Computerized Auditing Essay

With the introduction of figurers, conventional score systems and methods exploitation papers, pens and abac make mathematical function ofs have undergone forceful changes, therefore exerting a great impact on inseparable reckon and audit trails in following audit procedures. Also, the introduction of reckoner has brought an immense increase in the availability of electronic resources. My topic is entitled auditing in a Computerized Information System (CIS). One purpose why this topic is included in auditing is due to the rampant changes that ar happening in our society.We could say that either day, e trulything around us is going through the process of evolution. Example, the government structure, educational structure, social structure, practiced structure, economic structure and new(prenominal)s atomic number 18 going into extensive and widespread changes. Work nowadays involve the employ of calculator, hence, the desire for information impact systemized informa tion system in auditing erupted. Around the world, ready reckoner plays an important role in the schooling of ones country. That is why, here in the Philippines, we are trying to muddle through by with the drastic and radical changes in order to be globally competitive.In fact, technology experts stated that when it comes to new enhancement and improvement of technology, the Philippines is not far behind, but rather one of the fastest country to acclimatize and presume in this unbelievable wave of changes. With the rapid progress in technology in recent years, computer information systems have become feasible and practicable, perhaps essential, for use even in small plateful business mathematical processs. Almost all entities now use computers to some achievement in their accounting systems.The widespread use of computers has citeed new opportunities for professional accountants and had also created some challenging and exigent problems to auditors. Additionally, in auditing , the need for computer is now more important and signifi good dealt because of the increasing and growing demand of auditing. Without computer, then auditing would not be able to deal with this growing demand. Ever imagine, conducting an audit without the usage of computer, isnt it that it leave alone be very difficult for the auditor because we all know, we human beings are immersed and innate with errors. Incorporating CIS in auditing is tough.This is because there are technical and methodological matters that an auditor doesnt have any idea with, for instance, the parcel package package, such as operating program, utility(prenominal) program, etc. Auditors do not have any idea of these things, thats why auditor tries to widen their knowledge in order to be competitive. The ending of that leads to the flourishing of auditing. Time and sequence again, auditing will move to evolve. Having said all that, this topic contains a lot of different things which cannot be found in chemical formula manual auditing. The overall objective and scope of an audit does not change in a CIS environment.However, the use of a computer changes the processing, storage and communication of financial information and may affect the accounting and internal control systems employed by the entity. Accordingly, a CIS environment may affect a. ) the procedures followed by the auditors in hold backing a sufficient correspondence of the accounting and internal control systems b. ) the contemplateation of inherent essay and control insecurity through which the auditors arrive at the risk assessment and c. ) the auditors formula and performance of tests of control and substantive procedures let to meet the audit objective.Anyways, regardless of the extent of computerization or the methods of info processing being used, the memorial tablet and implementation of give up internal control systems rests with the management and those charged with governance. The auditors respon sibility is to obtain an understanding of the entitys internal control system to be able to assess control risk and determine the nature, timing and extent of tests to be per make. Before tackling the important details of my topic, let us front define what is meant by Auditing and Computerized Information System (CIS). So, what is auditing?PSA 200 defines auditing by stating the objective of a financial statement audit, that is, to enable the auditor to express an opinion whether the financial statements are prepared, in all substantive respects, in accordance with the applicable financial reporting frame lick. A more comprehensive definition of auditing is granted by the American Accounting knowledge auditing is a systematic process of objectively obtaining and evaluating evidence regarding assertions roughly economic actions and events to ascertain the degree of correspondence between these assertions and established criteria and communicating the results to interested users. On the different hand, computerized information system pertains to the usage of computer to develop and collate the information derived in an audit for the need of the auditor and third parties related.Another definition of Computerized Information System (CIS) includes, is often a track at bottom the computer science field studying computers and algorithmic processes, including their principles and doctrine, their software & hardware designs, their applications, and their impact on the oecumenical public. (http//www. quora. om/Information-Systems) I would just like to give a brief history of Auditing in a CIS Environment. It began as Electronic Data Process (EDP) Auditing and developed largely as a result of the rise in technology in accounting systems, the need for IT control, and the impact of computers on the ability to perform attestation services. The conk a couple of(prenominal) years have been an exciting time in the world of CIS auditing as a result of the accounting scandals and increased regulation. CIS auditing has had a relatively short yet rich history when compared to auditing as a whole and remains an ever changing field.The introduction of computer technology into accounting systems changed the way entropy was stored, retrieved and controlled. It is believed that the starting signal use of a computerized accounting system was at General Electric in 1954. During the time period of 1954 to the mid-1960s, the auditing profession was still auditing around the computer. At this time only mainframe computers were used and few people had the skills and abilities to program computers. This began to change in the mid-1960s with the introduction of new, smaller and less expensive machines.This increased the use of computers in businesses and with it came the need for auditors to become familiar with EDP concepts in business. Along with the increase in computer use, came the rise of different types of accounting systems. The industry soon realiz ed that they needed to develop their own software and the first of the generalized audit software (GAS) was developed. In 1968, the American Institute of Certified Public Accountants (AICPA) had the rangy Eight (now the Big Four) accounting firms participate in the development of EDP auditing.The result of this was the release of Auditing & EDP. The phonograph recording included how to document EDP audits and examples of how to process internal control reviews. Around this time EDP auditors formed the Electronic Data Processing Auditors Association (EDPAA). The goal of the association was to produce guidelines, procedures and standards for EDP audits. In 1977, the first edition of Control Objectives was published. This publication is now known as Control Objectives for Information and related engineering (CobiT). CobiT is the set of generally accepted IT control objectives for IT auditors.In 1994, EDPAA changed its name to Information Systems Audit and Control Association (ISACA). The period from the late 1960s through today has seen rapid changes in technology from the microcomputer and networking to the mesh and with these changes came some major events that change IT auditing forever. The formation and rise in popularity of the cyberspace and E-commerce have had significant influences on the growth of IT audit. The Internet influences the lives of most of the world and is a place of increased business, entertainment and crime.IT auditing helps organizations and individuals on the Internet find security while helping commerce and communications to flourish. (www. trustsoft. com/pp_ha_1. php) In terms of needed skills and competence of the auditor he/she should have sufficient knowledge of the CIS to plan, direct, supervise and review the work performed. The auditor should consider whether specialized CIS skills are needed in an audit. These may be needed to a. ) obtain sufficient understanding of the accounting and internal control systems of the CIS en vironment, b. determine the effect of CIS environment on the assessment of related risks, c. ) design and perform appropriate tests of control and substantive procedures.In planning the portions of the audit which may be change due to clients CIS environment, the auditor should acquire an understanding of the implication and complexity of the CIS activities and the availability of data for use in the audit. Such matter that needed understanding are the following a. ) the significance and enlargement of computer processing in each significant accounting application, b. the organizational structure of the client and the extent of concentration or distribution of computer processing throughout the entity, c. ) the availability of data (e. g. source document, computer files). Computerized information systems have essential and vital characteristics that distinguish them from manual processing system.These are the following a. ) escape of visible exercise trails, b. ) consistency of performance, c. ) concentration of duties, d. ) ease of access to data and computer programs, e. ) photograph of data and program storage media, f. Systems generated transactions and g. ) Potential for increased management supervision. As regards to lack of visible transaction trails, in manual system, it is normally possible to follow a transaction through the system by examining source documents, entitys records, and financial reports. In a CIS environment, data can be entered directly and unswervingly into the computer system devoid of supporting documents. Furthermore, records and files may not be printed and cannot be read without using the computer.The absence of these visible documents supporting the processing of transactions makes the examination of evidence more difficult. In sexual relation to the consistency of performance, CIS performs functions exactly as programmed. If the computer is programmed to perform a specific data processing task, it will never get tired of performing the assigned task in exactly the same manner. Because of this skill of the computer to process transactions uniformly, clerical errors that are normally associated with manual processing are eliminated.On the other hand, an incorrect program could be very devastating because it will result to consistently ill-judged data processing. Third, concentration of duties, in here proper segregation of duties is an essential characteristic of a give way internal control system. However, because of the ability of the computer to process data efficiently, there are functions that are normally segregated in manual processing that are feature in a CIS environment. As a particular example, in manual processing the function of recording cash disbursements is incompatible with the responsibility for accommodative cash disbursement.Since one of these functions serves as a check upon the other, assigning both functions to one employee would enable and set aside that employee to commi t and conceal errors and irregularities. A properly programmed computer, on the other hand, has no tendency or motivation to commit irregularities or conceal its errors. Hence what appears to be an incompatible combination of functions may be combined in a CIS environment without weakening and dwindling the internal control provided suitable and appropriate compensating controls are put in place.Fourth, ease of access to data and computer programs, in a CIS environment, data and computer programs may be accessed and altered by unauthorized persons leaving no visible and detectible evidence. It is important, therefore, that proper and appropriate controls are incorporated in the system to limit the access to data files and programs only to authorized personnel. Fifth, vulnerability of data and program storage media, in a manual system the records are written in ink and substantial paper. The only way to lose the information is to lose or destroy the corporal records.The situation is completely different in a CIS environment. The information on the computer can be easily changed, leaving no trace of the original content. This change could happen inadvertently and huge beat of information can be quickly lost. Another, systems generated transactions certain transactions may be initiated by the CIS itself without the need for an input document. For example, interest may be calculated and charged automatically to customers account balances on the basis of pre-authorized terms contained in a computer program.Lastly, potential for augmented management supervision, CIS can offer management a variety of analytical tools that may be used to review and supervise the operation of the entity. The availability of these tools may enhance the entire internal control structure. There are certain advantages and disadvantages in using computer in the conduct of audit. Take note that the characteristics of computer information system already tackled above pertains to some adva ntages and disadvantages of CIS.Advantages of it includes, it avoids computational errors commonly done by human eases up and alleviate the work of auditor especially when it comes to timeliness faster and efficient in processing of information generation and initiation of accounting documents like invoices, cheques and statement of account are automatic more timely information can be produced With the larger reductions in the cost of hardware and software and availability of user-friendly accounting software package, it is relatively cheaper like maintaining a manual accounting system no more manual processing of the data hence all data are automatically been posted to the various ledgers/accounts and others . On the other hand, the disadvantages of CIS are the following it removes part of the audit trail subject to manipulation especially to unauthorized personnel the need for back-up files, could result into more cost, especially if computer is susceptible to power interruption and from infectious software danger of computer fraud if proper level of control and security whether internal and external are not properly been instituted and others.