Page 168 - DCOM204_AUDITING_THEORY
P. 168
Auditing Theory
Notes (b) Checking the coding: Wherever applicable, detailed checking the coding of the program
to ensure that it is in-line with the program specification.
(c) Compatibility with client’s system: Asking the client entity’s IT staff to check the
compatibility of the audit software with the operating system used in the client’s
information system.
(d) Testing the software: Before running the audit software on the main system’s data
files, the software must be run on small test files in a different system.
(e) Testing the test results: The results of the above test.
(f) Addressing the security issues: The must establish appropriate security measures to
safeguard the integrity and confidentiality of client’s data.
(g) Regular follow-up: Sufficient evidence must be obtained so as to ensure that the audit
software is functioning, as planned. And also ensure that there is proper vendor
support.
2. Control over Test Data:
(a) Controlling the sequence in which the test data needs to be sent.
(b) Initially, performing the test runs with small chunks of test data, before submitting
the main audit test data.
(c) Predicting the results of the test data and comparing it with the actual test data
output.
(d) Confirming that the current version of the programs was used to process the test
data.
(e) Ensure that the client entity used the same version of software throughout the audit
period, on which the audit is being conducted.
(f) Make sure that dummy entries are deleted, which were fed in the system, while
performing the audit.
(g) The auditor should one thing in mind while performing the audit that, “CAAT is
one of the ‘solutions’ for Audit and no the ‘substitute’ to Audit.”
Self Assessment
Fill in the blanks:
7. An auditor uses various Computer assisted Audit .......................... to carry out audit
procedures while auditing through the computer.
8. Under integrated test data approach, the auditor creates a .......................... entity within the
client’s actual data.
8.10 Summary
In planning the portions of the internal audit which may be affected by the entity’s EDP
Environment, the auditor should obtain an understanding of the significance and
complexity of the EDP activities and the availability of data for use in the audit.
In planning the internal audit, the auditor designs audit procedures that will provide
sufficient appropriate audit evidence. During the initial planning, phase of the audit, the
auditor needs to assess whether to use computer assisted audit techniques.
162 LOVELY PROFESSIONAL UNIVERSITY
