA 315.110 From the auditor’s perspective, controls over IT systems are effective when they maintain the integrity of information and the security of the data such systems process.
Image of page 12
Effect of CIS on Internal Controls CIS processing is likely to affect the entity’s internal control structure, for example: transaction trailsprocessing of transactionssegregation of functionsauthorisation of transactionsunauthorised access to data and filessupervision
Image of page 13
Internal Controls in a CIS Environment Commonly classified as:
Image of page 14
A. General Controls 1. Organisational controls 2. Systems development and maintenance controls 3. Access controls 4. Other controls
Image of page 15
General Controls 1. Organisational controls:
Image of page 16
General Controls Organisational controls include : clear roles and responsibilities CIS department independent of user departments CIS should not take responsibility for errors originating in user departments CIS should not authorise or initiate transactions CIS should not have custody of resulting assets
Image of page 17
General Controls
Image of page 18
Image of page 19

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture