Auditors serve an essential role to the business world – they deter fraud by ensuring that public information about business organizations is a faithful representation of their financial status. Therefore, it is crucial for auditors to be knowledgeable in the system of internal controls employed by their clients. As technology continues to impact the nature of how business is conducted, auditors must also understand their client’s use accounting information systems. The Statement of Auditing Standards No. 109 (SAS 109) did not provide information regarding how auditing professionals must use their employers information systems to perform an audit. However, SAS 109 did provide information detailing the facets of an entity’s accounting information systems that must be understood and …show more content…
This includes the classes of transactions pertinent to an entity’s operations and the procedures taken to capture transactional information and other events and conditions. Supporting accounting records may also be inspected along with inquiries as to how incorrect transactions are corrected. Auditors must also be aware of their client’s processes in preparing financial statements, such as closing entries, accounting estimates, and disclosures.
Finally, auditors must be informed on the measures and controls taken at the entry point of the information system. It is essential that only the right people have access to the right data and programs, to prevent security breaches that may compromise the integrity of the entire information system. In essence, auditors must understand the “nature and characteristics of an entity’s use of IT in its information system” to address the risks posed by IT and its users (page 126). Aiding this process may also include interviews with users with access privileges, and an understanding of segregation of
Also he may conduct bank reconciliations on pertinent accounts to make sure no discrepancies or misstatements are found. The auditor should also perform vertical and horizontal analysis for the income statements and balance sheets by the use of ratios.
How management identifies those transactions, events and conditions that may give rise to the need for accounting estimates to be recognized or disclosed in the financial statements. And the auditor shall make inquiries of management regarding changes in circumstances that may give risk or new or the need to revise existing, accounting
The architectural design of a firm varies greatly. In 1950, the business environment of Arthur Andersen included using the computer effectively for automated bookkeeping. Structure and regulation of the markets, helped Arthur Andersen to develop into a well-respected and reputable auditing company. The federal law in the 1930s requiring companies to turn over their financial statements yearly to an independent auditor not only strengthened Arthur Andersen, but also helped with their impeccable reputation. Arthur Andersen’s strategy included quality audits with a well-managed staff and profits. Promotions and rewards were plentiful when auditors made sound auditing decisions. In the 1990s, Arthur Andersen’s organizational architecture and strategy focused on generating new business, cost cutting, and performance evaluations along with decision rights over its business (Brickley, Smith, & Zimmerman, 2009).
Every organization must have adequate control mechanisms in place to help protect sensitive information from the distribution or transmission outside the organization, inappropriate disclosure, and control of how the information accessed is used. Companies should have policies in place that outline the course of action to take should inappropriate usage or disclosure of data be
Analytical procedures are performed to assess whether there is any material modifications that need to be made to the financial statements. The accountant must obtain knowledge of the industry and entity in order to better understand the financials. The focus of the procedures and review should be in the areas where there are increased risks of material misstatements. The auditor should compare the financial statements to prior periods and inquire about any significant changes and/or discrepancies. Financial statements are reviewed to ensure they are prepared in accordance with GAAP, and that proper accounting principles and procedures are applied.
Information assurance seeks to secure this information from unauthorized access or use. With our ever advancing technological environment, business are struggling to protect themselves and the information that customers have entrusted to them with occasional mis-steps serving as reminders that one can never be too careful.
Due to increasing economic and financial growth, many types of audit have been incorporated throughout the development process of internal activities. Audits can be performed manually or they can incorporate technology. According to Hunton and
Audit planning details change from client to client, no matter the complications presented. Each evolution of society’s business world prompts rule makers to update authoritative accounting standards in order to allow for changes, auditors are then responsible to certify their client’s financial reports adhere within compliance according to current authoritative standards. Many cite the Sarbanes-Oxley Act (SOX) of 2002 as being legislation that has had the most profound impact on the auditing profession; incidentally, an auditor’s job is to certify financial statements are a fair representation of a company’s financial position, at a given point in time, using current acceptable standards. Society deems auditors as gatekeepers and expects the auditing profession to find and report fraud, prevent fraud, and make certain financial statements are true, fair representation of a company’s financial position. Even though the rules, regulations, and generally accepted accounting principles can sometimes be difficult to find and translate, the public expects auditors to prevent events such as those that sparked SOX. The Financial Accounting Standards Board (FASB) developed the Accounting Standards Codification (ASC) that became the authoritative source July 2009 (FASB, 2009). Perhaps the hardest impact auditors experience with FASB ASC is attempting to ascertain clients’ FASB ASC references in disclosures on financial statements; “management cannot delegate this function to the
Over the past decade the world has been taken by surprise by the numerous accounting scandals that have occurred, for example, Enron, WorldCom, Tyco, Xerox, and Global Crossing (Suyanto, 2009, p. 118). Since those accounting scandals occurred the United States Congress passed the Sarbanes-Oxley Act of 2002 (SOX) to help improve a company’s corporate governance and help deter fraud (Chinniah, 2015, p.2). In addition to SOX, the Accounting Institute of Certified Public Accountants (AICPA) passed the Statement on Auditing Standards (SAS) No. 99 (p. 118). Both of these new accounting laws help to deter financial statement fraud from occurring.
Some data entry steps may occur at any time during the accounting cycle, other transactions occur only during financial statement production. Each step consists of set of rules used to ensure the accuracy and conformity of financial statements to avoid illegal actions using inaccurate figures. Each type of report has a level of significance and use as each document provides differing information involving things such revenues, cash flows, and other transactions made within an
Accounting transactions are professional occasion that has either a positive or negative budgetary impact on the financial statements. One impact of transactions in a financial statement will increase or decrease the accounts contingent on the transaction that has taken place. The history of revenue that has come or gone from the business will be shown on both financial statements and accounting transactions. Many businesses make several transactions daily. Errors can have a negative impact on financial statements, because the facts come from the accounting transactions
In addition to audit controls, access controls are important because they help reduce the risk of internal data breaches by preventing unauthorized work staff to have access to ePHI. “Only individuals with a “need to know” should have access to ePHI” (Brodnik, Finehart-Thompson, & Reynolds, 2012, p. 304). Additionally, Brodnik et al., (2012), states that access controls are used to aid in the authentication, audit and authorization process by implementing unique specifications such as: a unique user identification number, emergency access procedures, having an automatic log offs, and by having unique specifications within the system that allows for encryption and decryption
Modern data processing systems pose new, risk-laden challenges to the traditional audit process. Whereas it was once possible to conduct a financial statement audit by assessing and monitoring the controls over paper-based transaction and accounting systems, businesses have increasingly turned to electronic transaction and accounting systems. SAS 94 offers guidance on collecting sufficient, competent evidence in an electronic processing environment. It pays particular attention to identifying circumstances when the system of control over electronic processing must be
The purpose of this project is to identify measures of internal control that ensures compliance with Sarbanes Oxley Act Section 404 and how the costs of compliance may be used to add business value for shareholders. The key requirements of SOX include definition, documentation, implementation, and assessment of effective controls to ensure the integrity of corporate financial information and the prompt reporting of material events that may affect the financial performance of the firm (Moeller, 2007). A survey conducted by Audit Analytics showed that internal control over financial reporting weaknesses from 2004 to 2005 improved, but still had companies with material weaknesses in both years (Bedard, 2007). This shows there is a need for more identification for continuous improvement. Threats to accounting systems come from various sources and can destroy the relevance and reliability of financial information, if ignored (Beard, 2007). Because IT governance defines the IT structuring measures, and monitoring framework, it should include business value (Robinson, 2005) and, since corporate governance drives and sets IT governance (Lainhart IV, 2000) the corporate governance is required for compliance with SOX Section 404. According to (Peterson, 2004), IT governance is the key to realizing IT business value. With the high costs of compliance that include the possible needing additional software and hardware, consultant engagements, additional
Prepare, examine, or analyze accounting records, financial statements, or other financial reports to assess accuracy, completeness, and conformance to reporting and procedural standards. They report to management regarding the finances of establishment. They also establish tables of accounts and assign entries to proper accounts (2011).