Accounting

Chapter 11 Information Technology Auditing

INTRODUCTION THE AUDIT FUNCTION

Internal versus External Auditing Information Technology Auditing Evaluating the Effectiveness of Information Systems Controls

PROBLEMS CASE ANALYSES

Basic Requirements Tiffany Martin, CPA The Linz Company

THE INFORMATION TECHNOLOGY AUDITOR’S TOOLKIT

Auditing Software People Skills

REFERENCES AND RECOMMENDED READINGS ANSWERS TO TEST YOURSELF

AUDITING THE COMPUTERIZED ACCOUNTING INFORMATION SYSTEM

Testing Computer Programs Validating Computer Programs Review of Systems Software Validating Users and Access Privileges Continuous Auditing

INFORMATION TECHNOLOGY AUDITING TODAY

Information Technology Governance Auditing for Fraud—Statement on Auditing Standards No. 99 The Sarbanes-Oxley Act of 2002 Third-Party and Information Systems Reliability Assurances

AIS AT WORK—AN INTERNAL AUDIT ‘‘404’’ REVIEW SUMMARY KEY TERMS YOU SHOULD KNOW TEST YOURSELF DISCUSSION QUESTIONS

After reading this chapter, you will: 1. Know how external auditing differs from internal auditing. 2. Understand the information technology audit process and types of careers in information technology auditing. 3. Understand the software and people skills needed by information technology auditors. 4. Know how to determine the effectiveness of internal controls over specific information systems. 5. Be familiar with various techniques auditors use to evaluate computerized information systems. 6. Understand that IT governance is not just about security. 7. Appreciate how auditors can use IT to prevent and discover fraudulent activities. 8. Know how the Sarbanes-Oxley Act of 2002 influences the role of IT auditors. 9. Be familiar with various types of third assurance services related to IT.

341

342

PART FOUR / Special Topics in Accounting Information Systems

Information Systems auditors, who evaluate how a company’s computer systems safeguard assets and maintain data integrity, are in hot demand...