Documente Academic
Documente Profesional
Documente Cultură
Appendices - This section is a compilation of all the Management is responsible for design and
recommendations made in the audit report, and includes implementation of internal controls.
all of the management responses, who the responsible
Executive Management - all appointed officers of the
person is for implementing each recommendation and
Corporation above the level of Vice-President.
the time frame.
- consists of high ranking employees that work
AUDIT FOLLOW UP PROCESS together to manage a company or corporation.
1.Internal Auditors determine whether the management External Auditors - performs an audit, in accordance
has taken action or implemented recommendations. with specific laws or rules, of the financial statements of
a company, government entity, other legal entity,
2. Follow up is a process by which internal auditors
or organization, and is independent of the entity being
evaluate adequacy, effectiveness, and timeliness of
audited.
actions taken by management on reported observations
and recommendations. GROUP 5
GENERAL CONTROL apply to all aspects of IT function Reconcile computer produce to manual control
before transactions are processed. total.
compare the numbers of unit process to the
BACK UP AND CONTINGENCY - Power failures, fire
numbers of units submitted for processing.
excessive heat or humidity, water damage or even
sabotage consequence to business using IT. SNAPSHOTS - This technique involves taking a picture of
a transaction as a flows through the computer systems.
Battery backups or on-site generators
SYSTEMS CONTROL AUDIT REVIEW FILES (SCARF) - This
HARDWARE CONTROLS - Built into computer by
involves embedding audit software modules within an
manufacturers to detect and report equipment failures.
application system to provide continuous monitoring of
APPLICATION CONTROL - Designed for each software the systems transaction.
application.
IT GOVERNANCE - Provides the framework to ensure
CONTROLS MAY BE MANUAL OR AUTOMATED AND that IT can support the organization’s overall business
INCLUDE THE FOLLOWING. needs.
• Management authorization IT RISKS - The potential that a given threat will exploit
vulnerabilities of an assets and thereby cause harm to
• Check digit- purpose of the check digit is to verify the organization.
that the information of the barcode has been
entered correctly. (1359) Categories:
• IT service delivery risk – associated with the
Edit check- Automated controls programmed performance and availability of IT services.
into an application to help prevent invalid or
unreasonable data from, being entered. • IT solution delivery/realization risk – associated
(Numbers or text files only). with the contribution of IT to new or improved
business solutions, usually in the form of projects
PROCESSING CONTROL and programs.
Prevent and detect errors while transaction data • IT benefit realization risk – associated with
are processed opportunities to use technology to improve
Specific application processing controls are often efficiency and effectiveness to business
programmed into software to prevent, detect, processes.
and correct processing errors. RISK MANAGEMENT – The process which aims to help
organizations to understand, evaluate, and take action
on all their risks with a view to increasing the probability
of success and reducing the failure.
COMPUTER ASSISTED AUDITING TOOLS AND • Discovery Agreement - agreement between
TECHNIQUES employer and employee which allows the
transfer of ownership of discovery to the
• It is the practice of using computers to automate
employer.
the IT processes.
• It is a fundamental tool used by the auditors to • Non-compete Agreement - also known as
make search of the irregularities from given data. covenant not compete, it is an agreement from
• Refer to any computer program utilized to the employee about not to enter into or start
improve the audit process. similar business in competition against employer