Video Review Assignment | Auditing in a Computerized Environment (PSP_DAT5B_Group7)
Khuksukma kuan 10DAT18F1004
Characteristics cis:
1.lack of visible transaction trails
2.consistency of performance
3.ease of acess to data and computer programs
4.concentration of duties
5.system generated transactions
6.vulnerability of data and program storage media
Internal control in CIS
Control procedures- authorization of transaction
-proper segregation of duties
-independent checking
Herashni Nair 10DAT18F1052
Purpose- written programs
Designed to perform audit tasks in specific circumtances
1.snapshots - taking a picture of a transaction
2.Systems control audit review files (SCARF)- involves embedding audit software modules and to provide continuous monitoring of the systems transaction
Internal control in a CIS environment
Internal control
-It is an essential prerequisite for efficient and ,effective management of any organization
Lim Siew Lyn 10DAT18F1060
Internal control procedures can classified into two types:general controls and application controls
General controls
-organizational controls
-system development and documentation controls
-access controls(adequate security controls to protect files)
-data recovery controls (provide back up files and off-site storage)
-monitoning controls(to ensure CIS controls are working effectively)
Application control
-controls over input
-controls over processing
-controls over output
SITI NURATHIRAH BT AHMAD ZAMRI 10DAT18F1016
Commonly use CAATS:
- Test data
Objective : To determine whether the client's computerbprograms can correctly handle valid and invalid conditions as they arise.
- Integrated test facility
Danger of contaminating the client's master files.
- Parallel simulation
requires the audit to write a program that simulates key features or processes of the program under review.
Nur Fiona Haslinda Binti Ahmad- 10DAT18F1110
Audit under Computerised Information System environment provides an examination of system efficiency, system effectiveness and safeguard of assets of an organization. Such examination of audit process reflects True and Fair View and accurate only when appropriate approach have been used.
Auditing around the computer is basically similar to manual audit process. Under this approach an auditor basically focused on input data and output data.
The second approach i.e. Auditing through the Computer emphasise on excess use of computer. Under this approach an auditor need to comprehend the procedure system to make audit process effective and efficient. It is based on internal control system. Both the control system i.e. General and Application system must be control. It is also based on factor such as On-Line data entry, Elimination or reduction of printouts and Real time file updating. Auditing through the computer can be completed by applying method such as Test Data, Controlled Processing and Computer Audit Programmes. Even this approach has merits and demerits. It depends on auditor how he is using and understanding.
The last approach is Auditing with the Computer. This approach actual make the computer in use. It involves auditing system and programmes used in the entity by an examiner. The techniques which use the computer itself for audit purpose are known as “Computer Assisted Auditing Techniques” (CAAT’s). It is part of Auditing Through the Computer. CAATs are techniques that can be applied in auditing. It comprises computer programmes and data that can be accepted by auditor in process of information system. IT based tools and techniques are required to enable the auditor to access, analyse and evaluate the data stored on the computers.
Hence all the approaches have its characteristics. Every application restricted with certain impediment. Application of such approach depends on nature of business, knowledge of computer, availability computer system and internal control system an organization has.
Comments