Page 163 - DCOM204_AUDITING_THEORY
P. 163

Unit 8: Auditing in an EDP Environment




                                                                                                  Notes
                   Example: MS-Excel can be the most common example for such programs.
            2.   Purpose-written Programs:
                 (a)  These programs are created to perform specific natured audit task.

                 (b)  These packages are not available for sale in the open market. The auditor is required
                     to get these programs developed.
                 (c)  The auditor may appoint some outside agency to develop the program on his behalf
                     (outsourcing) or he may himself hire the programmers and get it built in-house.
                 (d)  While choosing the purpose-written program option, the auditor must take into
                     consideration, the cost related issues.
            3.   Utility Programs:
                 (a)  These programs are used to perform common data processing functions such as
                     sorting; sampling; documenting; creating, emailing & printing files/reports, etc.
                 (b)  Although, these are not specifically designed for the audit purposes but can be
                     extremely useful while performing the audit.


                   Example: Acrobat’s Adobe Reader; Microsoft’s Office also consist of certain utility
            programs such as MS-Access, MS-Word, MS-PowerPoint, etc.
            4.   System Management Software:
                 (a)  These software/programs are also not specifically meant for audit purpose.
                 (b)  These are productive tools, meant to enhance the performance of the Operating
                     System.


                   Example: Disk Defragment, Task Manager, Task Scheduler, Disk Cleanup, etc. are some
            of the examples of system management software.

            8.9.2  Steps involved in Application of CAAT

            Following steps are required to be undertaken by the auditor in effective application of CAAT:

            1.   Set the objective of CAAT application;
            2.   Determine the content and accessibility of the entity’s files;
            3.   Determine the scope: identify the specific files or databases to be examined;
            4.   Understand the relationship between the data tables where a database is to be examined;

            5.   Define the specific tests or procedures and related transactions and balances affected;
            6.   Define the output requirements;
            7.   Arrange files & databases: arrange with the user and IT departments, if appropriate, for
                 copies of the relevant files or database tables to be made at the appropriate cutoff date and
                 time;
            8.   Audit team: identify the personnel who may participate in the design and application of
                 CAAT;
            9.   Cost effectiveness: refine the estimates of costs and benefits;




                                             LOVELY PROFESSIONAL UNIVERSITY                                  157
   158   159   160   161   162   163   164   165   166   167   168