32 terms

414 Ch 9

A systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions to ascertain the degree of correspondence between those assertions and established criteria and communicating the results to interested users.
Financial Audit
Examines the reliability and integrity of accounting records and correlates with the first of the five scope standards. (p.307)
Information Systems/Internal Control Audit
Reviews the controls of an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets. Its scope roughly corresponds to the IIA's second and third standards.
Operational/Management Audit
Concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives. Its scope corresponds to the fourth and fifth standards.
Inherent Risk
The susceptibility to material risk in the absence of controls.
Control Risk
The risk that a material misstatement will get through the internal control structure and into the financial statements.
Detection Risk
The risk that auditors and their audit procedures will not detect a material error or misstatement.
What is and is not important in a given set of circumstances.
Reasonable Assurance
A reasonable assurance that no material error exists in the information or process audited.
Systems Review
Reviewing system documentation and interviewing appropriate personnel to determine if the necessary procedures are in place.
Tests of Controls
Determine if procedures are satisfactorily followed.
Compensating Controls
Procedures that compensate for a control deficiency.
Using a verified copy of the source code to reprocess data and compare its output with the company's actual output.
Parallel Simulation
An auditor writes a program to compare with the company's results to verify the correctness of data.
Test Data Generator Program
Automatically prepares test data based on program specifications.
Concurrent Audit Techniques
Continually monitor the system and collect audit evidence while live data are processed during regular operating hours.
Embedded Audit Modules
Segments of program code that perform audit functions.
Integrated Test Facility (ITF)
Places a small set of fictitious records in the master files.
Snapshot Technique
Examines the way transactions are processed. Audit modules track selected transactions and their master file records before and after processing.
System Control Audit Review File (SCARF)
Uses embedded audit modules to continuously monitor transaction activity and collect data on transactions with special audit significance.
Audit Log
"A log containing transactions generated by SCARF, containing transactions with special audit significance."
Audit Hooks
Audit routines that flag suspicious transactions.
Real-Time Notification
When audit hooks are used and auditors are informed of questionable transactions as they occur.
Continuous and Intermittent Simulation (CIS)
Embeds an audit module in a database management system. It examines all transactions that update the database using criteria similar to those of SCARF.
Automated Flowcharting Programs
Interpret program source code and generate a corresponding program flowchart.
Automated Decision Table Programs
Generate a decision table representing the program logic.
Scanning Routines
Search a program for occurrences of a specified variable name or other character combinations.
Mapping Programs
Identify unexecuted program code.
Program Tracing
Sequentialliy prints all application program steps executed during a program run.
Input Controls Matrix
Documents the review of source data controls. It shows the control procedures applied to each field of an input record.
Information Systems Audits Objectives
"Overall security, Program development and acquisition, Program modification, Computer processing, Source data, Data files"
Computer Audit Software (CAS) / Generalized Audit Software (GAS)
Software written especially for auditors that generates programs that perform the audit functions.