Home > Preview
The flashcards below were created by user
on FreezingBlue Flashcards.
Statistical Sampling over Nonstatistical in test of controls
- Provide an objective basis for quantitatively evaluating sample risk.
- Measure the sufficiency of the audit evidence obtained.
- Measuring mathematically the degree of
- uncertainty that results from examining only a part of the data.
Analytical Procedures in Sampling
- Comparisons of recorded amounts
- Ratios developed from recorded amounts
- to Expectations developed by the auditor.
Statistical sampling in tests of controls
- Deviations from specific internal control procedures at a
- given rate ordinarily result in misstatements at a lower rate.
- Test of Controls
- Rate & Occurence
- Sample size Known
- Frequency in Sample
- Estimated Error indicates control is effective
Embeded Audit Modules
Coded into a client's application to collect data for the auditor
- Computed-assisted auditing techniques (CAAT) Processes client input data
- On a controlled program under the auditor's control
Integregated Test Facility
Run fictitious data through the client's programs
Test data are processed by the client's computer programs under the auditor's control.
- Designs and evaluates systems
- Prepares program specifications for programmers
- No review of Output or Data distribution
Designs the operating and control functions of programs Participates in testing operating systems
- Measure the total estimated error amount in a population.
- Most appropriate when the size of the errors are
- proportionate to the recorded amounts
- Estimating the total dollar error
Test of Controls in Sampling
- Takes a sample
- Determines the sample deviation rate
- compares this rate to the maximum rate he can tolerate and still rely on
- the control
- Decides whether to rely on the control as planned or
Reduce the planned reliance on a prescribed control when:
Sample rate of deviation plus the allowance for sampling risk exceeds the tolerable rate.
Factors to determined Audit Sample
- Tolerable exception rate
- Sampling risk, defined as the acceptable risk of assessing control risk too low (ARACR)
- Estimated population exception rate
- Population size (not significant)
- Substantive Testing
- Dollar Value or Quantity of Units
- Estmate difference between actual & reported amounts
Risk of Incorrect acceptance and the likelihood of assessing control risk too low
Effectiveness of Audit
- Allow the auditor to emphasize larger items from the population
- The population has highly variable recorded amounts
PPS ( monetary sampling)
- Statistical solution rather than a nonstatistical one.
- Reduces the cost of doing the audit testing because several sample items are test at onc
- High dollar items selected from the population
- Zero or Negative items not included
- Auditor controls the risk of incorrect acceptance by specifying a risk level when planning the sample.
Calculating Projected Error (PPS)
- Tainting Factor= Recorded $ - Audit $ / Recorded $
- Projected Error = Tainting Factor * Sampling Interval
When an account recorded amount Exceeds the sampling error :Projected Error = actual misstatement
- Systems development : SSAD
- Systems analysis, Systems programming, Applications programming, Database administration
- Data processing: DODD
- Data preparation, Operations, Data library, Data control.
- Applications to be adequately tested before use
- Backup of files
- Control access to appropriate users
- Adequate documentation
- Application controls
Processing Integrity principle (CATA)
Information Systems Department - 2 functions
- Systems development
- Data processing
- Daily computer operations of hardware and software
- Mounts tapes
- Supervises operations on a console
- Accepts inputs and distributes outputs
- Writing applications software
DataBase Administrator DBA
- Maintaining the database
- Restricting access to the database to authorized users
At a minimum Segregate POL
System Control Activities (GAS)
System documentation used by Auditors & Analyst (DES)
- Data Flow Diagrams
- Entity Relationship Diagrams
- System Flowcharts
Systems key entities and the relationships among those entities
Entity Relationship Diagram (EDP)
Examples of input validation or edit controls
- Preprinted forms, check digits, control., batch and proof totals, hash totals, record counts and limit or reasonable tests
- Menu driven input, field and validity checks, missing data and field size checks and logic checks
- Redundant data checks and closed loop verification
USER Control Activities
- Checks of computer output aginst source documents, control totals or other input
- Reviewing computer logs
- Policies and procedures that document authorized users and receipients of data
Mathematical summation of a piece of information that would not otherwise be computed except for control purposes
Ex: Final digit of all employee identification numbers
What would you like to do?
Home > Flashcards > Print Preview