StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Information System Auditing - Essay Example

Cite this document
Summary
This essay "Information System Auditing" discusses the importance of information systems in financial auditing. The first part addresses the ways in which data systems in a bank can be clearly configured to facilitate proper and easy auditing of its financial records…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91.9% of users find it useful
Information System Auditing
Read Text Preview

Extract of sample "Information System Auditing"

Information System Auditing Information System Auditing Introduction The paper aims at presenting guidelines on how to ensure prompt and accurate servicing of transactions as a result of developing audit systems. Information system audit refers to the computerized elements of an accounting information system. Audit tests are of the following basic types: control tests-determine the accuracy of the internal controls and substantive tests-determine the fairness of the data in reflection to financial affairs of the organization (Alderson, 1993). Basically, this paper will provide guidelines or explanations on the importance of effective use of information systems in auditing. I. CHAPTER 4, PROBLEM 5 SYSTEM CONFIGURATION The following is the way databases and data communications facilities can be configured for First State Bank: The configuration will entail a hybrid of centralized and decentralized processing. Since customers should be at a position to bank at any of the 11 branches, cash withdrawal transactions from each branch should be centrally processed and the customer databases updated. Deposits of cash and checks and payment of customers’ bills can be stored on remote computers, with the data being sent to the mainframe periodically. Banks tend to be more concerned with the promptness in recording cash withdrawals than cash receipts. Thus, the data representing the payment of customers’ bills may be sent to the mainframe computer four to six times a day for updating, while deposits of cash may be transmitted only twice a day. The payroll accounts can be stored and processed on the remote computers because these accounts do not have ATM cards. The mainframe at the main office can process more efficiently if a front-end processor is used to relieve the mainframe of data communication processes. A common-carrier network is probably a good communication medium, but the data should be encrypted. The individual teller terminals should be connected to the remote main computer via dumb terminals. The tellers should not have any reason to download data regarding customer accounts (Botha & Boon, 2003). CHAPTER 5, PROBLEM 12 AUDIT SYSTEMS DEVELOPMENT A. THE IMPORTANCE OF THE SIX ACTIVITIES IN PROMOTING EFFECTIVE CONTROL. The following is a discussion on the significance of each of the activities in endorsing effective control: 1. Activities in Systems Authorization This is done to ensure their economic validation and feasibility. A formal environment is required in which users present their written requests to system professionals. 2. Activities for User Specification The systems development process requires active involvement of users. The involvement by the user must not be stifled by the system’s technical complexity. The technology used notwithstanding, the users should create detailed written descriptions pertaining to their requirements. It takes joint efforts of the user and systems professionals to come up with a user specification document. However, this document will have to remain a statement of user requirements. The users view of the problem should be described and not that of the system professionals (Botha, 2000). 3. Activities for Technical Design The activities for technical design translate user specifications into a set of well elaborated specifications which pertain to the technicals for a system meeting the user’s requirements. Systems analysis, feasibility analysis and detailed systems design are the scope of these activities. The quality of the documentation emerging from each phase is reflected from the adequacy pertaining to these activities. 4. Participation of Internal Audit An organization’s internal audit department requires independence, objectivity and technical qualification in order to meet the governance-related expectations of management. Therefore, the internal auditor is at a position to play critical role in systems control partaining to the activities in development (Davis, 2005). B. TESTS CONTROLS IN MEETING AUDIT OBJECTIVES 1. Program Testing There must be a thorough test of all of the program modules before implementation. The results of the tests are then compared to other previous tests to determine the level of accuracy. 2. Testing Computer Applications Application controls is the last area of exposure to be considered. There are two categories of application controls: application controls tests and transaction details and account balances tests. Auditors regularly encountered “black box” which they did not understand when computerized systems of accounting first made their way into the business world. Much of the data was processed after which they were requested to voice views (Hoelzer, 2009). At first, by observing input and output, they conducted an audited around the computer inspection for mutual consistency. However, it was inefficient no matter how adequate it was. There was also hampering of the evaluation of the internal control system. Tracing audit trails through the automated parts of the system proved impossible. Auditing around the computer may not have been acceptable if an application had a material effect on the financial statements. Auditing through the computer is the name given to the second approach of auditing computer systems. The capability of tracing paths of transaction from input to output manual and automated system is required (Hoelzer, 2009). Data flow that moves through the system has to be verified while the contents of machine and readable files have to be examined. As they operate on the data, the internal controls are tested. Since the black box is gone, the current trend is towards computer auditing, which uses the computer as an audit tool. Many procedures have been made feasible due to the use of computers. From a clerical standpoint, these procedures would have otherwise been impractical. It is necessary for practicing auditors to have extensive and up-to-date computer system knowledge. The major problem created by this method is the difficulty to remain updated on technological changes. As a result, new demands for continuing professional education have come up (Hoelzer, 2009). A. The White Box Approach This is auditing through the computer to contrast it to the “black box approach.” The purpose of these different tests is to assist in the appreciation of the concerns faced by an auditor (Hoelzer, 2009). B. White Box Testing Techniques Five proven procedures are stated: Test data method Base case system evaluation Tracing Integrated test facility Parallel simulations These are very complex techniques. One should focus on the most essential purpose, the first three being the variations of the same method which all work through the computer, while the last two incorporates the computer as an auditing tool (Davis, 2005). C. The Integrated Test Facility The integrated test facility builds the systems audit ability. Both the controls and the application’s logic are tested during normal operations. The computer is now part of the audit process since it is being done with it (Hoelzer, 2009). D. Parallel Simulation Parallel simulation is an imitation of the application which is under review. It should be written in a way in which it performs the same steps as the application to compare the results. If the “real” system and the parallel yield the same output, one would have confidence in the feasibility of the “real” system if both the real and the parallel system yield similar output. Substantive Testing Techniques Substantive tests are the second main audit test types after the tests of controls. Substantive tests are used in verifying the money on the financial statements and in the accounts. There must be ways to get at it since these tests evaluate the data in the system (Hoelzer, 2009). A. The Imbedded Audit Module This is a set of specially written computer instructions which are built into the client software in order to obtain specified types of data which can be used later for testing. B. Generalized Audit Software This refers to a number of programs which are developed as tools for auditors. Many public accounting firms have produced these packages as a result of the need to repeatedly perform basic tasks in auditing (Hoelzer, 2009). The paper has looked into the whole concept of internal auditing so as to add value and improve the way any given organization operates. The information here equips an organization to accomplish its objectives by providing case scenarios with a disciplined approach and systematic ways and procedures of evaluation, management of risks, control and improving the effectiveness of governance processes (Davis, 2005). CHAPTER 6, PROBLEM 23 XBRL a) THE CURRENT STATE OF XBRL AND ITS APPROPRIATENESS FOR INTERNAL REPORTING PROJECTS This technology is appropriate since XBRL is characteristically used in aggregated financial data reporting. XBRL is also applicable in communicating information regarding individual transactions and internal business units. The data needs to be organized to make it useful to others and it should also be labeled, and reported in a generally acceptable manner. Mapping the organization’s internal data to XBRL taxonomy elements will be involved in order to come up with a document which is an XBRL. Companies internally using native-XBRL database technology as their main platform for information storage can speed the process of reporting. XBRL documents can be imported into internal databases and analysis tools in order to significantly facilitate decision making. B) ENHANCEMENTS TO BE REALIZED BY USING XBRL The financial community can be provided with a method which is standardized that can be incorporated for the preparation, publishing and automatic exchange of financial information which includes that of companies which are publicly held. XBRL information can be put on internet servers for the purpose of internal use. They can be placed on an internet so as to circulate to customers or trading partners. XBRL is fast and very accurate XBRL can be used to back up information hence avoiding data loss XBRL enhances or promotes standardization. C). DATA INTEGRITY, INTERNAL CONTROL AND REPORTING CONCERNS ASSOCIATED WITH XBRL So as to ensure the correct generation of XBRL taxonomies, controls have to be designed and in place and there is a need to establish independent verification procedures to validate the instance documents, thus ensuring that appropriate application of taxonomy and tags before posting to Web servers. In addition, there has to be an assessment of audit scope and its implementation with respect to these documents (Swash, 1997). Conclusion The above discussion clearly outlines the importance of information systems in financial auditing. The first part addresses the ways in which data systems in a bank can be clearly configured to facilitate proper and easy auditing of its financial records. Part two of the paper concentrates on the issue of audit systems development, and basically discusses the importance of various information systems in promoting effective auditing. The last question discusses the current state of XBRL, and goes ahead to discuss its appropriateness for internal reporting projects and all this information is very critical in understanding and improving auditing systems. References Alderson, P. (1993). Managing the costs of on-line information. Best’s review (Life/Health), 94 (3), 74–78. Botha, H., & Boon, J. A. (2003). The Information Audit: Principles and Guidelines. Libri, 53, 23–38. Botha, H. (2000). The information audit: principles and guidelines. Unpublished Master’s dissertation. Pretoria: University of Pretoria. Davis, R. E. (2005). IT Auditing: An Adaptive Process. Mission Viejo: Pleier Corporation. Hoelzer, D. (2009). Audit Principles, Risk Assessment & Effective Reporting. London: SANS Press. Swash, G. D. (1997). The information audit. Journal of managerial psychology, 12 (5), 312– 318. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Assignment Information System Auditing Essay Example | Topics and Well Written Essays - 1500 words”, n.d.)
Assignment Information System Auditing Essay Example | Topics and Well Written Essays - 1500 words. Retrieved from https://studentshare.org/miscellaneous/1615819-assignment-information-system-auditing
(Assignment Information System Auditing Essay Example | Topics and Well Written Essays - 1500 Words)
Assignment Information System Auditing Essay Example | Topics and Well Written Essays - 1500 Words. https://studentshare.org/miscellaneous/1615819-assignment-information-system-auditing.
“Assignment Information System Auditing Essay Example | Topics and Well Written Essays - 1500 Words”, n.d. https://studentshare.org/miscellaneous/1615819-assignment-information-system-auditing.
  • Cited: 0 times

CHECK THESE SAMPLES OF Information System Auditing

The Importance of IT Auditing to E-Business Commerce

Information System Auditing.... THE IMPORTANCE OF IT auditing TO E-BUSINESS COMMERCE The Importance of IT auditing to E-Business Commerce Author Author Affiliation Date In this information technology based era to maintain business continuity, audits are considered as a decisive element of the rules and regulations and traditional values in the organizations.... THE IMPORTANCE OF IT auditing TO E-BUSINESS COMMERCE The Importance of IT auditing to E-Business Commerce Affiliation In this information technology based era to maintain business continuity, audits are considered as a decisive element of the rules and regulations and traditional values in the organizations....
3 Pages (750 words) Research Paper

How Should Organizational Information Systems Be Audited for Security

Additionally, it is essential for the organizations to plan how to decide what information systems security audit projects should be performed for instance both stand-alone information system security audit projects and those projects which require support from the information systems security audit potential.... Moreover, making a decision regarding organization's aims and objectives for developing or improving an information system's security audit capability will support them in determining and understanding the varieties of skills, tools and training required to carry out this process....
4 Pages (1000 words) Essay

Technology to Improve Internal Audit

Information System Auditing 5 3.... Analytical auditing 4 2.... After the introduction of Sarbanes Oxley (SOX) Act in the USA in 2002 the internal audit has started to redeploy the financial control auditing (Leung, Cooper and Perera 785).... New methodologies in use The recent development in the technology has led to the use of more sophisticated methods for internal auditing in the organization.... The methodologies that are currently in use are (Dittenhofer 462): Computer assisted audit techniques (CAAT) Expert System Analytical auditing 2....
5 Pages (1250 words) Research Paper

Information Systems Audit and Control: Computer Fraud

Insiders do know the system and are courageous enough to challenge detection due to their longtime exposure and familiarity with the system's weak points.... They may also come externally pretending to be a person with an authorization to take advantage of the vulnerabilities of the system to a financial consultant in Australia who managed to stash away a hefty amount of money through wire transfer using another person's name and password.... The big question here is how these employees managed to hack the system and what motivated them According to IIA (2003), 'crime follows the money" and as money are available electronically, we can be sure that the criminals are just around the corner (p....
8 Pages (2000 words) Essay

Information System Auditing and Financial Auditing

The main objective of this paper is to distinguish the relationship between Information System Auditing and financial auditing.... On the other hand, he defined "IT (Information Technology) auditing refers to the part of an audit that involves the computerized elements of an accounting information system" (p.... As stated, information system audit is just one of the important components of a financial audit.... he correlation of information system and financial auditing is crucial to the economy of the company....
1 Pages (250 words) Essay

New System for Hydraulics Manufacturing Co

Information System Auditing is carried out to identify the reliability of data processed into the financial system.... he implementation strategy describes those methods and procedures that we need to perform for setting up the new The new system would serve the purpose of information systems auditing.... The latter part of the paper would evaluate the final output and measure the profitability of the system with the help of post implementation reviews. ...
12 Pages (3000 words) Essay

Overview of IS Audits (DB)

Financial auditing is now a new evolved domain, as organizations are now dependent on information systems acquiring digital data, this field is now evolved as Information System Auditing.... information system audit is a specialized function that is Full Paper Overview This is a digital age, where information is now digitized and plays a critical role in accomplishing business goals.... information system audit is a specialized function that is responsible for assessing the current state of an organization in terms of organizational asset protection, data integrity....
2 Pages (500 words) Research Paper

Auditing Information System: Security Management and Control

This assignment "Auditing information system: Security Management and Control" explores the studied of the first chapters in the course of Auditing information system.... These chapters are based on a management security system, internal control, security, and control assessment.... A conventional system of transaction authorization permits the use of a company's resources basing on the goals of the management team....
6 Pages (1500 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us