Presentation is loading. Please wait.

Presentation is loading. Please wait.

Statement of Auditing Standard No. 94 The Effect of Information Technology on the Auditor’s Consideration of Internal Control in a Financial Statement.

Published byMagnus Solomon Gray Modified over 8 years ago

Similar presentations

Presentation on theme: "Statement of Auditing Standard No. 94 The Effect of Information Technology on the Auditor’s Consideration of Internal Control in a Financial Statement."— Presentation transcript:

1 Statement of Auditing Standard No. 94 The Effect of Information Technology on the Auditor’s Consideration of Internal Control in a Financial Statement Audit Karl E. Dahlberg, New Jersey, ISACA Click for Paper

2 IT and Internal Control SAS 94 says an organization’s IT use may affect any of the five internal control components as well as how businesses initiate, record, process and report transactions. The SAS offers auditors some direction by pointing out these key aspects of the systems and controls on which organizations today rely.

3 Summary of the Audit Process Phase I Plan and design the audit approach Phase II Perform tests of controls and substantive tests of transactions Phase III Perform analytical procedures and tests of details of balances Phase IV Complete the audit and issue the audit report

4 Phase I: Plan and design an audit approach Preplan Obtain background information Obtain information about contractor’s legal obligations Perform preliminary analytical procedures Set materiality, and assess acceptable risk and inherent risk

5 Phase I: Plan and design an audit approach (con’t) Understand internal control and assess control risk Develop overall audit plan and audit program

6 Phase II: Perform tests of controls and substantive tests of trans. Plan to reduce assessed level of control risk? (Yes/No) Perform tests of controls Perform substantive tests of transactions Assess likelihood of misstatements in financial statements

7 Phase III: Perform analytical proc. and tests of details of balances Perform analytical procedures Perform tests of key items Perform additional tests of details of balances

8 Phase IV: Complete the audit and issue an audit report Review for contingent liabilities Review for subsequent events Accumulate final evidence Evaluate results Issue audit report Communicate with appropriate parties

9 SAS 94 Guidance Obtaining an understanding of internal control Definition of “Information Technology” Five interrelated components Potential benefits Specific risks

10 Obtaining an understanding of internal control A sufficient understanding is obtained by performing procedures to understand the design of controls relevant to an audit of financial statements and determining whether they have been placed in operation.

11 In planning the audit, such knowledge should be used to: Identify types of potential misstatement Consider factors that affect the risk of material misstatement Design tests of controls, when applicable Design substantive tests

12 Definition of “Information Technology” Information technology (IT) encompasses automated means of originating, processing, storing, and communicating information, and includes recording devices, communication systems, computer systems (including hardware and software components and data), and other electronic devices.

13 Five interrelated components Control environment Risk assessment Control activities Information and communications systems support Monitoring

14 Potential benefits Consistently apply predefined business rules and perform complex calculations in processing large volumes of transactions and data Enhance the timeliness, availability, and accuracy of information Facilitate the additional analysis of information

15 Potential benefits (con’t) Enhance the ability to monitor the performance of the entity’s activities and its policies and procedures Reduce the risk that controls will be circumvented

16 Specific risks Reliance on systems or programs that are inaccurately processing data, processing inaccurate data, or both Unauthorized access to data that may result in destruction of data or improper changes to data, including the recording of unauthorized or nonexistent transactions or inaccurate recording of transactions

17 Specific risks (con’t) Unauthorized changes to data in master files Unauthorized changes to systems or programs Failure to make necessary changes to systems or programs Inappropriate manual intervention Potential loss of data

18 SAS 82 Exposure Draft Assessing the identified risks after taking into account an evaluation of the entity’s programs and controls. This section requires the auditor to evaluate the entity’s programs and controls that address the identified risks of material misstatement due to fraud, and to assess the risks taking into account this evaluation.

Download ppt "Statement of Auditing Standard No. 94 The Effect of Information Technology on the Auditor’s Consideration of Internal Control in a Financial Statement."

Similar presentations

Chapter 13 Overall Audit Plan and Audit Program

Chapter 13 Overall Audit Plan and Audit Program
Overall Audit Plan and Audit Program

Overall Audit Plan and Audit Program
Auditing Concepts.

Auditing Concepts.
8 AUDIT PLANNING AND DOCUMENTATION AN AUDITOR WHO DOES NOT UNDERSTAND A CLIENT’S BUSINESS TAKES A GREAT RISK.

8 AUDIT PLANNING AND DOCUMENTATION AN AUDITOR WHO DOES NOT UNDERSTAND A CLIENT’S BUSINESS TAKES A GREAT RISK.
Planning the Audit; Linking Audit Procedures to Risk

Planning the Audit; Linking Audit Procedures to Risk
Review of Introduction to Auditing

Review of Introduction to Auditing
13 OVERALL AUDIT PLAN AND AUDIT PROGRAM HOW MUCH AND WHAT KIND

13 OVERALL AUDIT PLAN AND AUDIT PROGRAM HOW MUCH AND WHAT KIND
Overall Audit Plan and Audit Program

Overall Audit Plan and Audit Program
5-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 5 Audit Planning.

5-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 5 Audit Planning.
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
Audit Planning and Documentation

Audit Planning and Documentation
10 - 1 ©2003 Prentice Hall Business Publishing, Essentials of Auditing 1/e, Arens/Elder/Beasley Overall Audit Plan and Audit Program Chapter 10.

©2003 Prentice Hall Business Publishing, Essentials of Auditing 1/e, Arens/Elder/Beasley Overall Audit Plan and Audit Program Chapter 10.
7 - 1 Copyright  2003 Pearson Education Canada Inc. CHAPTER 7 Audit Planning and Documentation.

7 - 1 Copyright  2003 Pearson Education Canada Inc. CHAPTER 7 Audit Planning and Documentation.
Audit objectives, Planning The Audit

Audit objectives, Planning The Audit
Auditing Internal Control over Financial Reporting

Auditing Internal Control over Financial Reporting
1 CHAPTER 10 Overall Audit Plan and Audit Program.

1 CHAPTER 10 Overall Audit Plan and Audit Program.
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
Understanding Audit Risk Assessment

Understanding Audit Risk Assessment
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 12 - 1 Overall Audit Plan and Audit Program Chapter 12.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Overall Audit Plan and Audit Program Chapter 12.
L/O/G/O คลินิก ไอเอ ครั้งที่ 6/2011 The New Auditor Toolkit ตลาดหลักทรัพย์แห่งประเทศไทย ห้องประชุม 1101 ชั้น 11 25 มิถุนายน 2554.

L/O/G/O คลินิก ไอเอ ครั้งที่ 6/2011 The New Auditor Toolkit ตลาดหลักทรัพย์แห่งประเทศไทย ห้องประชุม 1101 ชั้น มิถุนายน 2554.

Similar presentations

Ads by Google