Presentation is loading. Please wait.

Presentation is loading. Please wait.

Auditing Application Controls

Published byBarry Powers Modified over 5 years ago

Similar presentations

Presentation on theme: "Auditing Application Controls"— Presentation transcript:

1 Auditing Application Controls
Alexandria Hartig

2 About Application Controls
Defining application controls Objective of application controls Types of application controls Input controls Processing controls Output controls Integrity controls Management trail

3 Application Controls vs. ITGCs
Information Technology General Controls applies to ALL systems components, processes, and data present in an organization or systems environment. Application controls relates to the transactions and data pertaining to each computer-based application system. They are specific to each individual application.

4 Complex vs. Non-complex Environments
Complex IT Infrastructure Non-Complex Changes to existing applications & systems Few changes to existing IT environment Creation of source code for in-house software Implementation with no significant changes Customized software that is adapted to needs User options that do not alter functionality Deployment of applications, changes, & code into production Lack of IT development projects

5 Benefits of Application Controls
Reliability Application controls are more reliable than manual controls Benchmarking PCAOB standard No. 5 “benchmarking of application controls can be used because these controls are generally not subject to breakdowns due to human failure.”

6 Benefits of Application Controls
Time and Cost Savings Application controls take less time to test than manual controls

7 Assessing Risk Risk Assessment techniques to identify critical vulnerabilities The review’s nature, timing, & extent The critical business functions supported by application controls The extent of time and resources to be expended on the review There are 4 key questions auditors should ask when determining the review’s appropriate scope

8 Four Key Questions should be asked when determining the review’s appropriate scope
What are the biggest organization wide risks and concerns that need to be assessed and managed while taking management’s views into account? Which business processes are impacted by these risks? Which systems are used to perform these processes? Where are processes performed?

9 Example of Risk Assessment

10 Determining the review of scope
Business Process Method Evaluate application controls present in all systems the support a business process Most common and widely accepted Single Application Method Review application controls within a single application or module Most effective in a non-ERP or non-integrated environment

11 Executing Review Planning Need for Specialized Audit Resources
Business Process Method Documentation Techniques Flowcharts Process Narratives Testing Computer-Assisted Audit Techniques

12 Questions??

Download ppt "Auditing Application Controls"

Similar presentations

A Consultative Approach to Auditing

A Consultative Approach to Auditing
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.

Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.
Group 3 John Gregory John Marsh Gerri Houston Samantha McNeily.

Group 3 John Gregory John Marsh Gerri Houston Samantha McNeily.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.
System Implementations American corporations spend about $300 Billion a year on software implementation/upgrade projects.

System Implementations American corporations spend about $300 Billion a year on software implementation/upgrade projects.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.

COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
System Development Life Cycle (SDLC)

System Development Life Cycle (SDLC)
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Integrity through Visibility - End user Application Software.

Integrity through Visibility - End user Application Software.
1 Performance Auditing  In IT Environment  Evidence Gathering & Analysis Techniques  Computer Assisted Techniques  Use of IDEA.

1 Performance Auditing  In IT Environment  Evidence Gathering & Analysis Techniques  Computer Assisted Techniques  Use of IDEA.
Information Technology Audit

Information Technology Audit
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Management Information Systems

Management Information Systems
Auditing Internal Control over Financial Reporting

Auditing Internal Control over Financial Reporting
(SIA) 14 Internal Audit in an Information Technology Environment Standard should be read in the conjunction with the “Preface to the Standards on Internal.

(SIA) 14 Internal Audit in an Information Technology Environment Standard should be read in the conjunction with the “Preface to the Standards on Internal.
Auditing Complex EDP Systems

Auditing Complex EDP Systems
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
IT Service Delivery And Support Week Eleven – Auditing Application Control IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA.

IT Service Delivery And Support Week Eleven – Auditing Application Control IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA.

Similar presentations

Ads by Google