- This topic has 1 reply, 2 voices, and was last updated 12 years ago by
.
- Posts
The BPP text on top of page 107 states that it is not possible to obtain sufficient appropriate audit evidence from substantive procedures alone IN AN EXTENSIVE IT SYSTEM due to lack of documentation of transactions.
Why is this so?
For example, can’t one vouch the sales revenue figure back to the initial entries within the electronic sales account in the GL or is it that one can only vouch back to paper trails for the vouching procedure to have any kind of assurance?Nice question!
Actually auditors used to audit “around” computers ie.confirm input (source documents) with what comes out after processing.
As information systems became more computerised through data source automation etc. audit trails were lost in transaction processing. Auditors started to look more at a controls approach rather than a transactions(substantive) approach and CAATs were born.
If controls are strong, auditors rely on the system’s “source code” and processes while limiting the need for complex and detailed substantive testing.
Your example above illustrates this nicely as any figure vouched will only be reliable when the controls over input, processing and output are working effectively.Hope this helps
- You must be logged in to reply to this topic.