Video Review Assignment | What is CIS? (PSP_DAT5B_Group1)

-


Muhammad Ashraf bin Mohamad Redzwan 10DAT18F1006

Thurgeswari selvemani                             10DAT18F1073

Nurdiana binti Mohd Nasir                       10DAT18F1014

Nuralya Sophia binti Suhaidi                    10DAT18F1026

Nor Athirah binti Amran.                          10DAT18F1028


Collect, manage, and analyze audit logs of events that could help detect, understand, or recover from an attack.

CIS RAM is an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls.

CIS environment exists when a computer of any type or size is involved in the processing by an entity of financial information of significance to the audit, whether that computer is operated by the entity or a third party.

Identify the computerized environment.

Extent of computerization in the organization.

The pervasiveness of computerization.

CIS as part of the organizational infrastructure.

Importance of the CIS in the organization.

The objective of audit in a CIS environment is to express opinion whether the financial statements true and fair. Management’s view of the CIS environment.

Scope of audit under cis 

It is govern by legislation, regulation and the approved auditing standards 

There are two category in internal control. The first one is application control. Second one is general control

Type of Control

1) Data capture Controls

- To capture that all transactions are recorded in the application system

2) Data Validation Controls

- To ensure the data is accurate 

3) Processing Control

- Prevent and detect errors

4) Output Control

- prevent computer output for being used by an authorised user

5) Error Control

- Errors should be corrected and then submitted it

CAAT

- Used the computer as an audit tools to enhance the effectiveness and efficiency of audit procedures 

- this technique can provide effective test of control and substantive procedure whether no input document or sample of populations is large

Types of CAAT

Generalised audit software 

-test on data files

Custom audit software

-specific task

Test data 

-creates a simulation transaction

Intergrated test facility

- “dummy” record is created 

Parallel simulation 

-mimics the entities application programme




Comments

Post a Comment

Popular posts from this blog

CHAPTER 4: AUDITING IN CIS ENVIRONMENT (PSP_DAT5BJune2020)

-
Image
CHAPTER 4 : AUDITING IN COMPUTERISED INFORMATION SYSTEM ENVIRONMENT Group Members: 1.Muhammad Zaifan Hakim Bin Ramli (10DAT18F1084) 2.Nurfatin Nabila Bt Mawardi (10DAF18F1010) 3.Nur Fadhlin Bt Muhammad Fuzi (10DAT18F1022) 4.Nurdini Husna Bt Jamil Akhir (10DAT18F1024) 5.Nurul Hazniza Bt Kahar (10DAT18F1042) WHAT IS CIS? What is CIS? - System that composed people & computers that processes or interprets infomation. Objective of audit in CIS. - True and fairness of the financial statements Scope Of Audit under CIS Enviroment. - Legislations, regulations & the approved auditing standards Two categories in internal control 1) Application Control  -To ensure the completeness & accuracy of input Types of control - Data capture controls - Data validatio controls - Processing control  - Output control  - Error control 2) General control - develop, maintained & operated & how effective the operations of the programmed procedures Types of control  - Data centre & Network O
Read more

CHAPTER 2 : AUDIT EVIDENCE

-
Image
WELCOME TO OUR BLOG  ❝ BEING AN AUDITOR IS EASY. IT'S LIKE RIDING A BIKE, EXCEPT THE BIKE IS ON FIRE. YOU'RE ON FIRE. EVERYTHING IS ON FIRE !! ❞ 👧  NUR FARAHIN BINTI RAHMATHULLAH (10DAT17F2009) 👦  BALAMURGHAN A/L SARAVANABAVAN (10DAT17F2050) 👧  HARSHINNI A/P CHANDRAN (10DAT17F2013) OUR BLOG IS ABOUT AUDIT EVIDENCE ➽ AUDIT EVIDENCE DEFINITION ⇏ ➸The information obtained by the auditor in arriving at the conclusions on which the audit opinion in based. ➸ It comprise source documents and accounting records underlying the financial statements and corroborating information from other sources. ➸ Any information use by the auditor to determine whether the information being audited is stated in accordance with the established criteria. ISA 500   Information is used by the auditor in arriving at the conclusions on which the auditor's opinion is based. Audit evidence includes both information contained in the accounting records underlying the
Read more