Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
collect audit evidence at the same time as an application system undertakes processing of production data.
audit trail. To prevent / detect material loss due to rapid propagation of errors to other connected / dependent systems in a computerised environment. Difficulty in performing transaction walkthrough in a computerised environment
Cdr MK Paul B Tech, CISA
Indian Navy
Special audit modules embeded in application / system software to collect evidence. Special audit records to store the audit evidence collected.
application systems files and processing audit test data against this entity. Verifies application systems processing authenticity, accuracy and completeness
ITF
Test data used in ITF
Tagged live production transactions Specially designed by auditors according to a test plan
These specially designed test data are submitted for
ITF
Tagged Live Transactions
Transaction Input
Live Data Transaction Input ITF Application system Transaction Input Test Data Database with Dummy Entity
ITF
Problem with using ITF is that it affects the output
of the application system. Effects of ITF transactions should be removed by the application software prior to producing output.
Modify application program to ignore their effects while preparing outputs Submit additional inputs for removing their effects. Submit trivial entries as test data so that their effect on the output is minimal.
Snapshots
Involves taking pictures of a transaction as it flows
Where to take snapshots Which transactions will be subject to snapshot How and when the snapshot data will be presented for evaluation
Cdr MK Paul B Tech, CISA
Indian Navy
Snapshots
Extended Record Technique
record for each snapshot point. Snapshots usually stored where it is taken Extended record technique appends data for each snapshot point to a single record. Thus all data relating to a transaction is kept in one place.
Cdr MK Paul B Tech, CISA
Indian Navy
Snapshots
Input Transaction Input Validation Program Snapshots 1,2,3 Snapshot Report / File Report Program Snapshots 8,9 Update Program Snapshot Report / File Snapshots 4,5,6,7
Snapshots 4,5,6,7
Snapshots 8, 9
Extended Record
Cdr MK Paul B Tech, CISA
Indian Navy
Most Complex of all techniques Involves embedding audit modules in an application system to provide continuous monitoring of a systems transactions.
Embeded audit modules placed at predetermined points to gather info about transactions or events that auditors deem to be material
Data collected via these routines includes errors and irregularities, policy and procedural variances, system exceptions, statistical samples, snapshots etc Written to a special SCARF file for immediate or subsequent audit evaluation
SCARF
Input Transaction Update Program Containing SCARF Embedded Audit routines
SCARF
Audit Reports
Cdr MK Paul B Tech, CISA
Indian Navy
database management system. Transactions of interest to the auditors are trapped by the DBMS and passed to CIS. CIS replicates the application systems processing Result of application system processing and CIS processing compared and data about discrepancies written to a special audit file
If discrepancies are material, CIS can instruct DBMS to reject updates
Cdr MK Paul B Tech, CISA
Indian Navy
CIS
Advantage
CIS does not require modification to the application system (DBMS needs to be modified to trap CIS transactions)
Disadvantage
Parallel Simulation
Input Transactions Test Data Parallel Simulation Of Application Program
Application Program