Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 6 Computer Assisted Audit Tools and Techniques

Similar presentations

Presentation on theme: "Chapter 6 Computer Assisted Audit Tools and Techniques"— Presentation transcript:

1 Chapter 6 Computer Assisted Audit Tools and Techniques
LihChyun Shu

2 Contents Application controls Testing computer application controls
Input controls Processing controls Output controls Testing computer application controls Black box approach White box approach Computer aided audit tools and techniques for testing controls

3 Application Controls Programmed procedures designed to deal with potential exposures that threaten specific applications, such as payroll, purchases, and cash disbursements systems. Three categories: Input controls Processing controls Output controls

4 Input Controls Designed to ensure that transactions are valid, accurate, and complete. Broad classes: Source document controls Data coding controls Batch controls Validation controls Input error correction Generalized data input systems

5 Source document controls
Techniques to prevent source document fraud (for example, an individual with access to purchase orders and receiving reports could fabricate a purchase transaction to a non-existent supplier) Use pre-numbered source documents Use source documents in sequence Periodically audit source documents

6 Data Coding Controls Checks on integrity of data codes used in processing. A customer’s account number, an inventory item number, and a chart of accounts number are all examples of data codes.

7 Data Coding Controls Three types of errors that can corrupt data codes and cause processing errors: Transcription errors Single transposition errors Multiple transposition errors

8 Transcription Errors Addition errors: e.g., inventory item number recorded as Truncation errors: e.g., the inventory item above recorded as 8327 Substitution errors: e.g., the inventory item above recorded as 83266

9 Transposition Errors Single transposition errors: occur when two adjacent digits are reversed. Multiple transposition errors: occur when nonadjacent digits are transposed. For example, is recorded as

10 Check Digits A method to detect data coding errors.
A check digit is a control digit added to the code that allows the integrity of the code to be established during subsequent processing. The simplest form of check digit is to sum the digits in the code and use this sum as the check digit.

11 Check Digits For example, the calculated check digit for customer account code 5327 would be 7 ( =17, then drop the tens column) This technique can detect some transcription errors, but not transposition errors. Another technique in page 217 can be used to detect transposition errors. See ‘Check digit’ from Wikipedia in relevant links

12 Batch Controls A method used to manage high volumes of transaction data through a system. Provide assurance that All records in batch are processed No records are processed more than once An audit trail of transactions is created

13 Steps in Batch Controls
Grouping similar types of transactions (such as sales order) together in batches For each batch of documents, prepare a batch transmittal sheet that contains (see page 218) A unique batch number A batch date A transaction code (type of transactions) Number of records in batch (record count) Total dollar value of a financial field (batch control total) Total of a unique non-financial field (hash total)

14 Steps in Batch Controls
Batch transmittal sheet is used to assess the integrity of the batch during processing as shown in Figure 6-2 (page 219). Batch control total can be used to make sure the batch is in balance Hash total can be used to detect the fraud that someone replaced one of the sales orders in the batch with a fictitious record of the same dollar amount (see page 220)

15 Validation Controls Intended to detect errors in transaction data before the data are processed. Three levels of input validation controls: Field interrogation Record interrogation File interrogation

16 Filed Interrogation Missing data checks Numeric-alphabetic data checks
Zero-value checks Limit checks Range checks Validity checks (compare actual values against known acceptable values)

17 Record Interrogation Validate entire record by examining inter-relationship of its field values. Reasonableness checks: e.g., an employee’s pay rate of 18 dollars per hour is excessive, when compared to the employee’s job skill code of 693 (employees in this skill class never earn more than 12 dollars per hour)

18 Record Interrogation Sign check: e.g., dollar amount field must be positive for sales but negative for sales return transactions. Sequence check: determine if a record is out of order

19 File Interrogation Ensure that correct file is being processed by the system. Internal label checks verify that the file processed is the one the program is actually calling for. Files usually have external labels that identify them to librarian and operator. But wrong labels may be affixed to files. Operating system can create internal label that is placed at the beginning of the file (Figure 6-6 in page 224)

20 File Interrogation Version checks are used to verify that the version of the file being processed is correct. Expiration date check prevents a file from being deleted before it expires.

21 Input Error Correction
3 common error handling techniques Immediate correction Create an error file Reject entire batch

22 Generalized Data Input Systems
To achieve a high degree of control and standardization over input validation procedures. This technique includes centralized procedures to manage the data input for all of the organization’s transaction processing systems. (see Figure 6-9)

23 Processing Controls Run-to-run controls Operator intervention controls
Audit trail controls

24 Run-to-run Controls Use batch control figures to monitor the batch as it moves from one run to another. Specific uses of run-to-run control figures: Recalculate control totals (dollar amount fields, hash totals, record counts) Transaction codes: ensure only correct type of transaction is being processed. Sequence checks ensure the proper order of transactions being processed

25 Operator Intervention Controls
Operator intervention increases the potential for human errors. Systems that limit operator intervention thru operator intervention controls are thus less prone to errors.

26 Audit Trail Controls Techniques to preserve audit trails:
Transaction logs: every transaction successfully processed by the system should be recorded on a transaction log, which servers as a journal. Log of automatic transactions Listing of automatic transactions Error listing

Download ppt "Chapter 6 Computer Assisted Audit Tools and Techniques"

Similar presentations

Ads by Google