Video Review Assignment | Auditing in CIS (PSP_DAT5B_Group8)

Hai, We are from group 8 (DAT5B)

Nursyamira Izzati bt Mohd Rosdi 10dat18f1008

Nur Arisha Bt Zakaria 10dat18f1038

Sabarreena Priyah A/P Murugesan 10dat18f1058

Siti Nur Izza bt Mohamed 10dat18f1098

Suthashne A/P Seran 10dat18f1102

Nurul Nabilah bt Abdullah 10dat18f1501

LEARNING OUTCOMES FROM THE VIDEO :

Characteristics of Computer Information System

1.Lack of visible transaction trails

2.Consistency of performance

3. Ease of Acess to data and computer programs

4. Concentration duties

5. Systems generated transaction

6.Vulnerability of data and program storage media

Internal Control

1.Internal control in a CIS environment is an essential prerequisite for efficient and effective management of any organization.

2.There are variety of control to check accuracy, completeness, and authorization of transactions.

3.Internal control can be classified as general control and application controls

General Controls and Application Controls

General control classified as:

1.Organization control

2.Systems development and documentation controls

3.Data recovery controls

4.Access controls

5.Monitoring control

Application controls category as : 

1. Control over input

2. Control over processing

3. Control over output

Differences between Testing General Control and Testing Application control

 Testing General controls :

1)Actual observation of personnel 

2) Inspecting program documentation

3)Observing security measures in force

Testing Application control: 

1)Audit around the computer

2)Use computer-assisted audit techniques

CIS Auditing

IS Auditing Objectives

-Understanding the CIS environment

-The effect of computerization in general and on internal controls

-Types of general & application controls used in CIS processes

-The audit process in a CIS environment

-To know the techniques of auditing using CA

Analyzing the CIS Environment

Risk Assessment of the CIS Environment :

-Identify the business processes, criticality.

-The automation of business processes.

-To identify where should there be control points.

-To analyze processes against internal control.

-Effectiveness of internal control.

-Benefits of internal control.

-Efficiency of operations.

Risk Management Overview

-Risk management is the process of ensuring that the impact of threats exploiting vulnerabilities is within acceptable limits at an acceptable cost.

- At a high level, this is accomplished by balancing risk exposure against mitigation costs and implementing appropriate countermeasures and controls.

Computer assisted data techniques ( CAATs ) 

- test data

- integrated test facility 

- parallel simulation

Parallel Simulations

-The simulataneous performance of mutiple operations 

- provides evidence of the validity of processing 

-Requires the auditor write the program 

- simulates key features of processes of the program under review 

- The video also show the diagram parallel simulation 

- generalized audit software consists of generally available computer packages designed to perfom common audit tasks 

- know about the purpose written programs which is designed to perform audit tasks in specific circumstances 

Other CAATs which is snapshots 

- involves taking a pictures of a transactions

Systems control audit review files ( SCARF )

- involves embedding audit software modules 

- to provise continous monitoring of the systems transactions


Comments

Popular posts from this blog

CHAPTER 4: AUDITING IN CIS ENVIRONMENT (PSP_DAT5BJune2020)

CHAPTER 2 : AUDIT EVIDENCE