Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nature of IT Based Systems

Published byCameron Gaines Modified over 9 years ago

Similar presentations

Presentation on theme: "Nature of IT Based Systems"— Presentation transcript:

1

2 Nature of IT Based Systems
Many systems have developed away from centralized systems with one main frame computer using user developed software to a combination of smaller computers using commercially available software Less expensive software Electronic checkbooks (e.g., Quicken) Moderate system Basic general ledger system (e.g.., Quickbooks) Expensive ERP systems (e.g., SAP)

3 Nature of IT Systems Usually consists of: Hardware
Digital computer and peripheral equipment Software Various programs and routines for operating the system

4 Computer Hardware Card Readers Arithmetic Unit Magnetic Disks
Input/Output Devices Central Processing Unit Auxiliary Storage Card Readers Arithmetic Unit Magnetic Disks Terminals Control Unit Magnetic Drums Electronic Cash Primary Storage Magnetic Tapes Registers Optical Compact Optical Scanners Disks Magnetic Tape Drives Magnetic Disk Drives Optical Compact Disks 2 2

5 Software Two Types: Systems software Application software
Programs that control and coordinate hardware components and provide support to application software Operating system (Examples: Unix, Windows) Application software Programs designed to perform a specific data processing task Written in programming language (Example: Java)

6 System Characteristics
Regardless of size, system possesses one or more of the following elements Batch processing On-line capabilities Database storage IT networks End user computing 3

7 Batch Processing Input data gathered and processed periodically in groups Example: Accumulate all of a day’s sales transactions and process them as a batch at end of day Often more efficient than other types of systems but does not provide up-to-minute information

8 Online Capabilities Online systems allow users direct access to data stored in the system Two types (a company may use both) Online transaction processing (OLTP) Individual transactions entered from remote locations Online real time (Example: Bank balance at ATM) Online analytical processing (OLAP) Enables user to query a system for analysis Example: Data warehouse, decision support systems, expert systems

9 Database Storage In traditional-IT systems, each computer application maintains separate master files Redundant information stored in several files Database system allows users to access same integrated database file Eliminates data redundancy Creates need for data administrator for security against improper access

10 IT Networks Networks Computers linked together through telecommunication links that enable computers to communicate information back and forth WAN, LAN Internet, intranet, extranet Electronic commerce Involves electronic processing and transmission of data between customer and client Electronic Data Interchange (EDI)

11 End User Computing User departments are responsible for the development and execution of certain IT applications Involves a decentralized processing system IT department generally not involved Controls needed to prevent unauthorized access

12 Internal Control in IT Importance of internal control not diminished in computerized environment Separation of duties Clearly defined responsibilities Augmented by controls written into computer programs

13 Audit Trail Impact In a traditional manual system, hard-copy documentation available for accounting cycle In computerized environment, audit trail ordinarily still exists, but often not in printed form Can affect audit procedures Consulting auditors during design stage of IT-based system helps ultimate auditability

14

15 Responsibilities (1 of 2)
Information systems management Supervise the operation of the department and report to vice president of finance Systems analysis Responsible for designing the system Application programming Design flowcharts and write programming code Database administration Responsible for planning and administering the company database Data Entry Prepare and verify input data for processing

16 Responsibilities (2 of 2)
IT Operations Run and monitor central computers Program and file library Protect computer programs, master files and other records from loss, damage and unauthorized use Data Control Reviews and tests all input procedures, monitors processes and reviews IT logs Telecommunications Specialists Responsible for maintaining and enhancing IT networks Systems Programming Responsible for troubleshooting the operating system

17 Computer-Based Fraud History shows the person responsible for frauds in many situations set up the system and controlled its modifications Segregation of duties Programming separate from controlling data entry Computer operator from custody or detailed knowledge of programs If segregation not possible need: Compensating controls like batch totals Organizational controls not effective in mitigating collusion

18 Internal Auditing in IT
Interested in evaluating the overall efficiency and effectiveness of information systems operations and related controls throughout the company Should participate in design of IT-based system Perform tests to ensure no unauthorized changes, adequate documentation, control activities functioning and data group performing duties.

19

20 IT Control Activities General Control Activities
Developing new programs and systems Changing existing programs and systems Access to programs and data IT operations controls 3 4

21 Application Control Activities
Programmed Control Activities Input validation checks Limit test Validity test Self-checking number Batch controls Item count Control total Hash total Processing controls Input controls plus file labels Manual Follow-up Activities Exception reports follow-up 5

22 User Control Activities
Designed to test the completeness and accuracy of IT-processed transactions Designed to ensure reliability Reconciliation of control totals generated by system to totals developed at input phase Example: Sales invoices generated by IT-based system tested for clerical accuracy and pricing by the accounting clerk

23 Control in Decentralized and Single Workstation Systems
Involves use of one or more user operated workstations to process data Needed controls Train users Document computer processing procedures Backup files stored away from originals Authorization controls Prohibit use of unauthorized programs Use antivirus software

24 Steps 1 and 2 of audit--Plan audit and Obtain an Understanding
Step 1 – Consider IT system in planning Step 2 – Obtain an understanding of the client and its environment Documentation of client’s IT-based system depends on complexity of system Narrative Systems flowchart Program flowchart Internal control questionnaires

25 Step 3 of Audit: Assess the Risks of Material Misstatement
Identify risks Relate the identified risks to what can go wrong at the relevant assertion level Consider whether the risks are of a magnitude that could result in a material misstatement Consider the likelihood that the risks could result in a material misstatement Evaluate effectiveness of related controls in mitigating risks Test of controls over IT-based systems

26 Techniques for Testing Application Controls
Auditing Around the Computer--Manually processing selected transactions and comparing results to computer output Manual Tests of Computer Controls--Inspection of computer control reports and evidence of manual follow-up on exceptions Auditing Through the Computer--Computer assisted techniques Test Data Integrated Test Facility Controlled Programs Program Analysis Techniques Tagging and Tracing Transactions Generalized audit software – parallel simulation 4 6

27 Using Generalized Audit Software to Perform Substantive Procedures
In general, using client data and generalized audit software Examine client’s records for overall quality, completeness and valid conditions Rearrange data and perform analyses Select audit samples Compare data on separate files Compare results of audit procedures with client’s records

28 Typical Inventory Audit Procedures Using Generalized Audit Software

29 Service Organizations
Computer service centers provide processing services to customers who decide not to invest in their own processing of particular data Outsourcing companies run computer centers and provide a range of computer processing services to companies

30 Service Organizations
Auditor concerned if service provided are part of the client’s information system. Part of system if service organization affect: How client’s transactions are initiated The accounting records, supporting information The accounting processes from initiation to inclusion in financial statements The financial reporting process Can obtain service auditors’ report SAS 70 report

Download ppt "Nature of IT Based Systems"

Similar presentations

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder 12 - 1 The Impact of Information Technology on the Audit Process Chapter 12.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.
ITAuditing Using GAS & CAATs

ITAuditing Using GAS & CAATs
Auditing Concepts.

Auditing Concepts.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.

Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.
Consideration of Internal Control in an IT Environment.

Consideration of Internal Control in an IT Environment.
12 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.

©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.
MODERN AUDITING 7th Edition

MODERN AUDITING 7th Edition
Chapter 14 System Controls. A Quote “The factory of the future will have only two employees, a man and a dog. The man will be there to feed the dog. The.

Chapter 14 System Controls. A Quote “The factory of the future will have only two employees, a man and a dog. The man will be there to feed the dog. The.
4-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 4 Materiality and Risk.

4-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 4 Materiality and Risk.
Chapter 12 Auditing the Human Resource Management Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Chapter 12 Auditing the Human Resource Management Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Auditing 81.3550 Auditing & Automated Systems Chapter 22 Auditing & Automated Systems Chapter 22.

Auditing Auditing & Automated Systems Chapter 22 Auditing & Automated Systems Chapter 22.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 11 - 1 The Impact of Information Technology on the Audit.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley The Impact of Information Technology on the Audit.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 12-1 Chapter Twelve Auditing the Human Resource Management Process.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 12-1 Chapter Twelve Auditing the Human Resource Management Process.
Chapter 13 Prepared by Richard J. Campbell Copyright 2011, Wiley and Sons Auditing Human Resources Processes: Personnel and Payroll in Service Industries.

Chapter 13 Prepared by Richard J. Campbell Copyright 2011, Wiley and Sons Auditing Human Resources Processes: Personnel and Payroll in Service Industries.
CHAPTER 6 ELECTRONIC DATA PROCESSING SYSTEMS

CHAPTER 6 ELECTRONIC DATA PROCESSING SYSTEMS
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Copyright © 2003 by Prentice Hall Computers: Tools for an Information Age Chapter 14 Systems Analysis and Design: The Big Picture.

Copyright © 2003 by Prentice Hall Computers: Tools for an Information Age Chapter 14 Systems Analysis and Design: The Big Picture.
Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Similar presentations

Ads by Google