Flashcards in Auditing (Ch. 12) Deck (29):
1
Automated work paper
allows internal and external auditors to automate and standardize specific audit tests and audit documentation
2
Auditing around the computer
audit approach whereby an auditor follows a company's audit trail up to the point at which accounting data enter the computer and then picks these data up again when they reappear in processed form as computer output
3
Auditing through the computer
audit approach whereby and auditor follows a company's audit trail through the internal computer operations phase of automated data processing
4
Auditing with the computer
audit approach whereby the auditor uses the computer to aid in performing various auditing procedures
5
Compliance testing
procedures performed by auditors to ensure the general and application controls are in place and working as prescribed
6
Computer-assisted audit techniques (CAAT)
use of computer processes or specialized software to perform audit functions, such as sorting data to detect duplicate accounts payable invoice numbers
7
Continuous Auditing
the use of tools that allow auditing to occur even when an auditor is not present. XBRL can support this concept
8
Fraud triangle
includes three elements indicating potential for fraud; Motive, Opportunity, and Rationalization
9
Generalized audit software (GAS)
computer packages that enable auditors to review computer files without continually rewriting processing programs
10
General-use software
used by auditors as productivity tools for improving their work
11
Information systems risk assessment
method used by an auditor to evaluate the desirability of IT-related controls for a particular aspect of business risk
12
Information technology (IT) governance
ensuring that information technology risks are controlled and also that IT in an organization is deployed strategically to meet objectives
13
Integrated test facility (ITF)
used by auditors to test a company's computer programs. A more comprehensive test technique that is used to audit an AIS in an operational setting
14
Parallel simulation
a control testing method used by auditors to create a second system that duplicates a portion of the clients system.
15
Program change control
a set of internal control procedures developed to ensure against unauthorized program changes
16
Risk based audit
an approach that provides auditors with a good understanding of the errors and irregularities that can occur in a company's AIS environment and the related risks and exposures
17
Test data
a set of transactions that examine the range of exception situations that might occur under normal processing conditions
18
Third party assurance services
audit and assessment services offered by independent third parties to provide business users and individual consumers with some level of comfort over Internet transactions. Specialized audits of Internet systems and websites
19
CA web trust
is a third party assurance seal that promotes data, privacy and security. in addition to reliable business, business practices and integrity in processing transactions
20
trust services
include both; web trust and systrust. Assurance services that evaluate the reliability of information systems with respect to their availability, security, integrity and maintainability
21
automated working paper software
These programs can help auditors create common size income statements and balance sheets that show account balances as percentages
22
Certified Information Systems Auditor (CISA)
a certification given by the Informations Systems Audit and Control Association
23
COBIT
Provides auditors and businesses with guidance in managing and controlling for business risk associated with IT environments
24
Information Technology (IT) auditing
Involves evaluating the computers role in achieving audit and control objectives
25
Parallel simulation
The auditor uses live input data, rather than test data, in a program actually written or controlled by the auditor
26
Sarbanes-Oxley Act
An important feature of this legislation is commonly referred to as section 404 reviews
27
4 steps performed in a "risk-based" audit approach
1. Determine the risk- impact and probability
2. Evaluate controls present-has to be operational
3. Evaluate weaknesses
4. Identify control procedures to minimize each threat or lack of control
28
5 principles of trust services
1. Security (unauthorized access)
2. Availability
3. Processing
4. Online Privacy - personal info
5. Protection of confidential info
29