SlideShare uma empresa Scribd logo

auditing-190520092523.pdf

C
chetanvchaudhari

htfuhytfr

Engenharia
1 de 35
Baixar para ler offline
Information Systems Audit (Chapter 1)
Contents • Introduction • Need for control and audit of computers • Information systems auditing defined • Effects of computer on internal controls • Effect/advantages of computer in audit techniques
Introduction Auditing is the process of assessment of financial, operational, strategic goals and processes in organizations to determine whether they are in compliance with the stated principles ,regulatory norms, rules and regulations.
• Aim of information audit is to safe guard the assets, to maintain data integrity, to achieve system effectiveness and to achieve system efficiency. • The audit can be conducted internally by employees of the organization, or externally by an outside firm.
Need for control and Audit of computers computers assist in the processing of data and decision making. Factors: 1)Organizational cost of data loss 2)Incorrect decision making 3)Cost of computer abuse 4)Value of hardware, software 5)High costs of computer error 6)Maintainance of privacy 7)Controlled evolution of computer use
Organizational cost of data loss • Data provides the organization with an image of itself its environment, its history and its future. • If the Data is inaccurate or lost the organization can incur substantial losses. • There should be proper backup of computer files.
Incorrect decision making • Decision making depends on the quality of data and quantity of decision rules that exists in the computer based information system. • Inaccurate data causes costly, unnecessary investigations and out of control process can also remain undetected. Example: If the algorithm that the bank uses to give interest rates if incorrect the bank will undergo substantial loss.
• Not just management but parties who have interest in an organization also have an impact of incorrect data. Example: Shareholders might make poor investment decisions if they are provided with inaccurate financial information.
Costs of computer abuse Hacking: A person gaining unauthorized access of system to modify or delete program or to disrupt services. Viruses: It is a program that attaches itself to executable files or data files and replicate themselves and causes disruption.
Illegal physical access: A person gaining unauthorized physical access in the system.(can cause physical damage or make copies of data) Abuse of privileges: A person uses privileges for unauthorized purposes.(making copies of sensitive data they are permitted to access)
Consequences of Abuse: 1)Destruction of assets 2)Theft of assets 3)Modification of assets 4)Privacy violation 5)Unauthorized use of assets
Value of computer hardware and software • In addition to data Hardware and software are critical organizational resources. • Some intentional or unintentional loss of hardware can cause disruption in functioning of organization • If the software is corrupted the confidential information could be stolen could be disclosed to competitors.
High cost of computer error • Computers automatically perform many critical functions. Example: Computers allow banks to provide ATM services, online banking and accurate tracking and verification of funds.
Maintenance of privacy • All the important data of an individual like financial information, personal data everything is stored on computers • If there is some breach in the system all the private data will be gone in seconds thus making it important to protect and maintain the privacy.
Impact of ISA 1)Improved safeguard of assets 2)Improved data integrity 3)Improved system effectiveness 4)Improved system efficiency
Asset safeguarding objective • The information system assets of an organization includes hardware, software, people(knowledge),data files and system documentation. • These assets play a major role in organizational growth thus making it necessary to safeguard these assets.
Data integrity objective • Data integrity is an fundamental concept of information system auditing. • It is a state implying data has certain attributes like: completeness, soundness, purity and veracity. • If the integrity of an organization’s data is low it could suffer a great loss.
Three major factors affect the value of data : 1)The value of information content of the data item for individual decision makers. 2)The extent to which data item is shared among decision makers. 3)The value of data item to competitors.
System effectiveness objective • The effectiveness is the measure for deciding whether the system provides the desired output or not. Being effective means producing the right output in terms of quantity and quality. • Effectiveness auditing is done usually after the system has been running for sometime. • It can be carried out during the design stages of system.
System efficiency objectives • The efficiency indicates the manner in which the inputs are used by the system. Being efficient means the system uses inputs in a `right' way. • An efficient information system uses minimum resources to achieve its required objectives.
Effects of computers on internal control • The goals can be achieved only if an organization’s management sets up a system of internal control. • There is a huge impact of computers on the internal control components.
Components of internal control • Separation of duties • Delegation of authority • Competent and trustworthy personal • System of authorizations • Adequate documents and records • Physical control over assets and records • Adequate management supervision • Independent checks on performance
Separation of duties • In manual system separate individuals must be responsible for initiating transactions, recording transactions and maintaining the assets. • It prevents and detects errors and irregularity • Separation of duties must exist in different forms • The capability to run the program and change the program should be separated(privileges).
Delegation of authority and responsibility In a computer system delegating authority and responsibility is difficult because some resources are shared among various users. Example: In a database various users can access the same data. But by this the integrity is somehow violated. It is not possible to trace who is responsible for corrupting the data and who is responsible for identifying and correcting the errors.
Competent and trustworthy personnel • Substantial power is given to persons responsible for computer based information system developed, implemented, operated and maintained within organization. • Sometimes the personnel not only lacks skills but also well developed sense of ethics.
• In computer system it is difficult to assess whether the authority assigned to individual is consistent with the management’s goals. Example: Users can formulate queries on database that could fetch them contents of confidential data.
System of authorizations Management issues two types of authorizations: 1) general authorizations 2)specific authorizations
Adequate documents and records The systems should be designed in a way to maintain a record of all events and should be easily accessible in order to have effective auditing process.
Physical control over assets and records Computer system differs from manual systems in a way they concentrate all the information systems assets and records of an organization. Example: In manual system if a person wants to commit fraud he’ll have to go to different physical locations whereas in computer based all the data will be available in single site. Thus making it easy to execute the fraud.
Adequate management supervision • In computer based system supervision needs to be carried out remotely. • Managers must examine and do periodic auditing to check for unauthorized actions.
Independent checks on performance • The control emphasis should be on ensuring the veracity of program code. • Auditors must must evaluate controls established for program development, modification operation and maintenance.
Effects of computers on auditing 1)Changes to evidence collection 2)Changes to evidence evaluation
Foundation of information systems auditing 1)Traditional auditing 2)Information system management 3)Behavioral science 4)Computer science
Advantages of using computers in audit techniques • Increase the accuracy of audit tests • Perform audit tests more efficiently • Enable the audit team to test a large volume of data accurately and quickly • Reduce the level of human error in testing • Provide a better quality of audit evidence
Thank you

Recomendados

Information 2nd lesson
Information 2nd lessonInformation 2nd lesson
Information 2nd lessonAnne ndolo
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptxdotco
 
Information system audit 2
Information system audit 2 Information system audit 2
Information system audit 2 Jayant Dalvi
 
Chapter 7
Chapter 7Chapter 7
Chapter 7Seth Nurul
 
audit_it_250759.pdf
audit_it_250759.pdfaudit_it_250759.pdf
audit_it_250759.pdfmabkhoutaliwi1
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.pptr209777z
 
Lecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.pptLecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.pptDrBasemMohamedElomda
 
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)Muhammad Azmy
 

Recomendados

Information 2nd lesson
Information 2nd lessonInformation 2nd lesson
Information 2nd lessonAnne ndolo
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptxdotco
 
Information system audit 2
Information system audit 2 Information system audit 2
Information system audit 2 Jayant Dalvi
 
Chapter 7
Chapter 7Chapter 7
Chapter 7Seth Nurul
 
audit_it_250759.pdf
audit_it_250759.pdfaudit_it_250759.pdf
audit_it_250759.pdfmabkhoutaliwi1
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.pptr209777z
 
Lecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.pptLecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.pptDrBasemMohamedElomda
 
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)
CONTROL & AUDIT INFORMATION SYSTEM (HALL, 2015)Muhammad Azmy
 
A075434624
A075434624A075434624
A075434624Dharmendra Kumar
 
Chapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxChapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxToxicHawk
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGSri Latha
 
CISA_WK_1.pptx
CISA_WK_1.pptxCISA_WK_1.pptx
CISA_WK_1.pptxdotco
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Security Architecture
Security ArchitectureSecurity Architecture
Security ArchitecturePriyank Hada
 
Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Yasir Khan
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentKugendranMani
 
Overview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxOverview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxJoshJaro
 
03.1 general control
03.1 general control03.1 general control
03.1 general controlMulyadi Yusuf
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDITRos Dina
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems Jeffrey Paulette
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROLshinydey
 
MS Lecture 9 information technology
MS Lecture 9 information technologyMS Lecture 9 information technology
MS Lecture 9 information technologyEst
 
Information system audit
Information system audit Information system audit
Information system audit Jayant Dalvi
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptxThavaselviMunusamy1
 
Joe Buonomo-ASQ Presentation
Joe Buonomo-ASQ PresentationJoe Buonomo-ASQ Presentation
Joe Buonomo-ASQ PresentationJoe Buonomo
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docxLynellBull52
 
How important is IT auditing
How important is IT auditingHow important is IT auditing
How important is IT auditingLepide USA Inc
 
chapter1.ppt
chapter1.pptchapter1.ppt
chapter1.pptchetanvchaudhari
 
chapter2-190516054412.pdf
chapter2-190516054412.pdfchapter2-190516054412.pdf
chapter2-190516054412.pdfchetanvchaudhari
 

Mais conteúdo relacionado

Semelhante a auditing-190520092523.pdf

Chapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxChapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxToxicHawk
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGSri Latha
 
CISA_WK_1.pptx
CISA_WK_1.pptxCISA_WK_1.pptx
CISA_WK_1.pptxdotco
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Security Architecture
Security ArchitectureSecurity Architecture
Security ArchitecturePriyank Hada
 
Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Yasir Khan
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentKugendranMani
 
Overview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxOverview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxJoshJaro
 
03.1 general control
03.1 general control03.1 general control
03.1 general controlMulyadi Yusuf
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDITRos Dina
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems Jeffrey Paulette
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROLshinydey
 
MS Lecture 9 information technology
MS Lecture 9 information technologyMS Lecture 9 information technology
MS Lecture 9 information technologyEst
 
Information system audit
Information system audit Information system audit
Information system audit Jayant Dalvi
 
Joe Buonomo-ASQ Presentation
Joe Buonomo-ASQ PresentationJoe Buonomo-ASQ Presentation
Joe Buonomo-ASQ PresentationJoe Buonomo
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques_supriadi
 
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docxLynellBull52
 
How important is IT auditing
How important is IT auditingHow important is IT auditing
How important is IT auditingLepide USA Inc
 

Semelhante a auditing-190520092523.pdf (20)

A075434624
A075434624A075434624
A075434624
 
Chapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxChapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptx
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODING
 
CISA_WK_1.pptx
CISA_WK_1.pptxCISA_WK_1.pptx
CISA_WK_1.pptx
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1Information System Architecture and Audit Control Lecture 1
Information System Architecture and Audit Control Lecture 1
 
Chapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environmentChapter 4 : Auditing and the information technology environment
Chapter 4 : Auditing and the information technology environment
 
Overview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxOverview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptx
 
03.1 general control
03.1 general control03.1 general control
03.1 general control
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDIT
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROL
 
MS Lecture 9 information technology
MS Lecture 9 information technologyMS Lecture 9 information technology
MS Lecture 9 information technology
 
Information system audit
Information system audit Information system audit
Information system audit
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptx
 
Joe Buonomo-ASQ Presentation
Joe Buonomo-ASQ PresentationJoe Buonomo-ASQ Presentation
Joe Buonomo-ASQ Presentation
 
Computer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and TechniquesComputer-Assisted Audit Tools and Techniques
Computer-Assisted Audit Tools and Techniques
 
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
· Processed on 09-Dec-2014 901 PM CST · ID 488406360 · Word .docx
 
How important is IT auditing
How important is IT auditingHow important is IT auditing
How important is IT auditing
 

Mais de chetanvchaudhari

BranchandBoundAlgorithms[1].ppt
BranchandBoundAlgorithms[1].pptBranchandBoundAlgorithms[1].ppt
BranchandBoundAlgorithms[1].pptchetanvchaudhari
 
Format for address_change_by_mpmla_gazzeted_officer
Format for address_change_by_mpmla_gazzeted_officerFormat for address_change_by_mpmla_gazzeted_officer
Format for address_change_by_mpmla_gazzeted_officerchetanvchaudhari
 

Mais de chetanvchaudhari (8)

chapter1.ppt
chapter1.pptchapter1.ppt
chapter1.ppt
 
chapter2-190516054412.pdf
chapter2-190516054412.pdfchapter2-190516054412.pdf
chapter2-190516054412.pdf
 
BranchandBoundAlgorithms[1].ppt
BranchandBoundAlgorithms[1].pptBranchandBoundAlgorithms[1].ppt
BranchandBoundAlgorithms[1].ppt
 
graph coloring.ppt
graph coloring.pptgraph coloring.ppt
graph coloring.ppt
 
chapter16[1].ppt
chapter16[1].pptchapter16[1].ppt
chapter16[1].ppt
 
np complete.ppt
np complete.pptnp complete.ppt
np complete.ppt
 
M.tech computerunitwise
M.tech computerunitwiseM.tech computerunitwise
M.tech computerunitwise
 
Format for address_change_by_mpmla_gazzeted_officer
Format for address_change_by_mpmla_gazzeted_officerFormat for address_change_by_mpmla_gazzeted_officer
Format for address_change_by_mpmla_gazzeted_officer
 

Último

(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 

Último (20)

(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 

auditing-190520092523.pdf

  • 2. Contents • Introduction • Need for control and audit of computers • Information systems auditing defined • Effects of computer on internal controls • Effect/advantages of computer in audit techniques
  • 3. Introduction Auditing is the process of assessment of financial, operational, strategic goals and processes in organizations to determine whether they are in compliance with the stated principles ,regulatory norms, rules and regulations.
  • 4. • Aim of information audit is to safe guard the assets, to maintain data integrity, to achieve system effectiveness and to achieve system efficiency. • The audit can be conducted internally by employees of the organization, or externally by an outside firm.
  • 5. Need for control and Audit of computers computers assist in the processing of data and decision making. Factors: 1)Organizational cost of data loss 2)Incorrect decision making 3)Cost of computer abuse 4)Value of hardware, software 5)High costs of computer error 6)Maintainance of privacy 7)Controlled evolution of computer use
  • 6. Organizational cost of data loss • Data provides the organization with an image of itself its environment, its history and its future. • If the Data is inaccurate or lost the organization can incur substantial losses. • There should be proper backup of computer files.
  • 7. Incorrect decision making • Decision making depends on the quality of data and quantity of decision rules that exists in the computer based information system. • Inaccurate data causes costly, unnecessary investigations and out of control process can also remain undetected. Example: If the algorithm that the bank uses to give interest rates if incorrect the bank will undergo substantial loss.
  • 8. • Not just management but parties who have interest in an organization also have an impact of incorrect data. Example: Shareholders might make poor investment decisions if they are provided with inaccurate financial information.
  • 9. Costs of computer abuse Hacking: A person gaining unauthorized access of system to modify or delete program or to disrupt services. Viruses: It is a program that attaches itself to executable files or data files and replicate themselves and causes disruption.
  • 10. Illegal physical access: A person gaining unauthorized physical access in the system.(can cause physical damage or make copies of data) Abuse of privileges: A person uses privileges for unauthorized purposes.(making copies of sensitive data they are permitted to access)
  • 11. Consequences of Abuse: 1)Destruction of assets 2)Theft of assets 3)Modification of assets 4)Privacy violation 5)Unauthorized use of assets
  • 12. Value of computer hardware and software • In addition to data Hardware and software are critical organizational resources. • Some intentional or unintentional loss of hardware can cause disruption in functioning of organization • If the software is corrupted the confidential information could be stolen could be disclosed to competitors.
  • 13. High cost of computer error • Computers automatically perform many critical functions. Example: Computers allow banks to provide ATM services, online banking and accurate tracking and verification of funds.
  • 14. Maintenance of privacy • All the important data of an individual like financial information, personal data everything is stored on computers • If there is some breach in the system all the private data will be gone in seconds thus making it important to protect and maintain the privacy.
  • 15. Impact of ISA 1)Improved safeguard of assets 2)Improved data integrity 3)Improved system effectiveness 4)Improved system efficiency
  • 16. Asset safeguarding objective • The information system assets of an organization includes hardware, software, people(knowledge),data files and system documentation. • These assets play a major role in organizational growth thus making it necessary to safeguard these assets.
  • 17. Data integrity objective • Data integrity is an fundamental concept of information system auditing. • It is a state implying data has certain attributes like: completeness, soundness, purity and veracity. • If the integrity of an organization’s data is low it could suffer a great loss.
  • 18. Three major factors affect the value of data : 1)The value of information content of the data item for individual decision makers. 2)The extent to which data item is shared among decision makers. 3)The value of data item to competitors.
  • 19. System effectiveness objective • The effectiveness is the measure for deciding whether the system provides the desired output or not. Being effective means producing the right output in terms of quantity and quality. • Effectiveness auditing is done usually after the system has been running for sometime. • It can be carried out during the design stages of system.
  • 20. System efficiency objectives • The efficiency indicates the manner in which the inputs are used by the system. Being efficient means the system uses inputs in a `right' way. • An efficient information system uses minimum resources to achieve its required objectives.
  • 21. Effects of computers on internal control • The goals can be achieved only if an organization’s management sets up a system of internal control. • There is a huge impact of computers on the internal control components.
  • 22. Components of internal control • Separation of duties • Delegation of authority • Competent and trustworthy personal • System of authorizations • Adequate documents and records • Physical control over assets and records • Adequate management supervision • Independent checks on performance
  • 23. Separation of duties • In manual system separate individuals must be responsible for initiating transactions, recording transactions and maintaining the assets. • It prevents and detects errors and irregularity • Separation of duties must exist in different forms • The capability to run the program and change the program should be separated(privileges).
  • 24. Delegation of authority and responsibility In a computer system delegating authority and responsibility is difficult because some resources are shared among various users. Example: In a database various users can access the same data. But by this the integrity is somehow violated. It is not possible to trace who is responsible for corrupting the data and who is responsible for identifying and correcting the errors.
  • 25. Competent and trustworthy personnel • Substantial power is given to persons responsible for computer based information system developed, implemented, operated and maintained within organization. • Sometimes the personnel not only lacks skills but also well developed sense of ethics.
  • 26. • In computer system it is difficult to assess whether the authority assigned to individual is consistent with the management’s goals. Example: Users can formulate queries on database that could fetch them contents of confidential data.
  • 27. System of authorizations Management issues two types of authorizations: 1) general authorizations 2)specific authorizations
  • 28. Adequate documents and records The systems should be designed in a way to maintain a record of all events and should be easily accessible in order to have effective auditing process.
  • 29. Physical control over assets and records Computer system differs from manual systems in a way they concentrate all the information systems assets and records of an organization. Example: In manual system if a person wants to commit fraud he’ll have to go to different physical locations whereas in computer based all the data will be available in single site. Thus making it easy to execute the fraud.
  • 30. Adequate management supervision • In computer based system supervision needs to be carried out remotely. • Managers must examine and do periodic auditing to check for unauthorized actions.
  • 31. Independent checks on performance • The control emphasis should be on ensuring the veracity of program code. • Auditors must must evaluate controls established for program development, modification operation and maintenance.
  • 32. Effects of computers on auditing 1)Changes to evidence collection 2)Changes to evidence evaluation
  • 33. Foundation of information systems auditing 1)Traditional auditing 2)Information system management 3)Behavioral science 4)Computer science
  • 34. Advantages of using computers in audit techniques • Increase the accuracy of audit tests • Perform audit tests more efficiently • Enable the audit team to test a large volume of data accurately and quickly • Reduce the level of human error in testing • Provide a better quality of audit evidence