Advantages of Database Systems
Eliminates the same data being stored in multiple files, thus reducing
inconsistency in multiple versions of the same data.
With data in one place it is more easily accessed by
Management Comment Letter: Findings Recommendations
Dear ABC Company Board of Directors,
After reviewing all of the controls of ABC Corporation, the auditing team from
Hawkesworth & Associates have come to a conclusion that matches the findings of our aud
Client: [client name]
Year End Date: [fiscal year-end]
WP Description: Database Access Testing Matrix
Purpose: To ensure that direct database access is restricted to the appropriate individuals and that duties are sufficiently segregated.
Client: [client name]
Year End Date: [fiscal year-end]
WP Description: Administrator Testing Matrix
Purpose: To ensure that administrator access is restricted to the appropriate individuals and that administrator duties are sufficiently segregated.
Systems: An Overview
Distinguish between data and information:
Understand the characteristics of useful information.
Explain how to determine the value of information.
Explain fundamental decisions an organizatio
Attributes about an entity
Related group of fields
Related Group of Records
Related group of files
Advantages of Database systems
o Data integration
Files are logically combined and made accessible t
Ch 5, 6, 12
Common Threats to AIS
Natural disaster and Terrorist threats
Software errors and/or equipment malfunction
Unintentional acts (human error)
Intentional acts (Computer Crimes)
What is Fraud?
Gaining an unfair advantage over another person
8. Jane Doe was terminated on 2/21/2011 but was not removed from the system until
3/15/2011. This violates the Employee Departure Procedure that states employees should
be removed from the system at the time of notification of termination.
9. The requirem
o The systematic process of obtaining and evaluating evidence regarding
assertions about economic actions and events in order to determine how
well they correspond with established criteria
Types of Audits
Examines the reliability a
Why Update systems
o Use or business changes
o Technology changes
o To improve business process
o Create competitive advantage
o Increase productivity gains
o Integrate multiple systems
o Ageing systems need replacement
Software Development Problems
First decision is if palm is in or out of scope
o PBC list should ask for stuff related to palm if in scope
o If out of scope do not ask for palm
Establish Effective Security Environment
ABC Corporation is the industry leader for providing bandsaw blades, grinder
plates and knives, butcher supplies, seasonings, and equipment repair
services to meat rooms, delis, restaurants, seafood departments, produce
departments, and bakery departments
Well recognized brand
Wide product assortment
Sound balance sheet
High employee morale
Attracting millennials as customers
Expansion into investment banking
Appenzeller, Nicholas J.
Butler, Robert S.
Capo, Madison A.
Cioffi, John D.
Feehley, Mitchell J.
Ferrante, Richard J.
Gonzalez, Marilyn E.
Hawkesworth, Ashley R.
Liberto, John A.
Marra, Jason J.
Mitchell, Katherine E.
A set of two or more interrelated components interacting to achieve a goal
Occurs when components act in their own interest without regard for
Occurs when components acting in their own interest contribut
What is Documentation?
Set of documents and models
Narratives, data flow models, flowcharts
Describe who, what, why, when, and where of systems:
Input, process, storage, output, and controls
Why learn Documentation?
Need to be able to read documentation i
Audit Planning Memorandum
The audit memorandum was prepared according to our audit strategy and it is based on
cumulative audit knowledge and experience, as well as important matters which have
been brought to
Dear ABC Corporation Management,
After a careful and detailed IT audit of your company, we have found a number of control issues that
should be addressed immediately. Our focus was specifically on logical
Sample Midterm Questions
A) basically the same as data.
B) raw facts about transactions.
C) potentially useful facts when processed in a timely manner.
D) data that has been organized and processed so that it's meaningful.
To be effective,
Data Input- Capture
As a business activity occurs data is collected about:
1. Each activity of interest
2. The resources affected
3. The people who are participating
Paper-based source documents
Data are collected on source documents
E.g., a sales-order f
Findings List for ABC Corporation FY 2012
Finding 1 (1.1.2) While ABC does its best to react to new threats, the company should also
update its Employee Computer Operating and Security Policy once a year, and require all
existing employees to review and r
Former Grant Thornton Partner, Craig B. Haber was arrested for stealing $4
million in client payments meant for the global accounting firm, Grant Thornton. Haber,
59, was an accountant who worked at Grant Thornton sinc
To: ABC Corp.
From: IT Audit Staff
Subject: Prepared By Client List Request
In order to reasonably test ABCs IT control environment, the audit team requests the
following documentation. Our main focus will be on Logical Security and Change
Findings Document for ABC Corporation Audit
Client Name: ABC Company
Auditor: Hawkesworth & Associates LLC
Audit team: Ashley Hawkesworth, Arnchie Qu, Douglas Molina, Joseph Southern, and Madison
Request Date: 05/09/16
In May of 20
1) Which of the following commonly initiates the data input process?
A) a business activity
B) automatic batch processing
C) an accounting department source document
D) a trial balance query
2) A typical source document could be
A) some type of paper docu