What is a CIS environment?

For the purposes of AUSs, a CIS environment exists when a computer of any type or size is involved in the processing by an entity of financial information of significance to the audit, whether that computer is operated by the entity or a third party.

Which of the following is least likely a risk characteristic associated with a CIS environment?

59 Cards in this Set
Which statement is incorrect when auditing in a CIS environment?d
Which of the following is least likely a risk characteristic associated with CIS environment?d
Which of the following significance and complexity of the CIS activities should an auditor least understand?d

What is the nature of CIS processing?

i) The nature of computer processing allows the design of internal control procedures within the computer programs itself. ii) These procedures can be designed to provide controls with limited visibility (e.g. protection of data against unauthorized access may be provided by passwords).

What are the controls to be evaluated by an auditor in CIS environment?

Test of general EDP controls: The auditor may check various input controls; processing controls; output controls; data storage, transmission and security controls. The auditor can check the access rules and procedure.

Why do general CIS controls need to be effective?

What is the purpose of CIS Controls? CIS Controls allow organizations to mitigate known attacks and are designed to be largely implemented, monitored and enforced through automated means.

What is the importance of CIS application controls?

CIS APPLICATION controls – relate to the transactions & standing data relevant to each CIS. Computer information system controls ensure completeness, validity & accuracy of accounting records.

What are the special aspects of CIS?

ï‚· the auditor’s design and performance of tests of control and substantive procedures appropriate to meet the audit objective. ï‚· the impact of computer-based accounting system on the audit trail that could otherwise be expected to exist in an entirely manual system.

What are the types of controls in CIS?

As such, CIS separates the controls into three categories: basic, foundational, and organizational, regardless of industry type.

What are the problems in EDP environment?

1) It is not suitable for small business forms. 2) Difficulties to detect the errors and frauds. 3) Absence of supporting vouchers. 5) Computer frauds and computer virus.

What are the steps involved in application of CAAT?

(i) CAAT preparation and testing procedures and controls. . (ii) Details of the tests performed by the CAAT. (iii) Details of input, processing and output. (iv) Relevant technical information about the computerised accounting system, such as computer files layouts.

What is meant by CAAT?

Computer assisted audit techniques (CAATs) refer to the use of technology to help you evaluate controls by extracting and examining relevant data. Sophisticated use of CAATs can be known as ‘data analytics’ and is increasingly being used across the profession.

What are the advantages of CAAT?

Advantages of CAATs

CAATs allow the auditor to: Independently access the data stored on a computer system without dependence on the client; Test the reliability of client software, i.e. the IT application controls (the results of which can then be used to assess control risk and design further audit procedures);

What are examples of CAATs?

CAATs include many types of tools and techniques, such as generalized audit software, customized queries or scripts, utility software, software tracing and mapping, and audit expert systems.

What is the objective of CAATs?

CAATs may improve the effectiveness and efficiency of auditing procedures. They may also provide effective tests of control and substantive procedures where there are no input documents or a visible audit trail, or where population and sample sizes are very large.

What are CAATs and what benefits they provide to IT auditors?

CAATs provide auditors with tools that can identify unexpected or unexplained patterns in data that may indicate fraud. Whether the CAATs is simple or complex, data analysis provides many benefits in the prevention and detection of fraud.

What is the importance of CAATs in audit work?

The use of computer-assisted audit techniques (CAATs) serves as an important tool for the IS auditor to evaluate the control environment in an efficient and effective manner. The use of CAATs can lead to increased audit coverage, more thorough and consistent analysis of data, and reduction in risk.

What would be a principal issue surrounding the use of CAAT tools?

What is the principal issue concerning the use of CAAT? Possible cost, complexity, and the security of output.