Video Review Assignment | Auditing in CIS (PSP_DAT5B_Group8)

-

Hai, We are from group 8 (DAT5B)

Nursyamira Izzati bt Mohd Rosdi 10dat18f1008

Nur Arisha Bt Zakaria 10dat18f1038

Sabarreena Priyah A/P Murugesan 10dat18f1058

Siti Nur Izza bt Mohamed 10dat18f1098

Suthashne A/P Seran 10dat18f1102

Nurul Nabilah bt Abdullah 10dat18f1501

LEARNING OUTCOMES FROM THE VIDEO :

Characteristics of Computer Information System

1.Lack of visible transaction trails

2.Consistency of performance

3. Ease of Acess to data and computer programs

4. Concentration duties

5. Systems generated transaction

6.Vulnerability of data and program storage media

Internal Control

1.Internal control in a CIS environment is an essential prerequisite for efficient and effective management of any organization.

2.There are variety of control to check accuracy, completeness, and authorization of transactions.

3.Internal control can be classified as general control and application controls

General Controls and Application Controls

General control classified as:

1.Organization control

2.Systems development and documentation controls

3.Data recovery controls

4.Access controls

5.Monitoring control

Application controls category as : 

1. Control over input

2. Control over processing

3. Control over output

Differences between Testing General Control and Testing Application control

 Testing General controls :

1)Actual observation of personnel 

2) Inspecting program documentation

3)Observing security measures in force

Testing Application control: 

1)Audit around the computer

2)Use computer-assisted audit techniques

CIS Auditing

IS Auditing Objectives

-Understanding the CIS environment

-The effect of computerization in general and on internal controls

-Types of general & application controls used in CIS processes

-The audit process in a CIS environment

-To know the techniques of auditing using CA

Analyzing the CIS Environment

Risk Assessment of the CIS Environment :

-Identify the business processes, criticality.

-The automation of business processes.

-To identify where should there be control points.

-To analyze processes against internal control.

-Effectiveness of internal control.

-Benefits of internal control.

-Efficiency of operations.

Risk Management Overview

-Risk management is the process of ensuring that the impact of threats exploiting vulnerabilities is within acceptable limits at an acceptable cost.

- At a high level, this is accomplished by balancing risk exposure against mitigation costs and implementing appropriate countermeasures and controls.

Computer assisted data techniques ( CAATs ) 

- test data

- integrated test facility 

- parallel simulation

Parallel Simulations

-The simulataneous performance of mutiple operations 

- provides evidence of the validity of processing 

-Requires the auditor write the program 

- simulates key features of processes of the program under review 

- The video also show the diagram parallel simulation 

- generalized audit software consists of generally available computer packages designed to perfom common audit tasks 

- know about the purpose written programs which is designed to perform audit tasks in specific circumstances 

Other CAATs which is snapshots 

- involves taking a pictures of a transactions

Systems control audit review files ( SCARF )

- involves embedding audit software modules 

- to provise continous monitoring of the systems transactions


Comments

Post a Comment

Popular posts from this blog

CHAPTER 4: AUDITING IN CIS ENVIRONMENT (PSP_DAT5BJune2020)

-
Image
CHAPTER 4 : AUDITING IN COMPUTERISED INFORMATION SYSTEM ENVIRONMENT Group Members: 1.Muhammad Zaifan Hakim Bin Ramli (10DAT18F1084) 2.Nurfatin Nabila Bt Mawardi (10DAF18F1010) 3.Nur Fadhlin Bt Muhammad Fuzi (10DAT18F1022) 4.Nurdini Husna Bt Jamil Akhir (10DAT18F1024) 5.Nurul Hazniza Bt Kahar (10DAT18F1042) WHAT IS CIS? What is CIS? - System that composed people & computers that processes or interprets infomation. Objective of audit in CIS. - True and fairness of the financial statements Scope Of Audit under CIS Enviroment. - Legislations, regulations & the approved auditing standards Two categories in internal control 1) Application Control  -To ensure the completeness & accuracy of input Types of control - Data capture controls - Data validatio controls - Processing control  - Output control  - Error control 2) General control - develop, maintained & operated & how effective the operations of the programmed procedures Types of control  - Data centre & Network O
Read more

CHAPTER 2 : AUDIT EVIDENCE

-
Image
WELCOME TO OUR BLOG  ❝ BEING AN AUDITOR IS EASY. IT'S LIKE RIDING A BIKE, EXCEPT THE BIKE IS ON FIRE. YOU'RE ON FIRE. EVERYTHING IS ON FIRE !! ❞ 👧  NUR FARAHIN BINTI RAHMATHULLAH (10DAT17F2009) 👦  BALAMURGHAN A/L SARAVANABAVAN (10DAT17F2050) 👧  HARSHINNI A/P CHANDRAN (10DAT17F2013) OUR BLOG IS ABOUT AUDIT EVIDENCE ➽ AUDIT EVIDENCE DEFINITION ⇏ ➸The information obtained by the auditor in arriving at the conclusions on which the audit opinion in based. ➸ It comprise source documents and accounting records underlying the financial statements and corroborating information from other sources. ➸ Any information use by the auditor to determine whether the information being audited is stated in accordance with the established criteria. ISA 500   Information is used by the auditor in arriving at the conclusions on which the auditor's opinion is based. Audit evidence includes both information contained in the accounting records underlying the
Read more