Name the three components that make up a corporate IT system.
1- Hardware (Wan, Lan, Servers, Computers
2- Operating System (e.g. Windows)
3- Applications (E.g. MS Office, SAP, etc.)
What are the IT General Controls that cover all systems?
1- Access Controls
2- Change Management Controls
3- Backup & Recovery
4- Security Management
5- Physical Security
6- Network Systems Operations and Monitoring
Application Controls what are they?
1- Program Controls - They are controls written into the program and include (Input, Processing, & Output Controls
2- Manual Controls - These include manual reviews by key controls owners that consist of evidence of review and analysis of the output that has been generated from the system report to ensure accuracy, including exception reports for improper transactions. These include, but not limited to, ensuring the correct time period of the report and reconciliation of control totals to ensure complete and accurate data set.
What is IPE?
InformationProducedbytheEntity(IPE)- referstoanydatageneratedbyacompanythatisusedasauditevidence,playingacrucialroleinensuringtheaccuracyandcompletenessoffinancialreporting.
What are the key IPE control areas?
Data Integrity
Access Security
Change-Management
Compliance & Regulatory
Review and Monitoring
Documentation
Is a report run using AI considered a key financial report?
Depends, if prompts developed for AI are used to analyze data that could impact financial reporting, then the report and results must be validated before it can be used.
Can AI be used to upload confidential information so that it can be used to analyze results?
Only if the AI site is not public and restricted who can use and access the data by the Company.
What is an example of an application control?
Balanced JE, Control Totals, etc.
What is an example of an ITGC control?
User Access Reviews, Backup and Recovery, System Monitoring, etc.
-
Chapter 1 - Role of Public Accountants10
-
Chapter 2 - Professional Standards7
-
Chapter 3 - Ethics10
-
Chapter 4 - CPA's Liability8
-
Chapter 5 - Audit Evidence17
-
Chapter 6 - Planning the Audit16
-
Chapter 7 - Internal Controls12
-
Chapter 21 - Internal Auditing5
-
Chapter 8 - Internal Controls IT9
-
Chapter 9 - Audit Sampling9
-
Chapter 10 & 11 - Cash/Revenue/Collections14
-
Chapter 12 & 14 - Inventory & A/P12
-
Chapter 13 - Auditing PP&E8
-
Chapter 16 - Completing the Audit6
-
Chapter 17 - Audit Reports10
