|
 | Order information
Product Number 01420002
Price: Members $45.00 Non-members $50.00
Order Form - Order Online
Principal author
Eckhardt J. Kriel, CA
CICA contact
Andrée Lavigne, CA
research.studies@cica.ca
|
Project objective
The objective of this study is to provide auditors, management and other users with up-to-date information about computer-assisted audit techniques and offer guidance on their use for audit purposes. The study is intended to be useful to internal and external auditors of both large and small enterprises, as well as to CFOs, CIOs and other executives and their staff who can benefit from the use of CAATs in their work, notably to perform more effective and efficient risk assessment, certification, and compliance audits. Auditors are faced with ever more complex, highly distributed financial information systems, supported by large databases where data is stored in thousands of data elements, and that retain transaction histories in electronic form only. IT application controls have become increasingly pervasive within financial reporting processes as many of the controls over the initiation, processing and reporting of transactions that were previously considered purely “manual” have now been automated. An evolving business environment and recent legislative changes have highlighted the importance of internal control over financial reporting and the need to monitor and audit its effectiveness. Because of the degree and complexity of financial reporting automation noted above, a high level of competence is required to do the planning, testing and documenting of financial controls. Specifically, management and audit teams must now have a greater level of expertise regarding:
- how application controls link to financial control assertions;
- the connection between IT general controls and application controls;
- the role that company-level IT controls play in management’s control environment, especially in larger, more IT-dependent companies;
- unique risks introduced by highly complex IT environments; and
- the impact of deficiencies in IT controls.
Moreover, the CICA Handbook – Assurance contains new and revised audit standards for defining the concepts of reasonable assurance and audit risk, understanding the entity and its environment, including internal control, assessing the risks of material misstatement, and designing audit procedures that are responsive to assessed risks and for audit evidence. One significant revision to the standards concerns the auditor’s responsibility to consider fraud and, in particular, the attention that should be paid to journal entries. CAATs have become essential to effectively audit today’s highly computerized and integrated systems. CAATs have now matured to the point where auditors can realize significant benefits from their use: increased effectiveness and audit quality, reduced audit risk, increased efficiencies and cost reduction. Technological advances and the greater affordability of computer hardware have adequately addressed previous concerns about the cost of physically implementing a CAAT program. The real costs of not performing CAATs need to be highlighted. These costs, which cannot be readily quantified, relate to the risk of not understanding the data, the transactions supported by the data and the automated controls embedded into today’s business systems. This is the real cost – the risk of not meeting the audit objectives. This study addresses the important role that CAATs can play in the current business and audit environment, as well as expected benefits. The study will also provide practical examples and case studies to explain the role of CAATs and demonstrate their potential benefits. |