Thursday, August 15, 2019
Do Auditors Need to Have in-Depth Knowledge of Information Technology Essay
Yes, auditors need to have in-depth knowledge of information technology. Networks and computers deliver the most information needed for auditing to work. For it to be effective, auditors have to use the computer as an auditing tool, audit automated systems and data, and understand the business purposes for the systems and the situation in which the systems operate. The other important uses for networks and computers by auditors are in audit administration. By pursuing new uses for computers and communications, auditors can direct their activities more effectively and improve their skill to review systems information. Automated tools give auditors the chance to increase individual productivity and audit function. The development of auditing in the fast growth of technology, which directly contributes to information technology auditing, internal control standards and guidelines explained by Yang (2004). Technology, electronic data processing, and information system have altered the way organizations handle its business, endorsing operational efficiency and assist decision-making. American Institute of Certified Public Accountants (AICPA) and the Information Systems Audit and Control Association (ISACA), have provided standards to allow and deliver required guidance to auditors. In SAS No. 48, ââ¬Å"the effects of computer processing on the examination of financial statements,â⬠explained and suggested auditors to consider the methods of computer data processing and other important factors such as planning and supervision, study and assessment of internal control, evidential matter, systematic review procedures, and requirements of the audit team. It also underlined the individual characteristics of information technology systems that should be measured by the auditor when directing the assessment process. In SAS No. 94 recognized the types of systems, controls and evidence auditors faced. The author also explains the Statement Of Information System Auditing (SISA), which express the needed requirements for information system auditing and reporting Tucker (2001). Staciokas (2005) have directed to understand internal audit functions, search effect of information technology and analyze advantages of internal audit in the organizational governance. Also did research on the definition of internal audit has continually changed and revised over the past few decades, and are still faced with certain issues understanding of internal audit function and it position within the organization. At the time the function of internal audit includes the internal control effectiveness, assistance to external auditors, or fraud investigations, but also identification of organizational risks, discussions to the senior management on risk management, develop improvement or global operations. Ruud (2001) explains, ââ¬Å"it is important to understand needs and expectations of internal and external decision makers towards internal audit functionâ⬠but also explained that there is some problem faced by internal audit being as an important part of organization. Auditors assisted by information technology based application; Computer Assisted Audit Tools increased effectiveness of internal audit in the organization. The author has underlined the purpose of internal audit function is to monitor, evaluate and improve risk management, controls, and governance process, but has not provided enough analysis on how different corporate governanceââ¬â¢s approaches can influence internal audit process in the organization. Coderee (1993) has explained how computer assisted audit tools and techniques (CAATT) based programs can automate certain audit function in the organization. The benefits of CAATT is it can be used to increase audit coverage, improve the combination of audit skills, increase independence of auditing from information system functions, and adopt greater reliability and increase cost effectiveness through the progress of reusable computerized techniques. The author demonstrates and suggests how automated tools and techniques have improved the value, efficiency, and effectiveness of audit. This has been stated in internal control over hazardous material where the critical auditââ¬â¢s objective was to review controls over the procurement, distribution, storage, and disposal of hazardous materials. But another standpoint, the author gives an example of workforce reduction program where CAATT used to review the efficiency and effectiveness of this program, personnel information system, and payroll system, the audit was successfully provides senior management with an assessment of the effectiveness of the program. Also how auditor inspected the controls over the closure process of a production plant. In one situation, an audit team helps the organization to determine whether equipment and inventory items were sold at an appropriate price, and properly safeguarded to prevent theft or loss. The CAATT developed for this closure were successfully used and reduced timing of the planning phase generally by more than 50%. And determine the benefits and effectiveness of CAATT in automating audit functions in the organization and allowed improvement of efficiency and effectiveness of auditing process be established. But the author has not provided any research survey and reports to support and justify his statements. The analysis of how CAATT automating of audit function are only based on survey and suggestion of unverifiable sources. As audit tools are growing more powerful and sophisticated, they are also becoming easier to learn and use but they also have to adapt into a difficult and always changing environment. Types of audit software can easily clash with features of other software on the network or computer, and must be thoroughly managed. As tools become more influential, auditors may use features or services provided in the software that command large amounts of system resources such as processing cycles, communication bandwidth, and storage, and to compete with other users of those resources. One good example, an auditor can request access to a file with a program that will scan each record in the file and can lock other users out until the process is complete. The processing could also require large amounts of network storage space at a time when it is in short supply and could cause a server to crash. It is important to schedule this kind of processing at times when other system users will not be behind or stop them from performing their work. Instead, many audit organizations perform their audit analyses using files copied or archived from the live production files. It is important to understand there is no general model for technology tools appropriate to all organizations. It is also important to understand the increasing dependence on technology to accomplish or support almost all auditing activities. Technology topics make up an increasing percentage of the auditorââ¬â¢s professional knowledge and skills set. While technology background is important in understanding new developments and directions, it is important to continue obtaining new knowledge. Effective use of audit technology tools is important to the achievement of audit activity, but is only a step toward understanding the changes technology in business and the auditing profession. Developing technologies will continuously change the shape of and approach to business controls, and audit approaches and techniques must change appropriately. Another important role for auditors and the auditing profession, is to reassure and support the efforts of providers of systems and new technologies to boost the built-in monitoring and assurance features of systems without considering them as processing overhead or as essentials that contribute to decreased performance. An important role for auditors is just to understand and change with the technologies, but to also explain the effects of this changes to others that are being effect by this.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.