Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT Auditing & Assurance, 2e, Hall & Singleton Chapter 8: IT Auditing & Assurance, 2e, Hall & Singleton CAATTs for Data Extraction and Analysis.

Published byAshlyn King Modified over 8 years ago

Similar presentations

Presentation on theme: "IT Auditing & Assurance, 2e, Hall & Singleton Chapter 8: IT Auditing & Assurance, 2e, Hall & Singleton CAATTs for Data Extraction and Analysis."— Presentation transcript:

1 IT Auditing & Assurance, 2e, Hall & Singleton Chapter 8: IT Auditing & Assurance, 2e, Hall & Singleton CAATTs for Data Extraction and Analysis

2 IT Auditing & Assurance, 2e, Hall & Singleton DATA STRUCTURES  Organization  Access method

3 IT Auditing & Assurance, 2e, Hall & Singleton SEQUENTIAL ISAM RANDOM INDEX File DATA File SEQUENTIAL RANDOM Data Organization Hashing Pointers Access: Index Methods Access: Non-Index Methods

4 IT Auditing & Assurance, 2e, Hall & Singleton FILE PROCESSING OPERATIONS 1. Retrieve a record by key 2. Insert a record 3. Update a record 4. Read a file 5. Find next record 6. Scan a file 7. Delete a record Individual Records Table 8-1

5 IT Auditing & Assurance, 2e, Hall & Singleton DATA STRUCTURES  Flat file structures  Sequential structure [Figure 8-1]  All records in contiguous storage spaces in specified sequence (key field)  Sequential files are simple & easy to process  Application reads from beginning in sequence  If only small portion of file being processed, inefficient method  Does not permit accessing a record directly  Efficient: 4, 5 – sometimes 3  Inefficient: 1, 2, 6, 7 – usually 3

6 IT Auditing & Assurance, 2e, Hall & Singleton DATA STRUCTURES  Flat file structures  Indexed structure  In addition to data file, separate index file  Contains physical address in data file of each indexed record

7 IT Auditing & Assurance, 2e, Hall & Singleton DATA STRUCTURES  Flat file structures  Indexed random file  Records are created without regard to physical proximity to other related records  Physical organization of index file itself may be sequential or random  Random indexes are easier to maintain, sequential more difficult  Advantage over sequential: rapid searches  Other advantages: processing individual records, efficient usage of disk storage

8 IT Auditing & Assurance, 2e, Hall & Singleton DATA STRUCTURES  Flat file structures  Indexed Sequential Access Method (ISAM)  Large files, routine batch processing  Moderate degree of individual record processing  Used for files across cylinders  Uses number of indexes, with summarized content  Access time for single record is slower than Indexed Sequential or Indexed Random  Disadvantage: does not perform record insertions efficiently – requires physical relocation of all records beyond that point – SOS  Has 3 physical components: indexes, prime data storage area, overflow area [Figure 8-4]  Might have to search index, prime data area, and overflow area – slowing down access time  Integrating overflow records into prime data area, then reconstructing indexes reorganizes ISAM files

9 IT Auditing & Assurance, 2e, Hall & Singleton 1960 1970 1980 1990 Legacy systems DBMS etc. EVOLUTION OF ORG./ACCESS METHODS

10 IT Auditing & Assurance, 2e, Hall & Singleton Inefficient Access entire files Efficient Access single records

11 IT Auditing & Assurance, 2e, Hall & Singleton  Stores the address (pointer) of related record in a field with each data record [Figure 8-6]  Records stored randomly  Pointers provide connections b/w records  Pointers may also provide links of records b/w files [Figure 8-7]  Types of pointers [Figure 8-8]:  Physical address – actual disk storage location Advantage: Access speed Disadvantage: if related record moves, pointer must be changed & w/o logical reference, a pointer could be lost causing referenced record to be lost  Relative address – relative position in the file (135 th ) Must be manipulated to convert to physical address  Logical address – primary key of related record Key value is converted by hashing to physical address POINTER STRUCTURE

12 IT Auditing & Assurance, 2e, Hall & Singleton  Hierarchical & network structures Uses explicit linkages b/w records to establish relationship  Relational structure  Uses implicit linkages b/w records to establish relationship: foreign keys / primary keys DATABASE STRUCTURES

13 IT Auditing & Assurance, 2e, Hall & Singleton Relational Records: “Foreign Keys” in one record establishes relationships to related records in other files. INVOICES CUSTOMERS INVENTORY

14 IT Auditing & Assurance, 2e, Hall & Singleton  Relational structure  User views  Data a particular user needs to achieve his/her assigned tasks  A single view, or view without user input, leads to problems in meeting the diverse needs of the enterprise  Trend today: capture data in sufficient detail and diversity to sustain multiple user views  User views MUST be consolidated into a single “logical view” or schema  Data in the logical view MUST be normalized DATABASE STRUCTURES

15 IT Auditing & Assurance, 2e, Hall & Singleton  Relational structure  Importance of data normalization  Critical to success of DBMS  Effective design in grouping data  Several levels: 1NF, 2NF, 3NF, etc.  Un-normalized data suffers from: Insertion anomalies Deletion anomalies Update anomalies  One or more of these anomalies will exist in tables < 3NF DATABASE STRUCTURES

16 IT Auditing & Assurance, 2e, Hall & Singleton  Relational structure  Auditors and data normalization  Database normalization is a technical matter that is usually the responsibility of systems professionals.  The subject has implications for internal control that make it the concern of auditors also.  Most auditors will never be responsible for normalizing an organization’s databases; they should have an understanding of the process and be able to determine whether a table is properly normalized.  In order to extract data from tables to perform audit procedures, the auditor first needs to know how the data are structured. DATABASE STRUCTURES

17 IT Auditing & Assurance, 2e, Hall & Singleton  Identify important transactions live while they are being processed and extract them  Examples  Errors  Fraud  Compliance SAS 78, SAS 94, SAS 99 / S-OX EMBEDDED AUDIT MODULE

18 IT Auditing & Assurance, 2e, Hall & Singleton  Disadvantages:  Operational efficiency – can decrease performance, especially if testing is extensive  Verifying EAM integrity - such as environments with a high level of program maintenance  Status: increasing need, demand, and usage of COA/EAM/CA EMBEDDED AUDIT MODULE

19 IT Auditing & Assurance, 2e, Hall & Singleton  Brief history  Most widely used CAATT  Usages include: 1) Footing and balancing entire files or selected data items (e.g., extending inventory) 2) Selecting and reporting detail data 3) Selecting stratified statistical samples from data files 4) Formatting results into audit reports (auto work papers!) 5) Printing confirmations 6) Screening / filtering data 7) Comparing multiple files for differences 8) Recalculating values in data GENERALIZED AUDIT SOFTWARE

20 IT Auditing & Assurance, 2e, Hall & Singleton  Popular because: 1. GAS software is easy to use and requires little computer background 2. Many products are platform independent, works on mainframes and PCs 3. Auditors can perform tests independently of IT staff 4. GAS can be used to audit the data currently being stored in most file structures and formats GENERALIZED AUDIT SOFTWARE

21 IT Auditing & Assurance, 2e, Hall & Singleton  Simple structures [Figure 8-19]  Complex structures [Figures 8-20, 8-21]  Auditing issues:  Auditor must sometime rely on IT personnel to produce files/data  Risk that data integrity is compromised by extraction procedures  Auditors skilled in programming better prepared to avoid these pitfalls GENERALIZED AUDIT SOFTWARE

22 IT Auditing & Assurance, 2e, Hall & Singleton  ACL is a proprietary version of GAS  Leader in the industry  Designed as an auditor-friendly meta- language (i.e., contains commonly used auditor tests)  Access to data generally easy with ODBC interface ACL

23 IT Auditing & Assurance, 2e, Hall & Singleton Chapter 8: CAATTs for Data Extraction and Analysis IT Auditing & Assurance, 2e, Hall & Singleton

Download ppt "IT Auditing & Assurance, 2e, Hall & Singleton Chapter 8: IT Auditing & Assurance, 2e, Hall & Singleton CAATTs for Data Extraction and Analysis."

Similar presentations

Computer Assisted and Audit Tools and Techniques Drs. Haryono, Ak. M.Com & Dimas M. Widiantoro, SE., S.Kom., M.Sc. Pics from :

Computer Assisted and Audit Tools and Techniques Drs. Haryono, Ak. M.Com & Dimas M. Widiantoro, SE., S.Kom., M.Sc. Pics from :
Prentice Hall, 2003 1 Database Systems Week 1 Introduction By Zekrullah Popal.

Prentice Hall, Database Systems Week 1 Introduction By Zekrullah Popal.
2P13 Week 11. A+ Guide to Managing and Maintaining your PC, 6e2 RAID Controllers Redundant Array of Independent (or Inexpensive) Disks Level 0 -- Striped.

2P13 Week 11. A+ Guide to Managing and Maintaining your PC, 6e2 RAID Controllers Redundant Array of Independent (or Inexpensive) Disks Level 0 -- Striped.
Chapter 1: The Database Environment

Chapter 1: The Database Environment
CAATTs for Data Extraction and Analysis

CAATTs for Data Extraction and Analysis
Managing Data Resources

Managing Data Resources
Managing data Resources: An information system provides users with timely, accurate, and relevant information. The information is stored in computer files.

Managing data Resources: An information system provides users with timely, accurate, and relevant information. The information is stored in computer files.
Predecessor to the Database: Traditional File Processing Records are stored in files. Programs are customized to process the data.

Predecessor to the Database: Traditional File Processing Records are stored in files. Programs are customized to process the data.
PowerPoint Presentation for Dennis & Haley Wixom, Systems Analysis and Design Copyright 2000 © John Wiley & Sons, Inc. All rights reserved. Slide 1 Key.

PowerPoint Presentation for Dennis & Haley Wixom, Systems Analysis and Design Copyright 2000 © John Wiley & Sons, Inc. All rights reserved. Slide 1 Key.
Database Management: Getting Data Together Chapter 14.

Database Management: Getting Data Together Chapter 14.
Recap of Feb 27: Disk-Block Access and Buffer Management Major concepts in Disk-Block Access covered: –Disk-arm Scheduling –Non-volatile write buffers.

Recap of Feb 27: Disk-Block Access and Buffer Management Major concepts in Disk-Block Access covered: –Disk-arm Scheduling –Non-volatile write buffers.
11 3 / 12 CHAPTER Databases MIS105 Lec14 Irfan Ahmed Ilyas.

11 3 / 12 CHAPTER Databases MIS105 Lec14 Irfan Ahmed Ilyas.
Chapter 11 Data Management Layer Design

Chapter 11 Data Management Layer Design
Introduction to Database Management

Introduction to Database Management
Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.

Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.
Databases and Database Management Systems

Databases and Database Management Systems
Managing Data Resources. File Organization Terms and Concepts Bit: Smallest unit of data; binary digit (0,1) Byte: Group of bits that represents a single.

Managing Data Resources. File Organization Terms and Concepts Bit: Smallest unit of data; binary digit (0,1) Byte: Group of bits that represents a single.
Chapter 1 Introduction to Databases

Chapter 1 Introduction to Databases
Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.

Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.
Chapter 1 1 © Prentice Hall, 2002 Database Design Dr. Bijoy Bordoloi Introduction to Database Processing.

Chapter 1 1 © Prentice Hall, 2002 Database Design Dr. Bijoy Bordoloi Introduction to Database Processing.

Similar presentations

Ads by Google