Sunteți pe pagina 1din 4

CAATTS computer assisted audit tools and techniques; broader umbrella whose

subcomponents

categories:

two

can

be

grouped

into

1. Software used to increase an auditor’s personal productivity and software

2. Techniques to increase the efficiency and effectivity of the audit function

CAATS computer assisted audit techniques

Computer assisted audit tools

a. Productivity tools

- E work papers

- Groupware

- Time and billing software

- Reference libraries

- Document management

b. Generalized audit software tools

- ACL

- Audit expert systems

- Utility software

- Statistical software

Computer assisted audit techniques

CAATs

a. to

validate

application

integrity

- Test decks

- Integrated test facility

- Parallel simulation

b. CAATs to verify data integrity

- Data extraction and analysis

- To detect fraud

- Continuous auditing techniques

Generalized audit software (GAS) myriad software tools help auditors extract data from client records and perform various quality assurance tests on that underlying data.

Audit productivity software any software that facilitates the auditor’s personal productivity

Electronic working papers

- paperless office

- common features:

a. import client’s raw data from legacy systems

b. automatically generate working paper

c. export to excel

d. enter AJE

e. break down accounts

Groupware can facilitate share of information across firms and between the auditor and the client.

Time and billing software can ease the formerly onerous process of accounting for chargeable hours and compiling and preparing bills accordingly

Reference

main reasons:

two

libraries;

used

for

1. locate company specific policies and procedures

2. search for authority when researching a particularly thorny problem

Document management software that has made online document storage readily available and practical increased auditor’s productivity

Generalized audit software tools

Data extraction and analysis audit software such as ACL; perform routine tasks that auditor has considerably more time to concentrate on analytic

thinking.

Statistical analysis enables auditors to perform statistical analysis on a client’s data file

Audit expert systems software that can be used in making routine, structured decisions.

Advantages:

a. unbiased decision making

b. incorporating expertise of multiple experts

c. constant availability

Disadvantages

1. Difficulty in eliciting decision making process and criteria from the experts

2. Difficulty in updating the knowledge base and rules contained therein

3. Time required to develop and test the system

4. Expense

5.

Difficulty in modelling uncertainty in decisions

6.

Mechanical adherence to the process

Computer

assisted

IT

techniques

procedures that assist IT auditors in obtaining sufficient, reliable, relevant and useful evidence to support predefined audit objectives.

Professional standards and guidelines specific to the use of audit techniques (CAATs)

Planning - When planning, auditor should consider an appropriate combination of manual techniques and CAATs

Performance of audit work - Use of CAATs should be controlled by the IS auditor to provide reasonable assurance that the audit objectives and the detailed specifications of the CAATs have been met.

Documentation - The step by step CAATs process should be specifically documented to provide adequate additional evidence

Reporting objectives, scope and methodology section, and the body of the report should contain clear description of the CAATs used.

THE STEPS TO USING CAATS

Auditor sets key objectives during

risk

1.

audit

planning,

based

on

assessment

2. Auditor identifies which specific CAATs will provide sufficient, relevant and AT useful evidence to achieve key audit objectives.

3. Auditor must identify which files, records and fields are needed form the client.

4. Determine in which format you prefer to receive the data

5. Request data files from client in the preferred format

6. Import the data into ACL

7. Use CAATs to verify the integrity

8. Perform specific CAATs as planned, to meet key audit objectives

9. Investigate and reconcile exceptions

10. Document results in the audit work papers

*tape is an inexpensive method for extracting and storing data

CAATS TO VALIDATE APPLICATION INTEGRITY

Test data use a set of fabricated data and run the test through the application and compare the results with results he expected to obtain.

logic

Useful

for

testing

application

and processing.

Integrated test facility variation of the test deck method. Test deck method cannot allow for testing of “live data” and this is the purpose of the integrated test facility

Parallel simulation the objective of the parallel simulation method is to test the integrity of a client’s application.

CAAT’S TO VERIFY DATA INTEGRITY

CAATs extract and analyse data

Importing the data into ACL

Counting count the number of records is ALWAYS the first step after importing the data in ACL

Verifying be sure that

type

conforms to the description in the input file

the

data

definition created (numeric field may not contain characters etc.)

Statistics identify statistical properties of any date or numeric data elements you identify.

Stratify auditors use to determine ranges of numeric data.

Age

accounts payable

Gaps and duplicates useful for examining payroll file and determine if there were any gaps in payroll checks. This would indicate a missing check.

CAATS TO DETECT FRAUD

and

aging

of

accounts

receivable

Digital analysis uses the statistical properties of a series naturally occurring numbers through the use of Benford’s Law.

Benford discovered that the first digit of a series of naturally occurring follows a distribution that has since come to be known as Benford’s Law.

Auditor must be careful to determine if artificial barriers have been placed into the population which affects its naturalness.

Data query models information is viewed globally, in context with other relevant information about the client or the situation under review.

- Example is travel expenses, compute travel expense as a total number of sales.

CONTINUOUS AUDITING TECHNIQUES

more

- Increase

reliability

and

timely information

*page 202

Tools encompass software used to manage the audit engagement and boost auditor’s productivity, as well as software used to gather evidence to support key objectives

Techniques

1. Techniques to validate client applications

2. Techniques to verify data integrity

Continuous and intermittent simulation (CIS) embeds an audit module in a database management system.

Audit hooks are audit routines that flag suspicious transactions.

The system control audit review file (SCARF) uses embedded audit modules to continuously monitor transaction activity and collect data on transactions with special audit significance.

The snapshot technique examines the way transactions are processed.

Selected transactions are marked with a special code that triggers the snapshot process.

Audit modules in the program record these transactions and their master file records before and after processing.

In a batch processing system, the ITF technique

Eliminates the need to reverse test transactions

Is easily concealed from operating employees because test transactions don’t need to be reversed.

In online processing systems, test transactions can be:

Submitted on a frequent basis

actual

Processed

with

transactions

Traced

through

processing stage

every

Can

all

be

accomplished

without

disrupting

regular processing

operations.

Places a small set of fictitious files

Consequently, auditors use concurrent audit techniques to continually monitor the system and collect audit evidence while live data are processed during regular operating hours.

No satisfactory audit trail

Embedded audit modules

Test data generator program, which automatically prepares test data based on program specifications.