Professional Documents
Culture Documents
TUTOR : PN YAZKHIRUNI
G R O U P M EM B ER S:
1. M U H A M M A D E Z R A N H A FIZ B IN K A M A R U LZ A M A N
C EA 080095
2. A Z U W A N B IN H A S H IM C EA 080008
3. C H O N G W A N X IN C EA 080024
OBJECTIVE
To understand the meaning of integrated
auditing.
To improve the notion of application on
integrated auditing.
To differentiate the characteristic between the
conventional and integrated auditing.
Standard apply and risk associated with the
use of integrated audit
The pros and cons of integrated audit
application
INTRODUCTION
Integrated auditing are also known as
Information System audit (IS Audit) or
Information Technology audit (IT Audit)
Began as Electronic Data Process (EDP)
Auditing
Examine the controls within an Information
Technology infrastructure
To evaluate the system’s internal control
design and effectiveness
Includes the efficiency and security protocols,
development of the internal control
processes, and IT governance
TYPES OF INTEGRATED
AUDIT
Information technology assessment and
network security review,
Assessment of the security process for the
network and all attached computing
equipment and to identify computer security
best practices
Web application security review,
Assessment of the control environment and
logical security that support web
applications as well as the identification of
potential security vulnerabilities
Application controls review,
Evaluation of control objectives of security,
privacy, data integrity, effectiveness, and
efficiency of the application in conjunction
with policies, industry best practices
Controls self assessment,
Assessment to identify the gaps between
current policies, procedures, systems, and
computer operations requirements and best
practices as encouraged industry standards
Software license compliance review.
Assessment of computing workstations to
validate the software that has been used is
properly licensed
How IT integrated with
auditing
IT auditing includes computer hardware,
software, automated controls and procedures
and data in electronic format.
Combination of manual and automated control
Computer-Assisted Audit Techniques(CAATs )
Audit software (ACL, IDEA)
ISA 315: Required auditor to understand how
the entity responded to the risk arise from
the IT.
Control Procedures
Information Processing
Computer assisted audit procedure is
important for auditor to get the evidence on
processing of transactions.
Segregation of Duties
Adequate control over the system is
important.
Physical Controls
Disaster recovery plan is useful in the physical
control in IT auditing.
Computer-Assisted Audit Techniques
(CAATs)
Used to perform substantive procedures or in testing application
controls
Type of CAATs
Benefits of Using IT
Audit
Enhance the timeliness, availability, and
accuracy of information
Ensures 100% inspection of transactions in
which there is audit interest
Little of the time required rather than manual
methods
Allows the auditors to test for specific risks
Can identify unexpected or unexplained
patterns in data that may indicate fraud
Computer-Assisted Audit
Techniques
Assist internal auditors in their search for
irregularities in data files
Help internal accounting departments with
more detailed analysis
Support the forensic accountant with
extrapolating large amounts of data for
further analysis and fraud detection.
Simplify or automate the data analysis process
Thank you
Q&A
Session