Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Mining

Internal Audit - The Institute of Internal Auditors

advertisement 
Internal Audit: Efficiency through Automation
David Coderre
© 2008, John Wiley & Sons, Inc.
CONTENTS
Case Studies
Preface
Acknowledgments
Chapter 1: CAATTs History
The New Audit Environment
The Age of Information Technology
Decentralization of Technology
Absence of the Paper Trail
Do More with Less
Definition of CAATTs
Evolution of CAATTs
Audit Software Developments
Historical CAATTs
Test Decks
Integrated Test Facility (ITF)
System Control Audit Review File (SCARF)
Sample Audit Review File (SARF)
Sampling
Parallel Simulation
Reasonableness Tests and Exception Reporting
Traditional Approaches to Computer-Based Auditing
Systems-Based Approach
Data-Based Approach
Audit Management and Administrative Support
Roadblocks to CAATT Implementation
Summary and Conclusions
Chapter 2: Audit Technology
Audit Technology Continuum
Introductory Use of Technology
Moderate Use of Technology
Integral Use of Technology
Advanced Use of Technology
Getting There
General Software Useful for Auditors
Word Processing
Text Search and Retrieval
Reference Libraries
Spreadsheets
Presentation Software
Flowcharting
Antivirus and Firewall Software
Software Licensing Checkers
Specialized Audit Software Applications
Data Access, Analysis, Testing, and Reporting
Standardized Extractions and Reports
Information Downloaded from Mainframe Applications and/or Client Systems
Electronic Questionnaires and Audit Programs
Control Self-Assessment
Parallel Simulation
Electronic Working Papers
Data Warehouse
Data Mining
Software for Audit Management and Administration
Audit Universe
Audit Department Management Software
E-mail
File Transfer Protocol (FTP)
Intranet
Databases
Groupware
Electronic Document Management
Electronic Audit Reports and Methodologies
Audit Scheduling, Time Reporting, and Billing
Project Management
Extensible Business Reporting Language (XBRL)
Expert Systems
Audit Early-Warning Systems
Continuous Auditing
Continuous Auditing versus Continuous Monitoring
Example of Continuous Auditing: Application to an Accounts Payable Department
Stages of Continuous Auditing
Continuous Auditing Template
Sarbanes-Oxley
Important SOX Sections
The Role and Responsibility of Internal Audit
Risk Factors
Detecting Fraud
Determining the Exposure to Fraud
SOX Software
Assessment of IT Controls and Risks
Defining the Scope
GAIT Principles
Governance, Risk Management, and Compliance (GRC)
Internal Audit's Role in the GRC Process
Identifying and Assessing Management’s Risk Management Process
Assessment of Internal Control Processes
GRC Software
Summary and Conclusions
Chapter 3: CAATTs Benefits and Opportunities
The Inevitability of Using CAATTs
The New IM Environment
The New Audit Paradigm
Expected Benefits
Planning Phase—Benefits
Conduct Phase—Benefits
Data Analysis
Increased Coverage
Better Use of Auditor Resources
Improved Results
Reporting Phase—Benefits
Administration of the Audit Function—Benefits
Reduced Costs
Increased Performance
Increased Time for Critical Thinking
Recognizing Opportunities
Transfer of Audit Technology
Summary and Conclusions
Chapter 4: CAATTs for Broader-Scoped Audits
Integrated Use of CAATTs
Value-for-Money Auditing
Value-Added Auditing of Inventory Systems
Data Analysis in Support of Value-Added Inventory Auditing
Inventory Management Practices and Approaches
Possible Areas for Audit-Suggested Improvements
Audit and Reengineering
Audit and Benchmarking
Summary and Conclusions
Chapter 5: Data Access and Testing
Data Access Conditions
Mainframe versus Minicomputer versus Microcomputer
Portability of Program and Data
Limitations to Using the Microcomputer
Processing Speeds
Single Tasking
Inability to Deal with Complex Data and File Structures
Client Facilities
Auditor's Microcomputer-Based Facilities
Data Extraction and Analysis Issues
Accessing the Data
Data Storage Requirements
Analysis of Data
Risks of Relying on Data—Reliability Risk
Reliance on the Data
Knowledge of the System
Assessment of the Internal Controls
New Topology of Data Tests
Reducing Auditor-Induced Data Corruption
Potential Problems with the Use of CAATTs
Incorrect Identification of Audit Population
Improper Description of Data Requirements
Invalid Analyses
Failure to Recognize CAATT Opportunities
Summary and Conclusions
Chapter 6: Developing CAATT Capabilities
Professional Proficiency: Knowledge, Skills, and Disciplines
Computer Literacy: Minimal Auditor Skills
Ability to Use CAATTs
Understanding of the Data
Analytical Support and Advice
Communication of Results
Steps in Developing CAATT Capabilities
Understand the Organizational Environment/Assess the Organizational Culture
Obtain Management Commitment
Establish Deliverables
Set up a Trial
Plan for Success
Track Costs and Benefits
Lessons Learned
Organize Working Groups
Computer Literacy Working Group
CAATT Working Groups
Information Systems Support to Audit
Assure Quality
Quality Assurance Methodology
Preventive Controls for CAATTs
Detective Controls for CAATTs
Corrective Controls for CAATTs
Quality Assurance Reviews and Reports
Summary and Conclusions
Chapter 7: Challenges for Audit
Survival of Audit
Audit as a Learning Organization
Knowledge Acquisition
Information Dissemination
Information Interpretation
Organizational Memory
New Paradigm for Audit
Computer-Assisted Audit Techniques
Computer-Aided Audit Thought Support
Auditor Empowerment
Access to Microcomputers and Computer Networks
Access to Audit Software—Meta-Languages
Universal Access to Data
Access to Education, Training, and Research
Skills Inventory
Needed versus Actual Skills
Required Versus Actual Performance
Auditor Skills for Using CAATTs
IS Auditor Skills
Training Programs and Requirements
Conceptual Training
Technical Training
Training Options
In-house
Professional Associations
Educational Institutions
Computer-Based, Video-Based, and Web-Based Training
Summary and Conclusions
Appendices
Appendix A. The Internet—An Audit Tool
The Internet
Connecting to the Internet
General Internet Uses
Useful Sites for Auditors
Examples of Audit-Related Internet Usage
Appendix B. Information Support Analysis and Monitoring (ISAM) Section
Appendix C. Information Management Concepts
Appendix D. Audit Software Evaluation Criteria
General Capabilities
Reporting Capabilities
Graphics Capabilities
Mathematical Functions
File Manipulation Capabilities
Record Definition Capabilities
File Type Capabilities
Programming Capabilities
Support
Other Capabilities
References
Index
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
CIS 349 – Information Technology Audit and Control
CIS 349 – Information Technology Audit and Control
Accounting 241 Outline
Accounting 241 Outline
Lutz Internal Audit Director 10 22 2015
Lutz Internal Audit Director 10 22 2015
LGFMA Presentation - Internal Audit Program Model
LGFMA Presentation - Internal Audit Program Model
Job Title: IT Audit Senior
Job Title: IT Audit Senior
COVER LETTER SAMPLE
COVER LETTER SAMPLE
Download
advertisement