Page 153 - DCOM204_AUDITING_THEORY
P. 153

Unit 8: Auditing in an EDP Environment



            6.   Procedure: Find out whether internet downloading and other uses of the internet is restricted  Notes
                 to safeguard entity’s information.
                 Inherent risk:  Virus penetration into the system is simple due to uncontrolled
                 internet activities
            7.   Procedure: Investigate to be sure that, the use of antivirus programs is present, there is safe
                 storage of backups which are frequently tested to identify irrelevant backups
                 Inherent risk: Restoration of data is not possible when misfortunes occur.

            Nature, Timing and Extent of Audit Procedures

            It is customary for Auditors to perform timing and design of audit procedures that are supposed
            to suit the audit they need to execute. This is important because the audit evidence obtained after
            audit need to have relevance to the audit report issued. The relevance so mentioned is verified
            by reviewing the documentation of nature, timing and extent of procedures employed in the
            audit; this is done in a process called quality review.

            Conclusions drawn from the evidence obtained

            Conclusions drawn by the Auditor are the final output of the audit which when presented in a
            formal and standardized manner is called an audit report. Conclusions such as these need to be
            documented systematically and in a way that another auditor who have not participated in the
            audit should be able to use them in reporting without the need of more elaboration from the
            auditor involved in the audit.

            Safe Storage of the Evidence in Electronic Form

            After completion of the audit and collection of relevant and sufficient audit evidence it is advised
            that the Auditor should store the evidence so obtained in a safe storage and which is expected to
            be in electronic form. This may be put in disc storage devices which are not easily affected by
            viruses and not easily altered.

            8.5 Auditor’s Challenges and Modern Ways for Auditing Electronic

                 Data Processing (EDP) Accounts or Financial Statements

            Electronic data processing is the function of planning, recording, managing and reporting business
            transactions by the use of computers and related peripherals. In EDP data is first taken from
            source documents such as invoices, revenue receipts, payment vouchers, written checks etc.
            There after data inputs to the computer where it is entered via the keyboard or other data entry
            peripherals. The entered data is then processed according to the accounting package in use; since
            there are different structures of modules used in sundry accounting application software,
            processing of the same data may differ from one package to another. It is said earlier that
            reporting is one of processing features, then it is apparent or undoubted that types of reports
            produced by different packages may vary from one system or package to another.


                   Example: Some system may provide almost all basic financial reports such as
            1.   The trial balance,
            2.   The statement of financial position commonly known as the balance sheet ,






                                             LOVELY PROFESSIONAL UNIVERSITY                                  147
   148   149   150   151   152   153   154   155   156   157   158