Testing the internal controls in a computerized environment

The auditor tests the internal controls when he wishes to place reliance on the controls to determine whether the accounting records are reliable. A computerized information system may differ from a manual system by having both manual and programmed controls. The manual controls are tested in exactly the same way as in a manual system. The programmed controlled in the following ways:

  • By examination of exception reports and rejection reports. But there is no assurance that the items on the exception reports were the only exceptions or that they actually met the parameters set by the management. The auditor must seek for ways to test the
    performance of the programs by auditing.
  • Use of CAATs (computer assisted audit techniques). Test data is mainly applied in testing computerized information systems.
    Substantive tests in computerized environment Substantive testing of computer records is possible and necessary. The extent depends on the degree of reliance the auditor has placed on the internal controls. Substantive testing includes two basic approaches both of which would be used.

Manual testing techniques.

  • Review of exception reports. The auditor attempts to confirm these with other data. e.g. comparison of an outstanding dispatch note listing with the actual dispatch notes.
  • Totalling. Relevant totals for example for debtors and creditors can be manually verified.
  • Re-performance. The auditor may re-perform a sample of computer generated calculations. E.g. for depreciation and interest expense.
  • Reconciliations. These will include reconciliations for computer listings with creditor‘s statements, bank statements, actual stock and personnel records.
  • Comparison with other evidence such as results of debtor‘s circularization, attendance at stock take and physical inspection of fixed asset. Computer audit programs sometimes generalized audit software. These programs are also called inquiry or interrogation programs. Computer audit programs are computer programs used by the auditor to;

Read magnetic files and to extract specified information from the files.
To carry out audit work on the contents of the files.

(Visited 119 times, 1 visits today)
Share this:

Written by