Monday, May 27, 2019
Audit Proposal Essay
There ar many different types of scrutinises including internal, external, and training technology. Companies should be familiar with the types of visits that may possibly be used on an Accounting Information System (AIS). Knowing the different types of canvass and where they ar used depart help a company be ready for an audit and make the process more than smoother. There are some circumstances where auditing by dint of a computer is not always respectable. Auditors lack to make sure they are completing their audits fully and appropriately to the best of their abilities.Types of audits used for each processAttestation, SAS 70, SAS 94, and Findings and Recommendations are four main types of Information engineering (IT) audits. If Kudler wants the auditor to provide assurance for each part of the system, an attestation audit could be used. An attestation audit can assist Kudler by issuing reports on examinations, reviews, or agreed-upon procedures. An attestation audit ca n provide Kudler with independent assurance on the reliability or validity of information related to the four systems beneath review (KPMG, 2011). A Findings and Recommendations audit can provide Kudler with other information about each system. This kind of audit includes the following system implementations, security reviews, infobase coating reviews, project management, IT infrastructure, and IT internal audit services.If Kudler chooses to use the Findings and Recommendations audit, this type will not produce an opinion, only a summary of the audit for each of the systems (Hunton, Bryant, & Bagranoff, 2004). An SAS 70 audit is to provide assurance about the effectiveness and existence of the companys internal controls around a service provided to others. Kudler is not a serviceprovider. However, Kudler does deal selective information to the Electronic Payment Clearing House for automatic submission of the credit card transactions to the applicable monetary institutions. An SA S 70 could be beneficial because it is a way to prove that adequate controls are in place to protect the consumer through e-commerce. SAS 94 audits are performed with a financial statement audit and focus on the clients AIS. It addresses the effect of IT on internal controls in a financial statement audit. Kudler will need a much broader assessment than an SAS 94.Most appropriate audit for each processThere are many routes to perform an IT audit. This audit is internal and will look at both Information Technology General Controls (ITGC) and Application Controls. Specifically, the audit will focus on these categories systems and applications, information processing facilities, management of IT and enterprise architecture, client/server, telecommunications, and intranets/extranets. The audit style will be via Findings and Recommendations as management will acquit to consider recommendations and the ultimate decision to make changes according to priority and budget. The audit will ver ify the systems and applications for efficiency and controls to image validity, integrity, and security of data and transactions. Kudler will need the completion of an audit on information processing facilities to assess physical conditions of the main housing units and the offsite locations to support the companys Disaster Recovery Plan (DRP).This type of audit will evaluate the organizational structure and procedures to ensure that an efficient, controlled environs is in place. These relate to any telecommunication controls between client and server, the entire network, and any servers communicating eternally including firewalls. Auditors will assess two types of controls security controls and nettle controls. Each of these types should include all three sub-controls keep backive, detective, and corrective. The AIS has an imperative need for controls to address any risks that may exist for every process and transaction. Security access controls are in place to protect data fro m being stolen, lost, or damaged. Access controls protect data from being released to non-authorized users, hackers, and other intruders.How the audits are conductedKudler will conduct an information system audit by examining and evaluatingtheir present hardware and software. They will also examine their IT controls, systems security, risk management, and the adequacy of their current systems. They can carry out their merchandise audit by evaluating the effectiveness of their marketing program and examining its capabilities. It will evaluate their functions in respect to their goals, mission, vision, and their values of Kudler, which is through with(p) externally. Kudler will examine their faculty, and their deficiencies will be identified. Another suggestion is equipment be audited, the maintenance, and an examination to determine if its being operated at the designed levels, safety set-up, security, and access issues. Their audit will be done by an external auditor who will exam ine their accounts, vouchers to support, financial information tests, evaluation of their financial statements, and also examine the internal control and make comments for improvements.Events that prevent reliance on auditing through the computer Using computer-based accounting systems does have its disadvantages, such as certain laws pertaining to confidentiality, the requirement to protect against the loss of data through power failures, the infection of viruses, and the abundance of opportunities for hackers to steal data. Computer fraud is also a major worry the need to initiate internal controls for all those who have access to the businesss information, particularly confidential customer information. An event that Kudler may run into with the need of stronger controls is a security breach, which entails stolen data. Kudler management can be held liable for the loss of personal customer data (University of Phoenix Virtual Organization Portal, 2013).Another event is a computer-b ased system with feeble controls over the data input procedures and processing, this requires the need for more thorough testing of financial transactions. The incorrect input of data can not only cause misrepresentation of financial statements in the form of incorrect asset valuations but because a mistake in data entry will give Kudler false analytical data such as sales and inventory. Lastly, an auditor will have to assume that auditing through the use of their computer-based method that their CPU and other hardware are direct properly (Bargnoff, N.A., Simkin, M.G, & Strand, C., 2008).ConclusionIt is important for companies to stay positive throughout the audit process. There are many different audit processes such as Attestation, SAS70, andSAS94 which are all effective audit strategies that may be used when auditing the company. Companies being audited should be familiar with these audit processes as well as how the audits are conducted to ensure that the process will be as smo oth and stress free as possible.ReferencesBargnoff, N.A., Simkin, M.G, & Strand, C. (2008). Core Concepts of Accounting Information Systems (10th ed.). The KPMG Survey of Corporate Responsibility account 2013. 2014 KPMG International Cooperative. Retrieved July 10, 2013 from http//www.kpmg.com/global/en/issuesandinsights/articlespublications/corporate-responsibility University of Phoenix Virtual Organization (2013). Kudler Fine Foods Intranet. Retrieved from https//ecampus.phoenix.edu/secure/aapd/CIST/VOP/Business/Kudler2/intranet/index.asp
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.