Auditing is described as the independent examination of and expression of an opinion on the financial statements of an enterprise by an appointed auditor in pursuance of that appointment and in compliance with any relevant statutory obligation. Thus auditing of information systems can be defined as independent examination of and expression of an opinion on the development, documentation and controls of information systems of an enterprise by an appointed auditor in pursuance of that appointment and in compliance with any relevant company requirement. The purpose of an audit is not to provide additional information but rather it is intended to provide the users of the systems with assurance that the information provided/presented to them is reliable.
The word ‘audit’ when used in this context will mean the independent investigation into the quality of an enterprise computer system
The need for an audit
Today most businesses are computerized and there is need for assuarance that the systems are efficient and secure for the company there exists the risk that the computer systems maintained and the output (eg financial statements) prepared by the users might not be accurate, free from bias and reflect the true position and performance of the company. The auditor carries out this independent examination. Type of audit
Auditing of information systems requires an examination of procedures or records for reliability and accuracy. At the end the auditor can add new ones, modify existing ones or scrap old ones. Attention is paid mainly to:
a.Company internal control system.
b.Laid down guidelines and procedures.
c.As changes made without auditors’ knowledge.
d.Records of the company.
1.Reveals any inefficient procedures.
2.Identifies strengths and weaknesses in the internal control system.
3.Creates harmony and co-ordination of company decision making process.
4.Identifies any bureaucracies
Objectives of an audit
The primary objective of an audit of information systems is to enable the auditor to express an opinion whether the computer system are prepared, in all material respects, in accordance with an identified company framework. (company requirement). The auditor expresses an opinion as to whether the of information systems give a true and fair view of the computer system and performance of the company.
a) To give credibility to the computer system. This arises from the fact that the system have been subject to an examination by an independent person. b) An audit may assist in the prevention and detection of errors and frauds. c) The auditor’s experience will enable him to make recommendations on ways of improving the computer system and the company internal control system.
The auditor only expresses an opinion on the of information systems. He does not certify them as being correct.
Benefits of an audit to a public limited company
a. An audit protects the interests of the shareholders who are separated from the management of the company. This is especially the case for minority shareholders who have little say in the management of their company. b. An audit being an independent examination of the financial statements gives credibility to the financial statements. The various users can therefore place reliance on them. c. The auditors experience will enable him to make recommendations on ways of improving the accounting and the internal control system. d. An audit assists in the prevention and detection of errors and frauds through the moral and deterrent effect. STAGES OF AN AUDIT
In carrying out an audit the following are the main stages. However, note that the steps followed will vary from client to client and from auditor to auditor.
* Determining the scope of the audit work. For statutory audits the scope is clearly laid out in the provisions of the Companies...