Matakuliah Tahun Versi :A0274/Pengelolaan Fungsi Audit Sistem Informasi : 2005 : 1/1 Pertemuan 4 Auditing Standards and Responsibilities 1 Learning Outcomes Pada akhir pertemuan ini, diharapkan mahasiswa akan mampu : • Mahasiswa dapat menjelaskan Auditing Standards and Responsibilities. 2 Outline Materi • Systems Development Life Cycle Standards – – – – – – – Systems Planning Systems Analysis Conceptual Design Systems Evaluation and Selection Detailed design Systems Implementation Maintenance • Professional Development • Responsibilities of a Corporate Auditor – – – – – Nature Objective and Scope Responsibility and Authority Independence Regulatory Issues 3 System development Life Cycle Standards • The Systems Development Life Cycle procedures for new systems include these steps: – Identify the process – Understand what needs to be done – Consider alternative solutions – Select the best solution – Test the solution – Active or implement the solution – Maintain the solution 4 Systems Planning • Systems planning has proven to be cost effective, although it is tempting for the information systems technicians to skip – usually due to time pressures. 5 Systems Analysis • This phase includes surveys, if necessary and other fact-gathering steps. The step is documented by the system analysis report. 6 Conceptual Design • In this phase, the team will develop alternative systems that satisfy the system requirement identified during system analysis. 7 Systems Evaluation and Selection • This process seeks to identify the optimal solution from among the alternatives. It includes a feasibility study, cost-benefit analysis and the system selection report (documentation). 8 Detailed Design • This phase will produce a detailed description of the proposed system that satisfies system requirements identified during systems analysis and is in accordance with conceptual design. 9 Systems Implementation • At this point, the database structures are created and populated with data,applications are coded and tested (prior to going live), equipment is purchased and installed, employees are trained, the system is documented and the new system is installed. • Once the final tests have been conducted, the system is placed in active use. • This phase then would provide a postimplementation review, program flowcharts, program documentation and the user acceptance report. 10 • It also should include a budget variance analysis. The post-implementation review and budget analysis are critical follow-up processes that will be valuable to management decisions and future projects. 11 Professional Development • One of the critical success factors in internal audit professional development. Not only do accounting and auditing rules change, but other relevant matters also change. • Management issues, such as conflict resolution and leadership, are vital to internal audit. • Certification is an important element in a successful, effective internal audit department. 12 Responsibilities of A Corporate Auditor • In addition to the various standards to be followed, the corporate auditor and the internal audit function have responsibilities that must be fulfilled for internal audit to have successful results. 13 Nature • Internal auditing is an independent appraisal activity within an organization for the review of operations as a service to management. 14 Objective and Scope • The objective of internal auditing is to assist all members of the organization in the effective discharge of responsibilities by furnishing them with analyses, appraisals, recommendations and pertinent comments concerning the activities reviewed. The internal auditor is concerned with any phase of business activity where he/she may provide service to the organization. 15 • The attainment of this overall objective involves such activities as: – Reviewing and appraising the correctness, adequacy and application of accounting, financial and other operating controls and promoting effective control at reasonable cost. – Ascertaining the extent of compliance with established policies, plans and procedures. – Ascertaining the extent to which company assets are accounted for and safeguarded from losses of all kinds. – Ascertaining the reliability of management data developed within the organization. 16 Respinsibility and Authority • The related authority provides the corporate auditor full access to all of the organization’s records, properties and personnel relevant to the subject under review. The corporate auditor should be free to review and apprise policies, plans, procedures and records. 17 • The internal auditor’s responsibilities should be: – To inform and advise management and to discharge this responsibility in a manner that is consistent with the codes of ethics of the IIA and the ISACA (information systems audits). – To coordinate his/her activities with others so as to best achieve audit objectives and the objectives of the organization. 18 Independence • Independence is essential to the effectiveness of corporate auditing. • Objectivity is essential to the audit function. 19 Regulatory Issues • Due care is required in reporting comments related to regulatory bodies and federal laws. 20 – Ascertaining the quality of performance in carrying out assigned responsibilities. – Recommending operational improvements. 21 The End 22