Implications of computers in financial statement audits
Fleenor, William C. Journal of Accountancy. New York: Apr 1995. Vol. 179, Iss. 4; pg. 91, 3 pgs
Abstract (Summary)
As changes occur in the way CPAs and their audit clients use computers, CPAs must find guidance in existing audit literature on the role of computers in financial statement audits. Statement on Auditing Standards 55, Consideration of the Internal Control Structure in a Financial Statement Audit, includes much of the authoritative literature on computers in auditing. The objectives of control procedures are the same whether they are manual or computerized. The AICPA publishes non-authoritative literature on computers and auditing. The AICPA information division has publications that help auditors keep up with changing technologies. Organizations such as the Information Systems Audit and Control Association and the Institute of Internal Auditors also can help CPAs understand the audit implications of computer systems.
As information technology evolves at an increasing pace, auditors face the challenge of staying abreast of technological developments and identifying and addressing their implications for financial statement audits. William C. Fleenor, CPA, Loranger, Louisiana, a member of the auditing standards board computer auditing subcommittee, describes the guidance in existing auditing standards on electronic data processing.
In the last few years there have been significant changes in how auditors use computers. Clients also are using more elaborate technology in their accounting information systems. Some of the technologies clients use include electronic data interchange (EDI)--in which traditional documents such as purchase orders and invoices no longer exist--electronic imaging systems and distributed data processing such as client sever computing. Because computers play an integral role in how businesses are run, they must play a similar role in how CPAs conduct audits.
AUTHORITATIVE LITERATURE
Much of the authoritative literature on computers and auditing appears in Statement on Auditing Standards no. 55, Consideration of the Internal Control Structure in a Financial Statement Audit, which describes the elements of an entity's internal control structure and explains how auditors should consider that structure in a financial statement audit. The statement is relevant in considering the audit impact of computers because the objectives of control procedures are the same whether the controls are manual or computerized.
The American Institute of CPAs audit guide, Consideration of the Internal Control Structure in a Financial Statement Audit, is especially helpful because it provides specific examples of client information systems for small, medium and large entities and explains how those systems might affect the audit. Because computer guidance has been integrated into the statement and the guide, specific references to computers may be hard to locate.
NONAUTHORITATIVE LITERATURE
The AICPA also publishes nonauthoritative literature on computers and auditing, some of high describes a particular technology's implications for financial statement audits. The auditing procedures study (APS), Auditing in Common Computer Environments, describes microcomputers, local area networks, end-user computing, database management systems and telecommunications and their possible audit implications. The AICPA auditing standards division's Audit Risk Alert--1994. describes the audit implications of EDI, client-server computing and conducting business on the Internet.
Three helpful items that will be published shortly are
* An APS, Auditing in a Client/Server Environment.
* EDI for Managers and Auditors.
* An APS, Reports on the Processing of Transactions by Service Organizations.
An existing APS, Auditing with Computers, describes how auditors can use computers as audit tools to increase efficiency.
The AICPA information technology division also develops publications to help auditors keep abreast of evolving technologies such as client-server computing and image processing and to provide guidance on technology issues such as disaster recovery, microcomputer security and CPA firm technology planning.
OTHER RESOURCES
Auditors who find they need a more in-depth knowledge of computers may have to go beyond the AICPA for information. The Information Systems Audit and Control Association (formerly the EDP Auditor's Association) and the Institute of Internal Auditors (see exhibit 1, this page) have publications that may help auditors develop the knowledge and understanding of computer systems needed for certain clients.
Exhibit 2, page 93, lists publications from the AICPA and others that may be helpful to CPAs as sources of information on audit-related computer topics.
A CHANGING WORLD
It's important for financial statement auditors to stay current with the ever-changing world of auditing and computers. The resources listed here should provide CPAs with the help they need.
EXECUTIVE SUMMARY
AS CHANGES OCCUR in the way CPAs and their audit clients use computers, CPAs must find guidance in existing audit literature on the role of computers in financial statement audits.
STATEMENT ON AUDITING Standards no. 55, Consideration of the Internal Control Structure in a Financial Statement Audit, includes much of the authoritative literature on computers in auditing. The objectives of control procedures are the same whether they are manual or computerized.
THE AMERICAN INSTITUTE of CPAs publishes nonauthoritative literature on computers and auditing. The AICPA information technology division has publications to help auditors keep up with changing technologies.
ORGANIZATIONS SUCH AS the Information Systems Audit and Control Association and the Institute of Internal Auditors also can help CPAs and understand the audit implications of computer systems
No comments:
Post a Comment