Audit Proposal and Money Management
There are many several types of audits including internal, exterior, and information expertise. Companies ought to be acquainted with the kinds of audits that will possibly be used on an Accounting Information System (AIS). Knowing the several sorts of audits and where they are used will assist a company be prepared for an audit and make the method a lot smoother. There are some circumstances where auditing through a computer just isn’t at all times beneficial. Auditors want to ensure they’re finishing their audits fully and appropriately to the most effective of their abilities.
Types of audits used for every process
Attestation, SAS 70, SAS 94, and Findings and Recommendations are four major forms of Information Technology (IT) audits. If Kudler wants the auditor to supply assurance for every part of the system, an attestation audit might be used. An attestation audit can help Kudler by issuing reviews on examinations, reviews, or agreed-upon procedures. An attestation audit can present Kudler with independent assurance on the reliability or validity of data associated to the 4 methods beneath evaluation (KPMG, 2011).
A Findings and Recommendations audit can present Kudler with other information about every system. This kind of audit includes the following: system implementations, safety evaluations, database software evaluations, project management, IT infrastructure, and IT inside audit companies.
If Kudler chooses to use the Findings and Recommendations audit, this kind is not going to produce an opinion, solely a summary of the audit for every of the systems (Hunton, Bryant, & Bagranoff, 2004). An SAS 70 audit is to supply assurance in regards to the effectiveness and existence of the company’s inner controls around a service provided to others.
Kudler is not a service supplier. However, Kudler does transmit knowledge to the Electronic Payment Clearing House for automated submission of the credit card transactions to the relevant monetary establishments. An SAS 70 could be useful as a result of it’s a method to show that sufficient controls are in place to protect the buyer via e-commerce. SAS 94 audits are performed with a monetary assertion audit and focus on the client’s AIS. It addresses the impact of IT on inner controls in a monetary statement audit. Kudler will need a a lot wider evaluation than an SAS ninety four.
Most acceptable audit for each process
There are many routes to perform an IT audit. This audit is inner and can look at both Information Technology General Controls (ITGC) and Application Controls. Specifically, the audit will focus on these classes: techniques and functions, data processing amenities, management of IT and enterprise structure, client/server, telecommunications, and intranets/extranets. The audit type might be through Findings and Recommendations as administration will have to contemplate suggestions and the final word decision to make modifications in accordance with priority and price range. The audit will confirm the systems and functions for efficiency and controls to ensure validity, integrity, and security of information and transactions. Kudler will need the completion of an audit on info processing services to evaluate physical conditions of the main housing items and the offsite areas to assist the company’s Disaster Recovery Plan (DRP).
This kind of audit will consider the organizational construction and procedures to ensure that an environment friendly, managed setting is in place. These relate to any telecommunication controls between client and server, the entire community, and any servers speaking eternally together with firewalls. Auditors will assess two kinds of controls: safety controls and entry controls. Each of these varieties should embody all three sub-controls: preventive, detective, and corrective. The AIS has an crucial need for controls to handle any risks that may exist for every process and transaction. Security access controls are in place to protect data from being stolen, lost, or damaged. Access controls protect knowledge from being released to non-authorized users, hackers, and different intruders.
How the audits are conducted
Kudler will conduct an data system audit by analyzing and evaluating their current hardware and software. They may even look at their IT controls, methods safety, risk administration, and the adequacy of their current methods. They can perform their marketing audit by evaluating the effectiveness of their advertising program and inspecting its capabilities. It will consider their features in respect to their objectives, mission, vision, and their values of Kudler, which is done externally. Kudler will examine their school, and their deficiencies might be identified. Another suggestion is gear be audited, the maintenance, and an examination to determine if it’s being operated at the designed ranges, safety set-up, security, and access issues. Their audit shall be accomplished by an external auditor who will examine their accounts, vouchers to support, monetary information checks, evaluation of their financial statements, and also study the interior control and make comments for enhancements.
Events that forestall reliance on auditing through the computer Using computer-based accounting methods does have its disadvantages, corresponding to sure legal guidelines pertaining to confidentiality, the requirement to protect towards the lack of information via energy failures, the an infection of viruses, and the abundance of alternatives for hackers to steal data. Computer fraud can additionally be a major worry; the want to provoke internal controls for all those who have access to the business’s info, notably confidential customer info. An occasion that Kudler may run into with the necessity of stronger controls is a security breach, which entails stolen information. Kudler administration can be held responsible for the lack of private customer information (University of Phoenix Virtual Organization Portal, 2013).
Another event is a computer-based system with feeble controls over the data enter procedures and processing, this requires the need for extra thorough testing of economic transactions. The incorrect enter of information cannot only cause misrepresentation of economic statements within the type of incorrect asset valuations however because a mistake in data entry will give Kudler false analytical knowledge corresponding to sales and inventory. Lastly, an auditor will have to assume that auditing by way of the utilization of their computer-based technique that their CPU and other hardware are operating properly (Bargnoff, N.A., Simkin, M.G, & Strand, C., 2008).
It is essential for corporations to stay optimistic all through the audit course of. There are many various audit processes similar to Attestation, SAS70, and SAS94 which are all efficient audit strategies which may be used when auditing the company. Companies being audited ought to be acquainted with these audit processes as well as how the audits are carried out to ensure that the process will be as easy and stress free as possible.
- Bargnoff, N.A., Simkin, M.G, & Strand, C. (2008). Core Concepts of Accounting Information Systems (10th ed.). The KPMG Survey of Corporate Responsibility Reporting 2013. 2014 KPMG International Cooperative. Retrieved July 10, 2013 from: http://www.kpmg.com/global/en/issuesandinsights/articlespublications/corporate-responsibility
- University of Phoenix Virtual Organization (2013). Kudler Fine Foods Intranet. Retrieved from: https://ecampus.phoenix.edu/secure/aapd/CIST/VOP/Business/Kudler2/intranet/index.asp