Shared Flashcard Set

Details

AIS
IS Audit
26
Accounting
Undergraduate 4
12/03/2010

Additional Accounting Flashcards

 


 

Cards

Term
According to PCAOB AS-5, auditors should evaluate ____
Definition
The nature and complexity of the business's IS
Term
According to PCAOB AS-5, does a company's use of IT affect the ICFR?
Definition
YES; the nature and characteristic of the IT & IS affect ICFR
Term
What techniques are used when auditing through the computer? with the computer?
Definition
Through the computer: IS audit
With the computer: CAAT
Term
IS Audit (through the computer)
Definition
reviews and evaluates internal controls that protect the system
Term
what are the 4 primary objectives evaluated during an IS audit? (SPPC)
Definition
1) Overall Security
2) Program development & acquisition
3) Program modification/change management
4) Computer processing
Term
What are the risks involved in computer processing
Definition
-fail to detect erroneous input
-improperly correct input errors
-process erroneous input
-improperly distribute/disclose output
Term
What are the 2 types of audit tests performed of computer processing
Definition
1) Processing test data
2) Concurrent audit techinques
Term
What are the 5 concurrent audit techniques (CHISS)
Definition
1) Integrated test facility (ITF)
2) Snapshot technique
3) System control audit review file (SCARF)
4) Audit hooks
5) Continuous and Intermittent Simulation (CIS)
Term
Processing test data
Definition
audit test of computer processing that processes a hypothetical series of valid and invalid transactions (should reject invalid transactions)
Term
Concurrent audit techniques
Definition
use embedded modules to gather data during regular operating hours
Term
What are some advantages/disadvantages of concurrent audit techniques
Definition
-employees are often unaware of the testing
-concurrent testing will not affect actual data
-it is more complex/requires more experience
Term
Integrated test facility
Definition
creation of a series of 'dummy' files in the client's system; conceptually similar to processing test data only it is concurrent
Term
Snapshot technique
Definition
Examines the way that transactions are processed;
selected transactions are marked with a code so that when they come up, a snaposhot is taken before and after processing
Term
System Control Audit Review File (SCARF)
Definition
uses embedded modules to continuously monitor transaction activity;
collects data on transactions with a special audit significance;
auditor periodically receives printout of transactions
Term
Audit hooks
Definition
flag suspicious transactions as they occur and update the auditor via real-time notification;
usually geared toward fraudulent activities
Term
Continuous and Intermittent simulation (CIS)
Definition
Embeds an audit module in the DBMS that continuously examines all transactions that update DBMS using similar criteria to SCARF;
processes specified data independently and compares results with those obtained by DBMS
Term
What is auditing 'with' the computer
Definition
when the auditor uses the computer to perform substantive tests of transactions and balances
Term
What are the 7 functions of CAAT?
Definition
(FRSCRVD)
1) Data retrieval
2) calculations
3) validating data (edit checks)
4) reformatting
5) file operations
6) statistics
7) reports
Term
Based on the auditors specifications, CAS ______. CAS is best suited for examination of _____ files.
Definition
CAS generates programs that perform the audit function;
best suited for examination of large files
Term
What are the main risks in using spreadsheets
Definition
1) Spreadsheets are often outside of AIS controls
2) Data entry errors
3) Less structured controls
Term
What are the types of spreadsheet errors
Definition
1) Human errors (ie. typing + instead of - )
2) Logic errors: enter incorrect formula b/c or wrong reasoning/logic
3) Omission errors: important data missing from analysis/calculations; very difficult to detect (ie. sum didn't include all items);
Term
What are some ways to control spreadsheet use?
Definition
-Protect the spreadsheet
-Proper layout (ie. input worksheet, etc)
-Test/audit spreadsheet
-monitor spreadsheet size
Term
Overall security
Definition
IS audit objective;
-protect computer programs, data, equipment, & communications from unauthorized access, modification, destruction
Term
Program modification/change management
Definition
IS audit objective;
-ensures modifications and changes to programs have management's authorization & approval
Term
Program development/acquisition
Definition
IS audit objective
-is program development/acquisition performed in accordance with management's authorization
Term
Computer processing
Definition
Is the processing of transactions, files, reports, & other computer records accurate and complete
Supporting users have an ad free experience!