COMPUTERS IN AUDIT
CHAPTER OBJECTIVE
1. THE USE OF COMPUTERS IN MANAGING THE AUDIT
2. INTERNAL CONTROL IN COMPUTER-BASED SYSTEMS
3. COMPUTRER-ASSISTED AUDIT TECHNIQUES (CAATs)
1. THE USE OF COMPUTERS IN MANAGING THE AUDIT
Auditors now often use portable, laptop computers to assist in the management and performance of the audit and to complete the audit work. This has significantly improved the efficiency of the audit, and control of the audit process.
Typical applications which may be used are:
Evaluation of audit risk
Preparation of audit programmes: summary of work
Analytical procedures: ratios and standard analysis
Preparation of audit working papers: can type up
Audit review: reviewer at different locations
Communication: worldwide operation
Control of the audit: recording and managing time spent by each member of the audit team.
2. INTERNAL CONTROL IN COMPUTER-BASED SYSTEMS
Most clients maintain their accounting records on computer-based systems. It is important that appropriate application controls and general controls are in operation over these system- the controls should, as usual be tested and evaluated by the auditor.
The normal categories of control dealt with authorisation, segregation, etc.
Application controls: are those controls which are specific to an individual application, and comprise input, processing, output and master file controls to ensure the completeness and accuracy of all processing and validity of accounting entries made.
The role of application controls can be shown by the following simple diagram represented a payroll system:
Input: time sheet
Processing: payroll program, data from master files ( pay rates)
Output: payroll figures
General Controls: related to the environment within systems are developed, maintained and operated to ensure computer operations are properly administered to protect hardware, programs and data files.
e.g. controls to ensure that system software: all access is authorised and only authorised amendments are made.
3. COMPUTRER-ASSISTED AUDIT TECHNIQUES (CAATs)
In order effectively audit the input, processing and output the auditor use CAATs of two main types- audit software to extract data from the client’s computer files and test data, to serve as a test of application controls.
CAATs can be defined as a series of techniques which allow the auditor to use the client’s computer system to generate audit evidence.
Main types of CAATs:
Audit software-used in substantive testing
Test data- used in tests of controls.
Audit software: comprises computer programs used by auditors to examine an enterprise’s computer files. It may consist of generalised package programs, specially written programs or the client’s own programs.
Typical uses of such programs include:
Analysis of inventory movement to identify slow-moving items
Selection of items for audit testing
Completeness check: sales invoices
Audit Test Data: consists of data submitted by the auditor for processing by the client’s computer-based accounting system. The actual output produced by the computer is compared by the auditor with the expected (correct) data.
Source:
- Kaplan, FAU
- Phnom Penh HR