click below
click below
Normal Size Small Size show me how
Chapter 11
The Nature of Auditing
Term | Definition |
---|---|
Financial Audit | Examines the reliability and integrity of financial transactions |
Auditing | Systematic process of obtaining and evaluating evidence regarding assertions about economic actions and events in order to determine how well they respond with established criteria |
Internal Auditing | Independent, objective assurance and consulting activity designed to add value and improve organizational effectiveness and efficiency |
Operational Audit | Concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives |
Compliance Audit | Determines whether entities are complying with applicable laws and regulations; Often result in recommendations to improve processes and controls. |
Investigative Audit | Examines incidents of possible fraud. |
The Audit Process | Planning > Collecting Evidence > Evaluating Evidence > Communicating Audit Results |
Inherent Risk (Audit Planning) | Susceptibility to material risk in absence of controls |
Control Risk (Audit Planning) | Risk that a material misstatement will get through the internal control structure and into the financial statements |
Detection Risk (Audit Planning) | Risk that auditors and their audit procedures will fail to detect a material error or misstatement |
IS Audit Objectives | 1.) Overall IS security 2.) Program development and acquisition 3.) Program modification 4.) Accurate & complete Computer Processing 5.) Source data 6.) Accurate data files |
Computer-assisted audit techniques (CAATS) | Uses auditor-supplied specifications to generate a program that performs audit functions |
Concurrent audit techniques (CAT) | Used to continually monitor the system and collect audit evidence while live data are processed during normal hours |
Integrated Test Facility (CAT) | Testing technique in which a dummy co. or division is introduced into the co's computer system. Test transactions are then conducted on these fictitious records w/o affecting the real records. |
Embedded audit modules | Used by CATs; Program code segments that perform audit functions |
Snapshot technique (CAT) | Selected transactions are marked with special code; audit modules record these transactions and their master file records before and after processing |
System control audit review (SCARF) | Continuously monitors transaction activity, collects data on transactions with special audit significance and stores it in a SCARF file or audit log |
Audit Hooks | Audit routines that notify auditors of questionable transactions, often as they occur |
Continuous and Intermittent Simulation (CIS) | Embeds an audit module in a DB that examines all transactions that update the DB using criteria similar to SCARF |
Automated flowcharting programs | Interpret source code and generate program flow charts |
Automated decision table programs | Interpret source code and generate a decision table |
Scanning Routines | Search a program for all occurrences of specified items |
Mapping programs | Identifies unexecuted program code |
Program tracing | Sequentially prints all program steps when a program runs, so the sequences of program execution events can be observed |