System Integrity and Validation
In the past months, Jarowito Company has analyzed carefully Kudler Fine Foods accounting information system. It has explored the key business and the accounting information needed. It has analyzed strength and weaknesses of the systems and technology, suggesting some technology opportunities. It has evaluated the possible threats, suggesting how to avoid them. It has recommended the use of industry-specific software. It has examined the automation of the company’s data table through its elements and it has explained how the use of pivot tables can improve management decision-making. It has scrutinized the internal controls and it has suggested the implementation to achieve corporate governance. It has also analyzed the process of the audit plan that Kudler should follow. Finally, Jarowito will recommend ways the audit documentation and process may improve the security and validation of their current system by using computer technology techniques called CAATS.
Computer assisted audit tools and techniques (CAATS) are software’s that increase the productivity of auditors during an audit, the software’s can extract data from the system that has to be analyzed. CAATS are also techniques that increase the efficiency and effectiveness of the function of the auditors (Bagranoff, 2008). CAATS can be use for the following purposes to validate the integrity of applications and validate the integrity of data. 1. Validate application integrity:
As per Bagranoff, the objective of application integrity is to determine if the source code has been compromised.” The application can be validated through test data, integrated test facilities, and parallel simulation.
Test Data: the auditor creates a dummy data file in the system, runs all the reports needed and compares them with the expected results. Test decks are examples to test application logic and processing. The method depends on the auditors’ anticipating and capturing all possible deviations and exceptions. The step is very hard because even the most experienced auditor may miss some information. The process does not allow a live data analysis.
Integrated test facilities (ITF): this type of analysis allows the auditor to test the data live. The auditor still creates a dummy file that merges with the original file and compares results with expected results. It will also analyze the process for any corruption.
Parallel Simulation: it reproduces a module or a whole application. Client’s transactions are put into the system created by the auditor and compared to the expected output. If any discrepancies appear, they are flagged for further investigations. 2. Validate data integrity:
The goal is to uncover any anomalies in the data either intentionally or unintentionally. Integrity of data refers to a quality which demonstrates that the data once stored will not be altered in an unauthorized way by a person, or by the malfunctioning of hardware (Wiki.answer, 2011). Therefore, testing should be performed on a regular basis because data changes over time.
The first step is for auditors to extract and analyze large amount of data and test it. They can either import the data into ACL or any other similar software. The ACL is a read-only program so it does not affect the underline exported data. The import can be achieved in different ways, it can be copy into a zip disk, CD-ROMS, and tape; it depends on the size of the data to be imported. The next step is to perform the data verification procedures which can be counting, totaling, verifying, classifying, and stratifying. The software retains all the result and through different commands the auditor can print the different logs to ensure...