Audit

  1. Statistical Sampling over Nonstatistical in test of controls
    • Provide an objective basis for quantitatively evaluating sample risk.
    • Measure the sufficiency of the audit evidence obtained.
    • Measuring mathematically the degree of
    • uncertainty that results from examining only a part of the data.
  2. Analytical Procedures in Sampling
    • Comparisons of recorded amounts
    • Ratios developed from recorded amounts
    • to Expectations developed by the auditor.
  3. Statistical sampling in tests of controls
    • Deviations from specific internal control procedures at a
    • given rate ordinarily result in misstatements at a lower rate.
  4. Attribute Sampling
    • Test of Controls
    • Rate & Occurence
    • Sample size Known
    • Frequency in Sample
    • Estimated Error indicates control is effective
  5. Embeded Audit Modules
    Coded into a client's application to collect data for the auditor
  6. Parallel Simulation
    • Computed-assisted auditing techniques (CAAT) Processes client input data
    • On a controlled program under the auditor's control
  7. Integregated Test Facility
    Test Data
    Run fictitious data through the client's programs

    Test data are processed by the client's computer programs under the auditor's control.
  8. System Analyst
    • Designs and evaluates systems
    • Prepares program specifications for programmers
    • No review of Output or Data distribution
  9. System Program
    Designs the operating and control functions of programs Participates in testing operating systems
  10. Ratio Estimation
    • Measure the total estimated error amount in a population.
    • Most appropriate when the size of the errors are
    • proportionate to the recorded amounts
    • Estimating the total dollar error
  11. Test of Controls in Sampling
    • Takes a sample
    • Determines the sample deviation rate
    • compares this rate to the maximum rate he can tolerate and still rely on
    • the control
    • Decides whether to rely on the control as planned or
    • not.
  12. Reduce the planned reliance on a prescribed control when:
    Sample rate of deviation plus the allowance for sampling risk exceeds the tolerable rate.
  13. Factors to determined Audit Sample
    • Tolerable exception rate
    • Sampling risk, defined as the acceptable risk of assessing control risk too low (ARACR)
    • Estimated population exception rate
    • Population size (not significant)
  14. Variable Sampling
    • Substantive Testing
    • Dollar Value or Quantity of Units
    • Estmate difference between actual & reported amounts
  15. Risk of Incorrect acceptance and the likelihood of assessing control risk too low
    Effectiveness of Audit
  16. Stratified Sampling
    • Allow the auditor to emphasize larger items from the population
    • The population has highly variable recorded amounts
  17. PPS ( monetary sampling)
    • Statistical solution rather than a nonstatistical one.
    • Reduces the cost of doing the audit testing because several sample items are test at onc
    • High dollar items selected from the population
    • Zero or Negative items not included
    • Auditor controls the risk of incorrect acceptance by specifying a risk level when planning the sample.
  18. Calculating Projected Error (PPS)
    • Tainting Factor= Recorded $ - Audit $ / Recorded $
    • Projected Error = Tainting Factor * Sampling Interval

    When an account recorded amount Exceeds the sampling error :Projected Error = actual misstatement
  19. Segregate Duties
    • Systems development : SSAD
    • Systems analysis, Systems programming, Applications programming, Database administration
    • Data processing: DODD
    • Data preparation, Operations, Data library, Data control.
  20. Control Limitations
    • Applications to be adequately tested before use
    • Backup of files
    • Control access to appropriate users
    • Adequate documentation
    • Application controls
  21. Processing Integrity principle (CATA)
    • Complete
    • Accurate
    • Timely
    • Authorized.
  22. Information Systems Department - 2 functions
    • Systems development
    • Data processing
  23. System Programmer
    • Implementing
    • Modifying
    • Debugging
  24. Operator
    • Daily computer operations of hardware and software
    • Mounts tapes
    • Supervises operations on a console
    • Accepts inputs and distributes outputs
  25. Applications Progammer
    • Writing applications software
    • Testing
    • Debugging
  26. DataBase Administrator DBA
    • Maintaining the database
    • Restricting access to the database to authorized users
  27. At a minimum Segregate POL
    • Programming
    • Operations
    • Library.
  28. System Control Activities (GAS)
    • General
    • Application
    • User
  29. System documentation used by Auditors & Analyst (DES)
    • Data Flow Diagrams
    • Entity Relationship Diagrams
    • System Flowcharts
  30. Systems key entities and the relationships among those entities
    Entity Relationship Diagram (EDP)
  31. Examples of input validation or edit controls
    • Preprinted forms, check digits, control., batch and proof totals, hash totals, record counts and limit or reasonable tests
    • Menu driven input, field and validity checks, missing data and field size checks and logic checks
    • Redundant data checks and closed loop verification
  32. USER Control Activities
    • Checks of computer output aginst source documents, control totals or other input
    • Reviewing computer logs
    • Policies and procedures that document authorized users and receipients of data
  33. Mathematical summation of a piece of information that would not otherwise be computed except for control purposes
    Ex: Final digit of all employee identification numbers
    Hash Total
Author
lindajgomez
ID
94125
Card Set
Audit
Description
Sampling
Updated