basic ideas 2 Chapter 8 Systems work:
|
|
- Tabitha Hardy
- 6 years ago
- Views:
Transcription
1 Chapter 8 Systems work: basic ideas 2
2 Learning objectives To explain the nature and role of application controls and describe the main features of these controls. To distinguish between systems-development/maintenance controls and application controls. To show how the auditor breaks down systems into components as an aid to understanding the systems. To explain how the auditor records systems in use. 2
3 Application controls The major objectives of computer applications: Data collected prior to input is genuine, accurate and complete. Data accepted by the system remains genuine, accurate and complete during processing. Data stored temporarily or permanently should be genuine accurate and complete. Output data/information is genuine, accurate and complete and goes to the intended recipient. Information/audit trail is complete. Explanation of Genuine, accurate and complete (see Table 6.2 and PowerPoint slides 6, 7 and 8 for Chapter 6). Application controls are applied at: data capture/input; processing; and output. Special controls: database and e-commerce. 3
4 Data capture/input controls Boundary controls are controls over user and system interface: cryptographic controls; plastic cards for identification; PINs; digital signatures; passwords; firewalls; and initiation of information/audit trail. Input controls in place before data passes interface: design of source documentation; design of product, customer and other codes; check digits; sequence checking; limit or reasonableness tests; one-for-one checking; and batch controls. In database systems batch controls are different in nature. Input data verified as soon as possible after entry. Two useful controls: exception reports and sound warnings of invalid data entry. 4
5 Activity 8.2 A sales clerk receives a telephone order from a customer, Harry Smith, who asks for a delivery of 100 units of a product, at a price of 5 per unit. What is particularly risky about this transaction and what procedures would be appropriate to reduce the risks to an acceptable level? 5
6 Password and related systems 1 Features of password system: degrees of access alphanumeric digits avoid passwords identified with person using secrecy regular/frequent changes shutdown of terminals if incorrect. 6
7 Password and related systems 2 Related controls: Restriction of terminals to one particular activity Records of terminals and employees accessing Restriction of use of terminals Where national telephone system used for transmitting data: numbers ex-directory private secure lines numbers restricted to identified activities call-back system encryption. 7
8 Firewalls Firewall system controlling access between internet and entity network. Intranets allow easy transfer of data between parts of the system. Extranets networks expanded to people and organizations outwith the organization may be more vulnerable to outside threats. Firewalls need authorization and identification systems. Some networks very tight intranet for use of top management or transfer of data. Others more open for some forms of communication. 8
9 Activity 8.3 Apart from recording the identity and the authenticity of the user, what other data about users and related actions should be recorded when a user initiates a transaction? 9
10 Data capture/input controls Figure
11 Data capture/input controls Organizational controls in non-data base systems (Figure 8.1): Segregation of user departments and the computer department. User department retention of control over data Formal transfers of data. Maintenance of control log Investigation of differences. Early verification of inputs. 11
12 Processing controls Controls over CPU, main memory, operating system Controls over applications Continuity in processing run-to-run controls file dumping control totals. Master files data genuine, accurate, complete. Testing of programs during development and on continuing basis. Complete and recorded information/audit trail. Control system to ensure no data lost or corrupted if system failure. Other processing controls: sequence checks limit or reasonableness tests checking calculations. 12
13 Activity 8.5 Assume that, in an entity that you are auditing, an inventory order is automatically prepared when a minimum inventory level has been reached. What kind of data would you like to see recorded in the preparation of the purchase order? 13
14 Output controls Two purposes of output controls: (1) outputs are genuine, accurate and complete; (2) outputs are distributed to those who need them. Access controls, batch control and rapid correction of errors make genuine, accurate and complete outputs more likely. The exception report is a special kind of output, important in the context of control. Users of output data and information should be trained to review the output for any obvious errors. 14
15 Database systems A database is a collection of data that is shared and used by a number of different applications for different purposes. Prime advantage provide the same data to all authorized users, but there are security and integrity problems to be solved: a) Loss of control over data by data preparation personnel. b) Excessive power in the hands of the database administrator. c) Technical features to secure safety in processing may reduce control. d) The information/audit trail is particularly important. 15
16 E-commerce Risk enhanced by the openness of the internet. There are four degrees of internet use: 1. Using the internet as a means of making information available to outsiders. 2. Exchanging information with trading partners. 3. Using the internet to transact business. 4. Full integration with business systems with direct impact on the entity s records. Auditors determine management strategy and steps to identify risks and how controlled: security risks legal and taxation matters practical business and accounting problems the internet never sleeps crisis management. 16
17 E-commerce: security risks Threats to security of data and systems: Corruption of data by viruses and hackers Threat to privacy of personal data Infringement of intellectual property rights Unwanted communication, e.g. spam Controls to reduce impact of risks: 1. Security policy 2. Firewalls 3. Private networks, such as intranets and extranets 4. Information/audit trails 5. Other security measures i. Encryption of data ii. Identification and authentication information 17
18 Legal and taxation matters ISA 250: The auditor shall obtain sufficient appropriate audit evidence regarding compliance with the provisions of those laws and regulations generally recognized to have a direct effect on the determination of material amounts and disclosures in the financial statements. The internet is international in nature must be known which legal jurisdiction applies when transactions are entered into. Also which tax jurisdiction can tax income derived from a transaction, including VAT. 18
19 E-commerce practical business and accounting problems Entity carrying on business over internet may act as principal (record as sales) or agent (record commission) examine contractual arrangements with third parties. Other accounting matters include: Cut-off Return of goods and claims under product warranties Bulk discounts and special offers Payment other than by monetary transfer Browsing Follow-through of transactions 19
20 E-commerce the internet never sleeps E-commerce systems must operate efficiently and effectively for 24 hours Staffing implications Systems robust enough to work properly over the 24-hour period Integration of systems and automatic updates of accounting records desirable. 20
21 E-commerce crisis management Systems to ensure losses minimized when things go wrong. Possible consequences of failures include loss of reputation, loss or corruption of data and information and significant reductions in positive cash flows possible going concern implications. Appropriate measures include back-up of important data, installing emergency power supplies, regular review of system quality by independent persons and regular maintenance and testing of systems in use. 21
22 Audit approaches to systems and controls Systems objectives are audit objectives. Recording accounting and control systems. 22
23 Systems objectives = audit objectives (1) The basic approach to any audit area: 1. Identify the components. 2. Identify the assertions relating to those components assertions = audit objectives, often framed as key questions. 3. Identify the inherent risks associated with each assertion. 4. Identify the controls associated with the component. 5. Estimate the level of control risk. 6. Determine the audit detection procedures necessary to reduce total audit risk to acceptable proportions. See Table 8.1 for assertions in a sales and trade receivables system. 23
24 Systems objectives are audit objectives (2) Table
25 Activity 8.11 Consider the following assertion relating to sales: The sales represent goods whose title has passed to a third party. This can be rephrased as an inherent risk: There is an inherent risk that recorded sales do not represent goods that have passed to a third party. Under what circumstances do you think that inherent risk might be high in relation to this assertion? 25
26 Systems objectives are audit objectives (3) Figure
27 Activity 8.12 Examine Figure 8.2 (on the previous slide) and identify points where there should be control actions. 27
28 Systems objectives are audit objectives (4) Figure
29 Activity 8.13 Now identify points where there should be control actions in the data flow system shown in Figure 8.3 (on the previous slide). 29
30 Recording accounting and control systems (1) Practical way to approach the work is: 1. Find out persons operating the system by enquiry. 2. Interview each person. 3. Note distribution of copies of any documents. 4. Find out what entries are made in permanent records as a result of the transactions and construct the information/audit trail. Auditors use walk-through tests to understand system, record it and to see if the entity appears to have appropriate controls in force. Auditors record systems and controls, using: Narrative description Visual description Questionnaires and checklists 30
31 Recording accounting and control systems (2) Visual description: 1. Organization charts 2. Information trail/audit trail flow chart 3. Flow charts: document flow chart data flow diagram system flow chart program flow chart. 4. Questionnaires and checklists: Internal control questionnaire (ICQ) Internal control evaluation questionnaire (ICEQ) Electronic data processing (EDP) or IT checklists In practice, a combination of narrative description, flowcharts and questionnaires and checklists will be used. Each method has its value. 31
32 Flowcharts Advantages: 1. Aids understanding of accounting/control systems. 2. To draw a flow chart properly auditor must understand how the entity controls its operations. 3. Detect strengths, weaknesses, unnecessary procedures and documents. Disadvantages: 1. Time-consuming to prepare and difficult to alter. 2. In simple systems, narrative descriptions better. 3. Considerable variation of symbols used. 4. Require experience to prepare and interpret. 5. In complex situations too simplistic. 32
33 Internal control questionnaire (ICQ) (1) ICQs record details of the system useful in recording small systems. Used to interpret the strengths and weaknesses of the system. Designed to prompt memory as to the matters of importance in the system. Indicates whether individual parts of the system are strong or weak, but requires overall conclusion. See Horton Limited cash receipts system in Figure
34 Receipts of cash system Figure
35 Internal control evaluation questionnaire (ICEQ) (2) ICEQs not used to record the system, but to evaluate it after recording by other means. Set objectives for auditors, phrased as key questions. These key questions can often only be answered by asking other questions. See Table 8.2 for key questions and suggested subsidiary questions in the sales and debtors area. Larger firms use computer-generated information on ICEQs in conjunction with expert systems. 35
36 Key and subsidiary questions in a sales system (1) Table
37 Key and subsidiary questions in a sales system (2) Table 8.2 (continued) 37
38 Key and subsidiary questions in a sales system (3) Table 8.2 (continued) 38
39 Key and subsidiary questions in a sales system (4) Table 8.2 (continued) 39
40 Key and subsidiary questions in a sales system (5) Table 8.2 (continued) 40
41 Key and subsidiary questions in a sales system (6) Table 8.2 (continued) 41
42 Electronic data processing (EDP) or IT checklists EDP or IT checklists, have been developed to help the auditor assess the quality of computer systems. See Figure 8.5. This EDP/IT checklist has been completed for general controls: development controls and organizational controls and security for Burbage Limited whose sales system is described in Case study 9.4 in Chapter 9. 42
43 EDP IT checklist of development, organizational and security controls (Burbage Limited) (1) Figure
44 EDP IT checklist of development, organizational and security controls (Burbage Limited) (2) Fig 8.5 (continued) 44
45 EDP IT checklist of development, organizational and security controls (Burbage Limited) (3) Figure 8.5 (continued) 45
46 EDP IT checklist of development, organizational and security controls (Burbage Limited) (4) Figure 8.5 (continued) 46
47 EDP IT checklist of development, organizational and security controls (Burbage Limited) (5) Figure 8.5 (continued) 47
48 EDP IT checklist of development, organizational and security controls (Burbage Limited) (6) Figure 8.5 (continued) 48
49 Figure 8.1 Interface between data preparation and computer room
50 Figure 8.2 Sales system: simplified overview chart
51 Figure 8.3 Data flow diagram: customer order system
52 Figure 8.4 Receipts of cash system
53 Figure 8.5 EDP IT checklist of development, organizational and security controls (Burbage Limited)
54 Figure 8.5 (Continued) Note 1: An S denotes strong controls: Note 2: If this checklist was on an expert system the initial evaluation might be suggested by the computer program, but would have to be reviewed manually before a final conclusion was reached
55 Figure 8.6 Computer systems flowchart for a payroll system
Retail Payment Systems Internal Control Questionnaire
Retail Payment Systems Internal Control Questionnaire Completed by: Date Completed: POLICIES AND PROCEDURES 1. Has the board of directors, consistent with its duties and responsibilities, adopted formal
More informationDiocese of Covington Policies & Procedures Manual Section: Compliance Accounting Policy: Internal Control & Segregation of Duties
Internal Control refers to the policies and procedures established to provide reasonable assurance that parish assets are safeguarded, that accountability is achieved, and that errors in financial records
More informationCorporate Background and Experience: Financial Soundness: Project Staffing and Organization
A motion by Kentucky, on behalf of the Certification Committee, to adopt changes to the Governing Board Rules, Appendix C, Criteria and Minimum Standards for CSP Certification: Appendix C (04/07/2015)
More informationInternal Control and the Computerised Information System (CIS) Environment. CA A. Rafeq, FCA
Internal Control and the Computerised Information System (CIS) Environment CA A. Rafeq, FCA 1 Agenda 1. Internal Controls and CIS Environment 2. Planning audit of CIS environment 3. Design and procedural
More informationINTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS
INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT (Effective for audits of financial statements for periods beginning
More informationTHE UNIVERSITY OF GEORGIA INTERNAL AUDITING DIVISION INTERNAL CONTROL QUESTIONNAIRE GENERAL
GENERAL BACKGROUND MATERIAL A. Please provide an organization chart which shows lines of authority and responsibility for the unit. B. What department code(s) does your Office manage? C. Who is the contact
More informationCHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS
5-1 CHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS INTRODUCTION In accordance with Statements on Auditing Standards Numbers 78 and 94, issued by the American Institute of Certified Public Accountants
More informationChapter 11: The General Ledger and Financial Reporting Cycle
Accounting Information Systems: Essential Concepts and Applications Fourth Edition by Wilkinson, Cerullo, Raval, and Wong-On-Wing Chapter 11: The General Ledger and Financial Reporting Cycle Slides Authored
More informationFOUNDATIONS IN ACCOUNTANCY Paper FAU (UK) Foundations in Audit (United Kingdom)
Answers FOUNDATIONS IN ACCOUNTANCY Paper FAU (UK) Foundations in Audit (United Kingdom) June 2012 Answers Section A QUESTIONS 1 10 MULTIPLE CHOICE Question Answer See Note Below 1 A 1 2 D 2 3 C 3 4 B 4
More informationGATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA
GATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA Definition of Internal Controls COSO Internal Control Framework Internal Controls (2 CFR 200.303) Grantee responsibilities Awarding state agency
More informationCPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a. AUDITING THEORY Risk Assessment and Response to Assessed Risks
Page 1 of 7 CPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a Related PSAs: PSA 400, 315 and 330 AUDITING THEORY Risk Assessment and Response to Assessed Risks 1. Which of the following is correct statement?
More informationTop 5 Must Do IT Audits
Top 5 Must Do IT Audits Mike Fabrizius, Sharp HealthCare, VP, Internal Audit DJ Wilkins, KPMG, Partner, IT Advisory 2011 AHIA Annual Conference www.ahia.org Background on Sharp HealthCare Sharp s Co-sourcing
More informationP13-1 ANS. a. Table of Entities and Activities for Internet Payment Platform (Accounts Payable and Cash Disbursements Processes)
Accounting Information Systems, 7e 1 P13-1 ANS. a. Table of Entities and Activities for Internet Payment Platform (Accounts Payable and Cash Disbursements Processes) Entities Para Activities 2 1. Log on
More informationGuidelines for Establishing Direct Debit Requests Electronically or by Telephone
Guidelines for Establishing Direct Debit Requests Electronically or by Telephone September 2017 Version 1.7 P a g e 2 Introduction These guidelines are practical recommendations for businesses (which are
More informationAuditing Standards and Practices Council
Auditing Standards and Practices Council PHILIPPINE STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT PHILIPPINE STANDARD ON AUDITING
More informationFraud Risk Management
Fraud Risk Management Specific Anti-Fraud Controls (Process or Transaction Level) 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization have adequate staffing
More informationInternal Control Evaluation
INTERNAL CONTROL EVALUATION Adapted from a checklist created by Jackie F. Breland, CPA (www.jackiebreland.com) Organization: Date Prepared or Updated: Prepared by: Introduction The purpose of this checklist
More informationInternal Audit Report. Post Implementation Review PeopleSoft Accounts Payable TxDOT Internal Audit Division
Internal Audit Report Post Implementation Review PeopleSoft Accounts Payable TxDOT Internal Audit Division Objective To determine if the Oracle PeopleSoft Accounts Payable system is providing effective
More informationGOVERNANCE AES 2012 INFORMATION TECHNOLOGY GENERAL COMPUTING CONTROLS (ITGC) CATALOG. Aut. / Man. Control ID # Key SOX Control. Prev. / Det.
GOVERNANCE 8.A.1 - Objective: Information Technology strategies, plans, personnel and budgets are consistent with AES' business and strategic requirements and goals. Objective Risk Statement(s): - IT Projects,
More informationINTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 505 EXTERNAL CONFIRMATIONS
INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 505 Introduction EXTERNAL CONFIRMATIONS (Effective for audits of financial statements for periods ending on or after 15 December 2010) CONTENTS Paragraph
More informationPROFESSIONAL LEVEL PART-A: OVERVIEW OF AUDITING AND ASSURANCE
SYLLABS 2016 Part-D Weightage Part-E Part-C Part-A PROFESSIONAL LEVEL P2 - Audit & Assurance Part-B Part-A Overview of Auditing and Assurance 15% Part-B Audit Planning 20% Part-C Internal Controls 20%
More informationFinancial Statement Close Process
Financial Statement Close Process Process Control Objective Risk Control Considerations Segregation of Duties Accounting functions are properly segregated. Unauthorized and inaccurate transactions may
More informationFile. Audit. City Auditor
Accounts Payab ble - Vendor Master File Audit Craig Hametner, CPA, CIA, CISA, CMA, CFE City Auditor Prepared By Marla Hamilton, Staff Auditor Reviewed By Jed Johnson, Sr. Auditor INTERNAL AUDIT DEPARTMENT
More informationACC103. Accounting Best Practices - 20 hours. Objectives
ACC103 Accounting Best Practices - 20 hours Objectives This course Accounting Best Practices, Sixth Edition will teach you how to adopt best practices within your accounting department. This will allow
More informationCard reader for your UBS Online Services User Guide
ab Card reader for your UBS Online Services User Guide www.ubs.com ab Also available in German. April 2014. (L47004) UBS 2014. The key symbol and UBS are among the registered and unregistered trademarks
More informationUniversity Internal Audit
University Internal Audit Compliance Audit Overview Bill Abplanalp Audit Manager Agenda Introductions What is Internal Audit Compliance Review Questions Internal Audit Mission Provide independent, objective
More informationPCI Requirements Office of Business and Finance Issued July 2015
PCI Requirements Office of Business and Finance Issued July 2015 This document provides supplemental information to be used in conjunction with the Payment Card Compliance policy to assist merchants and
More informationAdvanced External Auditing [AU2] Examination Blueprint
Purpose Advanced External Auditing [AU2] Examination Blueprint 2014-2015 The Advanced External Auditing [AU2] examination has been constructed using an examination blueprint. The blueprint, also referred
More informationCONTROLS TESTING VS SUBSTANTIVE TESTING: A PRACTICAL APPROACH CPA MADHAV BHANDARI MANAGING PARTNER AT BAKER TILLY MERALI S NOVEMBER 2017
CONTROLS TESTING VS SUBSTANTIVE TESTING: A PRACTICAL APPROACH CPA MADHAV BHANDARI MANAGING PARTNER AT BAKER TILLY MERALI S NOVEMBER 2017 1 INTRODUCTION What are the common audit problems? Inadequacy of
More informationIT Audit Process. Michael Romeu-Lugo MBA, CISA March 27, IT Audit Process. Prof. Mike Romeu
Michael Romeu-Lugo MBA, CISA March 27, 2017 1 Agenda Audit Planning PS 1203 / PG 2203 Evidence PS 1205 / PG 2205 References: ITAF 3 rd Edition Information Systems Auditing: Tools and Techniques Creating
More informationPREDICTIVE INTELLIGENCE SECURITY, PRIVACY, AND ARCHITECTURE
PREDICTIVE INTELLIGENCE SECURITY, PRIVACY, AND ARCHITECTURE Last Updated: May 6, 2016 Salesforce s Corporate Trust Commitment Salesforce is committed to achieving and maintaining the trust of our customers.
More informationLink download full: Solution Manual for Accounting Information Systems 13th Edition by Romney
Link download full: Solution Manual for Accounting Information Systems 13th Edition by Romney http://testbankcollection.com/download/solution-manual-for-accountinginformation-systems-13th-edition-by-romney
More informationInternal Controls: Need Them, Have Them, Love Them
Internal Controls: Need Them, Have Them, Love Them Tiffany R. Winters, Esquire twinters@bruman.com Brustein & Manasevit Fall Forum 2010 Why Do We Have Internal Controls? The Federal Managers Financial
More informationCHAPTER 2 OVERVIEW OF TRANSACTION PROCESSING AND ENTERPRISE RESOURCE PLANNING SYSTEMS SUGGESTED ANSWERS TO DISCUSSION QUESTIONS
CHAPTER 2 OVERVIEW OF TRANSACTION PROCESSING AND ENTERPRISE RESOURCE PLANNING SYSTEMS SUGGESTED ANSWERS TO DISCUSSION QUESTIONS 2.1 Table 2-1 lists some of the documents used in the revenue, expenditure,
More informationAssurance Hand Note Professional Stage-Knowledge Level By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM) Assurance
Assurance 1 CONTENTS OF ASSURANCE 01. Preliminary of Assurance: 1.01 Assurance Engagement: 1.02 Key elements of an assurance engagement: 1.03 Levels of assurance 1.04 Objective of an Audit: 1.05 True &
More informationAPPENDIX 2 COMMUNITY DEVELOPMENT COMMISSION FINANCIAL CHECKLIST REQUIRED FOR ALL APPLICANTS (A SITE VISIT MAY BE CONDUCTED LATER)
REQUIRED FOR ALL APPLICANTS (A SITE VISIT MAY BE CONDUCTED LATER) AGENCY NAME: AGENCY ADDRESS AGENCY PHONE: DATE PREPARED: PREPARED BY: TITLE: EMAIL: AGENCY GENERAL INFORMATION EXECUTIVE DIRECTOR /CITY
More informationExternal Confirmations
ISA 505 March 2009 International Standard on Auditing External Confirmations INTERNATIONAL STANDARD ON AUDITING 505 External Confirmations Explanatory Foreword The Council of the Malaysian Institute of
More informationLine 500. What s new in v7. x62836_sage_p1_cg.indd 1 9/10/07 09:06:38
Line 500 What s new in v7 x62836_sage_p1_cg.indd 1 9/10/07 09:06:38 Contents 1 500: Developed for you 2 What s New? 4 500 at a glance At Sage, we understand that mid-sized and larger businesses have varied
More informationF200 Financials: Intermediate Training Guide
F200 Financials: Intermediate Training Guide Acumatica ERP 5.0 Last Revision: 2/23/2015 Contents 2 Contents Copyright...4 Introduction... 5 How to Use This Course...6 Part 1: Configuring Branches and Subaccounts...9
More informationFile No: PERMANENT AUDIT FILE INDEX Annual update confirmation. Business details 1. Background to client
Client: Year/Period End: PERMANENT AUDIT FILE INDEX Annual update confirmation Business details 1. Background to client 2. Financial History 3. Register of laws and regulations 4. Related parties 5. Group
More informationHow to Lock Down Your Document Recording Processes Focus on compliance and security
How to Lock Down Your Document Recording Processes Focus on compliance and security How to Lock Down Your Document Recording Processes 2017 1 How to Lock Down Your Document Recording Processes Focus on
More informationFraud Control Plan 2016
2016 Issue Date: September 2015 November 2016 Review Date: November 2018 Statement of Principle Dunedin Kindergartens Incorporated, trading as Dunedin Kindergartens, is entrusted by the community and
More informationWhat does an external auditor look for in SAP R/3 during SOX 404 Audits? Ram Bapu, CISSP, CISM Sandra Keigwin, CISSP
What does an external auditor look for in SAP R/3 during SOX 404 Audits? Ram Bapu, CISSP, CISM Sandra Keigwin, CISSP What does an external auditor look for in SAP during SOX 404 Audits? Corporations have
More informationFLORIDA COURTS E-FILING PORTAL. For the period July 1, 2015 through June 30, 2016
SERVICE ORGANIZATION CONTROL REPORT (SSAE. 16) FOR FLORIDA COURTS E-FILING PORTAL For the period July 1, 2015 through June 30, 2016 LANIGAN & ASSOCIATES, PC CERTIFIED PUBLIC ACCOUNTANTS TABLE OF CONTENTS
More informationVIRGINIA STATE UNIVERSITY RISK ANALYSIS SURVEY OPERATIONAL. 1. Operating Concerns of the Assessable Unit and/or Business Process
ASSESSABLE UNIT: Enter name of the Assessable Unit here BUSINESS PROCESS: Enter the Business Process here BANNER INDEX CODE: Enter Banner Index Code here 1. Operating Concerns of the Assessable Unit and/or
More informationKNOW YOUR RUPAY DEBIT CARD
KNOW YOUR RUPAY DEBIT CARD ABSTRACT The objective of this document is to introduce the member banks to RuPay Debit Card program and to guide the issuing banks on the RuPay Debit Card features including
More information(Effective for audits of financial statements for periods ending on or after December 15, 2013) CONTENTS
INTERNATIONAL STANDARD ON AUDITING 315 (REVISED) IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT Introduction (Effective for audits of
More informationLiverpool Hope University
Liverpool Hope University PCI DSS Policy Date Revision/Amendment Details & Reason Author 26th March 2015 Updates G. Donelan 23rd June 2015 Audit Committee 7th July 2015 University Council 1. Introduction
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationCOMMISSION DELEGATED REGULATION (EU) No /.. of XXX
EUROPEAN COMMISSION Brussels, XXX [ ](2017) XXX draft COMMISSION DELEGATED REGULATION (EU) No /.. of XXX supplementing Directive 2015/2366 of the European Parliament and of the Council with regard to regulatory
More informationWhich of the following should be done with the copies of cancelled invoices in sales system? Select correct option: CORRECT
Which of the following should be done with the copies of cancelled invoices in sales system? Select correct option: Should be discarded Should be retained Should be dispatched to the suppliers CORRECT
More informationINTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE CONTENTS
INTERNATIONAL STANDARD ON 500 AUDIT EVIDENCE (Effective for audits of financial statements for periods beginning on or after December 15, 2004) CONTENTS Paragraph Introduction... 1-2 Concept of Audit Evidence...
More informationDeltek Touch Time & Expense for Vision. User Guide
Deltek Touch Time & Expense for Vision User Guide September 2017 While Deltek has attempted to verify that the information in this document is accurate and complete, some typographical or technical errors
More informationANNEX 2 Security Management Plan
ANNEX 2 Page 1 of 24 The following pages define our draft security management plan (a complete and up to date shall be submitted to The Authority within 20 days of contract award as per Schedule 2.4, para
More informationQAD FINANCIALS BENEFITS
QAD FINANCIALS CFOs, finance managers and controllers of manufacturing companies deal with a wide variety of strategic and operational challenges. CFOs constantly balance risk with the need for strategic
More informationWednesday, May 31, :30am - 11:30am
6. 8.. 8. Computerizing your Books (Rightsizing to your need) Wednesday, May 31, 2017-9:30am - 11:30am In the computerizing session we will take a look at the factors you might want to consider in moving
More informationUniWeb. Our electronic banking services system available directly on the Internet
UniWeb Our electronic banking services system available directly on the Internet Contents 1. WHAT IS UNIWEB 2. SECURITY FEATURES 3. COMMERCIAL SOLUTIONS 3.1. Available operations 3.2. Benefits for the
More informationTerminal Verification Checklist - NSPOS X
May 4, 2017 Release 2017.1.X Table of Contents Overview... 1 Verification Steps... 2 User Interface... 2 Finding Items... 3 Transaction Processing... 3 Reports Functionality... 4 NetSuite ERP Integration
More informationAudit evidence. chapter. Chapter learning objectives. When you have completed this chapter you will be able to:
chapter 9 Audit evidence Chapter learning objectives When you have completed this chapter you will be able to: explain the assertions contained in the financial statements explain the use of assertions
More informationOVERVIEW 4/19/10. Internal Controls and the Audit Process May 4, 2010 OVERVIEW. Definition and historical perspective of internal auditing
and the Audit Process May 4, 2010 Presented by: Deborah A. Stevens CPA Wichita County Auditor 1 OVERVIEW Definition and historical perspective of internal auditing Role and responsibilities of the internal
More informationGR Government Records
GR Government Record Series GR1000 GR1025 GR1050 GR1075 GR5750 GR5800 GR5825 Record Title PART 1: ADMINISTRATIVE RECORDS PART 2: FINANCIAL RECORDS PART 3: PERSONNEL AND PAYROLL RECORDS PART 4: SUPPORT
More informationYou can easily view comparative data and drill through for transaction details.
analyzing financial and operational information (such as number of sales reps, occupancy rates or cycle time), giving you a very powerful business management tool that leverages your financial data. You
More informationChapter 12: The Revenue Cycle
Chapter 12: The Revenue Cycle Syaiful Ali, SE., MIS., Ak. Introduction Revenue Cycles tend to be similar for all types of firms. Two subsystems perform the processing steps within the revenue cycle: The
More informationMichigan Department of Transportation Market Scan for a Digital Signature Solution
Michigan Department of Transportation Market Scan for a Digital Signature Solution Contact: E-Mail: David Hatch hatchd@michigan.gov Table of Contents Privacy Information... 1 Market Scan Description and
More informationPCI Requirements Office of Business and Finance Issued July 2015
PCI Requirements Office of Business and Finance Issued July 2015 This document provides supplemental information to be used in conjunction with the Payment Card Compliance policy to assist merchants and
More informationSTATEMENT OF AUDITING STANDARDS 500 AUDIT EVIDENCE
STATEMENT OF AUDITING STANDARDS 500 AUDIT EVIDENCE (Issued January 2004) Contents Paragraphs Introduction 1-2 Concept of Audit Evidence 3-6 Sufficient Appropriate Audit Evidence 7-14 The Use of Assertions
More informationUser Manual. I-9 Management
User Manual I-9 Management Revised April 21, 2009 This document is the user manual for a client implementing the TALX I-9 management service and is confidential to TALX Corporation. This document or any
More informationSAN FRANCISCO COURT APPOINTED SPECIAL ADVOCATE PROGRAM
SAN FRANCISCO COURT APPOINTED SPECIAL ADVOCATE PROGRAM FINANCIAL PROCEDURES MANUAL Table of Contents GENERAL ACCOUNTING POLICY AND PROCEDURES... 3 OVERALL ACCOUNTING SYSTEM DESIGN... 3 CONTROL OBJECTIVE...
More informationE-Commerce. Other Apps. Organizational Applications 6/14/2016. Electronic Commerce. Prof. Ir. Kudang B. Seminar, MSc, PhD.
Electronic Commerce E-Commerce Electronic Commerce: Buying and selling of information, products, and services via computer networks that make up Internet, Intranet, or Extranet Prof. Ir. Kudang B. Seminar,
More informationSage Pastel Partner Add-On Modules Training
Sage Pastel Partner Add-On Modules Training Receipting Module This course has been designed for learners who work on the Sage Pastel Partner Receipting module and would like to enhance their knowledge
More informationDepartment of Labor, Licensing and Regulation Office of the Secretary Division of Administration
Audit Report Department of Labor, Licensing and Regulation Office of the Secretary Division of Administration November 2008 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL
More informationPOS and Data Warehouse Annual Subscription Form (Subscription prices are per restaurant location)
POS and Data Warehouse Annual Subscription Form (Subscription prices are per restaurant location) Your subscription includes: A secure website allowing subscribers to transmit via approved POS systems
More informationPCI COMPLIANCE PCI COMPLIANCE RESPONSE BREACH VULNERABLE SECURITY TECHNOLOGY INTERNET ISSUES STRATEGY APPS INFRASTRUCTURE LOGS
TRAILS INSIDERS LOGS MODEL PCI Compliance What It Is And How To Maintain It PCI COMPLIANCE WHAT IT IS AND HOW TO MAINTAIN IT HACKERS APPS BUSINESS PCI AUDIT BROWSER MALWARE COMPLIANCE VULNERABLE PASSWORDS
More informationSarbanes-Oxley Compliance Kit
Kit February 2018 This product is NOT FOR RESALE or REDISTRIBUTION in any physical or electronic format. The purchaser of this template has acquired the rights to use it for a SINGLE Disaster Recovery
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 30, 2017 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationSafeguarding public money
Safeguarding public money Following the repeal of s 150(5) of the Local Government Act 1972 local councils in England applying this guidance may safely take advantage of modern payments methods while protecting
More informationUnit 1: About this Workbook Unit 2: Occupational Health and Safety Procedures
Table of Contents Unit 1: About this Workbook... 1-4 Unit 2: Occupational Health and Safety Procedures... 5-6 Unit 3: Double-Entity Bookkeeping Principles [Optional]... 7-14 Unit 4: Notes on the Goods
More informationGLOBAL E-BUSINESS AND COLLABORATION Learning Objectives
Chapter 2 GLOBAL E-BUSINESS AND COLLABORATION Learning Objectives Define and describe business processes and their relationship to information systems. Evaluate the role played by systems serving the various
More informationACC103. Accounting Best Practices - 20 hours. Objectives
ACC103 Accounting Best Practices - 20 hours Objectives This course Accounting Best Practices will teach you how to adopt best practices within your accounting department. This will allow you to enjoy a
More informationCost Control Systems. Conclusion. Is the District Using the Cost Control Systems Best Practices? Internal Auditing. Financial Auditing
12 Cost Control Systems The district generally has effective cost control systems, but has room to improve. Improvements could be made in internal auditing, asset management, financial management, purchasing,
More informationElectronic invoicing (e-invoicing)
www.pwc.ch Electronic invoicing (e-invoicing) A guide for organisations and institutions Electronic invoicing (e-invoicing) 1 What s it all about? This is a guide to help people who manage organisations
More informationOpenBank - banking platform for e-money management based on blockchain technology (version 0.2)
OpenBank - banking platform for e-money management based on blockchain technology (version 0.2) Dr. Pavel Kravchenko, Sergiy Vasilchuk, Bohdan Skriabin Abstract Traditional banking technology has multiple
More informationLink download full: Solution Manual for Accounting Information Systems 10th Edition by Bodnar http://testbankcollection.com/download/solution-manual-for-accountinginformation-systems-10th-edition-by-bodnar
More informationUniWeb. Our electronic banking services system available directly on the Internet
UniWeb Our electronic banking services system available directly on the Internet Contents 1. WHAT IS UNIWEB 2. SECURITY FEATURES 3. COMMERCIAL SOLUTIONS 3.1. Available operations 3.2. Benefits for the
More informationU.S. FDA TiTle 21 CFR PART 11 ComPliAnCe ASSeSSmenT of SAP ReCiPe management
U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Recipe Management Copyright 2007 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for
More informationChapter 1 The Demand for an Auditing and Assurance Profession
Chapter 1: The Demand for an Auditing and Assurance Profession Chapter 1 The Demand for an Auditing and Assurance Profession Audit Challenge 1-1: Assessing Privacy Practices 1. Hospital data could be obtained
More informationP12-1 ANS. a. Table of Entities and Activities for Internet Payment Platform (Purchasing and Receiving Processes)
Accounting Information Systems, 7e 1 on pg. 12-4) P12-1 ANS. a. Table of Entities and Activities for Internet Payment Platform (Purchasing and Receiving Processes) Entities Para Activities Contracting
More informationOracle ERP Cloud Period Close Procedures
Oracle ERP Cloud Period Close Procedures Release 13 O R A C L E W H I T E P A P E R A U G U S T 2 0 1 7 Table of Contents Introduction 8 Chapter 1 Period Close Dependencies 9 Chapter 2 Subledger Accounting
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 15, 2016 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationDirektur Komunikasi & Sistem Informasi I
E-Commerce Prof. Ir. Kudang B. Seminar, MSc, PhD Direktur Komunikasi & Sistem Informasi I Electronic Commerce Electronic Commerce: Buying and selling of information, products, and services via computer
More informationPROPOSAL OUTLINE PRIVACY IMPACT ASSESSMENT
PROPOSAL OUTLINE PRIVACY IMPACT ASSESSMENT 1. Introduction A great deal of confusion surrounds the application of the Personal Information and Electronic Documents Act (PIPEDA) and the various provincial
More informationPAYMENT CARD INDUSTRY DATA SECURITY STANDARD SELF-ASSESSMENT QUESTIONNAIRE (SAQ) A GUIDE
PAYMENT CARD INDUSTRY DATA SECURITY STANDARD SELF-ASSESSMENT QUESTIONNAIRE (SAQ) A GUIDE Last Reviewed: December 13, 2017 Last Updated: December 19, 2017 PCI DSS Version: v3.2, rev 1.1 Prepared for: The
More informationHuman Resources Policy Title: Form I-9 (Employment Eligibility) Policy Effective: June 1, 2017
Human Resources Policy Title: Form I-9 (Employment Eligibility) Policy Effective: June 1, 2017 PURPOSE: In compliance with the Immigration Reform and Control Act of 1986 ( IRCA ) and any other applicable
More informationINTERNATIONAL STANDARD ON AUDITING 210 TERMS OF AUDIT ENGAGEMENTS CONTENTS
INTERNATIONAL STANDARD ON AUDITING 210 TERMS OF AUDIT ENGAGEMENTS (Effective for audits of financial statements for periods beginning on or after December 15, 2006. Appendix 2 contains conforming amendments
More informationU.S. FDA TiTle 21 CFR PART 11 ComPliAnCe ASSeSSmenT of SAP SRm
U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP SRM Disclaimer These materials are subject to change without notice. SAP AG s compliance analysis with respect to SAP software performance based
More informationOrganization Conflict of Interest (OCI) Company Process
(ISO 9001:2008) ISO 9001:2008 Organization Conflict of Interest (OCI) Company Process 1.0 Introduction New proposal opportunities will be reviewed against the MCL by the Director of Federal Services as
More informationand Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment
IFACIAAS Board IAASB Main Agenda (April 2013) Agenda Iten 5-D Final Pronouncement March 2012 International Standard on Auditing ISA 315 (Revised), Identifying and Assessing the Risks of Material Misstatement
More informationYear-End Close Checklists
Sage Master Builder Year-End Close Checklists Calendar-year, Fiscal-year, Combined NOTICE This document and the Sage Master Builder software may be used only in accordance with the accompanying Sage Master
More informationUsers and prospective users have certain common requirements from a new system:
Overview Summit 2000 is the synthesis of over two decades experience of construction and contracting requirements. Running in a Client/Server* environment the system allows a very flexible approach to
More informationESSENTIAL SKILLS PROFILE SENIOR CLERK TYPIST
ESSENTIAL SKILLS PROFILE SENIOR CLERK TYPIST WWW.GAMINGCENTREOFEXCELLENCE.CA TABLE OF CONTENTS Essential Skills are the skills people need for work, learning and life. Human Resources and Skills Development
More information