1. Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007

2. Bina Nusantara AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES

3. Bina Nusantara AUDIT CYCLE

4. Bina Nusantara Auditor Productivity Tools Planning and tracking the annual audit schedule Documentation and presentations Communication and data transfer Resource management Data management

5. Bina Nusantara Using CAATs in Audit Process Used to evaluate the integrity of an application, determine compliance with procedures, and continuously monitor processing result. Examples – Audit Command Language (ACL) – Interactive Data Extraction and Analysis (IDEA)

6. Bina Nusantara Functionality of CAATs Avoidance of a sampling error by addressing 100% of population Stratification of data Aging of the transactions and data Recalculation (reperformance) Exceptions identification Fraud detections (via isolated variances) Extraction of the subsets of data Linkage of data for analysis Identification of duplicate transactions Audit trail analysis

7. Bina Nusantara TECHNICAL SKILLS AND TOOLS Generalized Audit Software Application Testing Designing Tests of Controls Data Analysis Compliance Testing Continuous Monitoring Application Controls Audit Functions Sampling

8. Bina Nusantara Generalized Audit Software Analyze and compare files Select specific records for examination Conduct random samples Validate calculations Prepare confirmation letters Analyze aging of transaction files

9. Bina Nusantara Application Testing Submitting a set of test data that will produce known results if the application functions properly Developing independent programs to reperform the logic of the application Evaluating the results of the application

10. Bina Nusantara Application Controls Spreadsheet Controls – Analysis – Source of data – Design review – Documentation – Verification of logic – Extent of training – Extent of audit – Support commitment

11. Bina Nusantara Application Controls Database Controls – Referential integrity – Transaction integrity – Entity integrity – Value constraints – Concurrent update protection – Backup and recovery protection – Testing protection

12. Bina Nusantara Audit Functions Items of Audit Interest Audit Mathematics Data Analysis System Validation

13. Bina Nusantara Sampling Types of sampling – Judgmental sampling – Statistical sampling Applied technique if any change to the characteristics or attributes of the population under review: – Random attribute sampling – Variable sampling techniques

14. Bina Nusantara Sampling Process Steps: 1. Determine the objective of the test 2. Define the population 3. Determine the confidence level 4. Determine the precision 5. Determine the expected standard deviation 6. Compute the sample size 7. Document the sampling procedure 8. Select the audit samples 9. Evaluate the sample results 10. Reach an overall conclusion based on the sampling.

15. Bina Nusantara Computer Forensics Methods and Techniques The IT auditor can work in the field of computer forensics or work side by side with a computer forensics specialist, supplying insight into a particular system or network. Computer forensic specialists gather evidence against the individual who has committed a crime in several ways.