a i s class 11 outline
play

A.I.S. Class 11: Outline I Learning Objectives for Chapter 10 I - PowerPoint PPT Presentation

Jan 18, 2023 •258 likes •605 views

A.I.S. Class 11: Outline I Learning Objectives for Chapter 10 I Controls I Misstatements I Internal Control Structure I Control Objectives and Audit Objectives I COBIT I Events and Event Risks I Group Work for Chapter 10 I Mid-term Examination Dr.

  1. A.I.S. Class 11: Outline I Learning Objectives for Chapter 10 I Controls I Misstatements I Internal Control Structure I Control Objectives and Audit Objectives I COBIT I Events and Event Risks I Group Work for Chapter 10 I Mid-term Examination Dr. Peter R Gillett October 12, 2005 1

  2. Learning Objectives for Chapter 10 I After studying this chapter you should be able to: N provide a definition of controls N explain the concepts of exposure and reasonable assurance as they relate to controls N explain the difference between preventive, detective, and corrective controls N describe and discuss a number of risks that could be found in computer based systems N discuss the essence of Sarbanes-Oxley and its impact on internal controls N discuss Statement on Auditing Standards (SAS) No. 55 and 78 and their implications for controls in information systems N provide a basic distinction between general and application controls as categories of controls Dr. Peter R Gillett October 12, 2005 2

  3. Learning Objectives for Chapter 10 N describe general control procedures for database oriented systems environments N describe application controls that can be incorporated into a database AIS N indicate some control procedures that can be instituted only in on line database systems N explain how entity integrity and referential integrity contribute to better control in a database AIS N explain the hierarchical nature of the relationship between the control environment, the accounting system, general and application control procedures N briefly describe the COBIT control framework released by the Information Systems Audit and Control Association Dr. Peter R Gillett October 12, 2005 3

  4. Controls I Controls are mechanisms to prevent or detect errors and irregularities I Risk is the likelihood that an information system will experience errors or irregularities I Exposure is the amount of loss that could occur if a risk is realized I Controls are designed to provide reasonable assurance that data are error free Dr. Peter R Gillett October 12, 2005 4

  5. Controls I Preventive v. detective � Corrective procedures N are corrective N but are not really controls I Manual v. programmed I General v. application I Compensating controls � Controls in one place remediate absence of controls in others I Key controls � Subset of controls on which auditors plan to rely Dr. Peter R Gillett October 12, 2005 5

  6. Misstatements I Errors � unintentional mistakes I Irregularities � intentional alteration or misstatement of data I Fraud (defalcation) I Management fraud Dr. Peter R Gillett October 12, 2005 6

  7. Exposures and Risks I Exposures may arise from N Erroneous record keeping N Unacceptable accounting N Business interruption N Erroneous management decisions N Fraud and embezzlement N Statutory sanctions N Excessive costs N Loss or destruction of assets N Competitive disadvantage Dr. Peter R Gillett October 12, 2005 7

  8. Exposures and Risks I Risks N Errors in data N Irregularities in data N Loss of data N Natural disasters N Computer crime Dr. Peter R Gillett October 12, 2005 8

  9. Internal Controls and Sarbanes-Oxley I Sarbanes-Oxley Act 2002 � In response to Enron, World-Com, etc. I Created Public Company Accounting Oversight Board (PCAOB) � Overseen by SEC I Previously, Statements of Auditing Standards (SAS) published by the AICPA’s Auditing Standards Board I Now, PCAOB has the right to adopt, amend, modify, repeal or reject auditing standards Dr. Peter R Gillett October 12, 2005 9

  10. Internal Controls and Sarbanes-Oxley I Title I � PCAOB regulates audits and auditors of public companies I Title II � Auditor independence provisions and audit committees I Title III � New responsibilities regarding financial reporting I Title IV � New disclosures Dr. Peter R Gillett October 12, 2005 10

  11. Internal Controls and Sarbanes-Oxley I In April 2003, PCAOB asserted authority over auditing standards I Existing standards were “grandfathered” until they can be replaced I Four new standards have been issued so far I Auditing Standard No 2: � An Audit of Internal Control Over Financial Reporting Conducted in Conjunction With An Audit of Financial Statements Dr. Peter R Gillett October 12, 2005 11

  12. Internal Controls and Sarbanes-Oxley I Sarbanes-Oxley Act Section 404 � Management responsible for N Establishing and maintaining adequate internal controls over financial reporting N Assessment of the effectiveness of controls N Documenting and testing internal controls over financial reporting and reporting their conclusions to the auditor � Auditors must attest and report on management’s assertions regarding internal controls N This significantly extends the amount of work that would previously have been required Dr. Peter R Gillett October 12, 2005 12

  13. Internal Controls and Sarbanes-Oxley I Sarbanes-Oxley Act Section 404 � Last year, compliance for the first time was a huge expense for public companies and a huge logistical problem for auditor firms who were struggling to meet the demand � Soon even more (smaller) companies will be subject to Section 404! � Last year 11% of public companies capitalized at over $75M disclosed control deficiencies � This represented 6-8% of firms audited by Big 4 and 15% of firms audited by Grant Thornton and BDO Dr. Peter R Gillett October 12, 2005 13

  14. Internal Controls and Sarbanes-Oxley I Under the Act, COSO has been adopted by the SEC as the acceptable internal control framework I COSO is already incorporated into existing auditing standards (SAS 55, etc.) I Auditing of controls at Public Companies now ruled by Auditing Standard No 2 Dr. Peter R Gillett October 12, 2005 14

  15. General Systems Model I Every system has � Inputs � Processes � Outputs � Boundary � Environment I Control systems � Sensors � Standards � Control comparisons � Activating units Dr. Peter R Gillett October 12, 2005 15

  16. Internal Control Structure I SAS 55, COSO, SAS 78, SAS 94 � Internal Control is a process effected by an entity’s board of directors, and other personnel, that is designed to provide reasonable assurance regarding the achievement of objectives in the following categories: N effectiveness and efficiency of operations N reliability of financial reporting N compliance with applicable laws and regulations Dr. Peter R Gillett October 12, 2005 16

  17. Internal Control Structure I SAS 55, COSO, SAS 78 � Control Environment � Management’s Risk Assessment � Information System and Communication � Control Activities � Monitoring Dr. Peter R Gillett October 12, 2005 17

  18. Control Environment I Integrity and ethical values I Commitment to competence I Board of directors or audit committee I Management’s philosophy and operating style I Organizational structure I Assignment of authority and responsibility I Human resource policies and practices Dr. Peter R Gillett October 12, 2005 18

  19. Management’s Risk Assessment I Risk assessment for financial reporting is the identification, analysis, and management of risks relevant to the preparation of financial statements that are fairly presented in conformity with GAAP Dr. Peter R Gillett October 12, 2005 19

  20. Risk Assessment I Risks may arise from N Changes in the operating environment N New personnel N New or revamped information systems N Rapid growth N New technology N New lines, products or activities N Corporate restructuring N Foreign operations N Accounting pronouncements Dr. Peter R Gillett October 12, 2005 20

  21. Information System I Procedures aimed at identifying, assembling, analyzing, classifying recording and reporting an entity’s transactions I Maintain accountability for the related assets and liabilities Dr. Peter R Gillett October 12, 2005 21

  22. Control Activities I Policies and guidelines that management has established to provide reasonable assurance that specific entity objectives will be met � Adequate separation of duties � Proper authorization of transactions � Adequate documents and records � Physical control over assets and records � Independent checks on performance Dr. Peter R Gillett October 12, 2005 22

  23. Control Activities I General control procedures � Organizational controls � Systems development and amendment � Hardware and systems software controls � Security and access controls � Operations controls � Data backup and recovery Dr. Peter R Gillett October 12, 2005 23

  24. Control Activities I Application control procedures � Input controls N field tests N range tests N length tests N validity tests N valid combinations tests N closed loop verification N completeness tests N prompting N system generated data N entity integrity N referential integrity Dr. Peter R Gillett October 12, 2005 24

  25. Control Activities I Application control procedures � Processing controls N internal label tests N sequence checks N control total verification � Output controls � User control procedures Dr. Peter R Gillett October 12, 2005 25

  26. Control Objectives I Completeness � All transactions that occurred are entered and accepted for processing I Accuracy � All transactions are recorded N at the correct amount N in the proper account N in the proper period I Validity � All recorded transactions N actually occurred N relate to the company N were approved / authorized I Restricted Access � Data is protected against unauthorized amendments Dr. Peter R Gillett October 12, 2005 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

UML Class Diagrams Steven Zeil February 25, 2013 UML Class Diagrams Outline Class

UML Class Diagrams Steven Zeil February 25, 2013 UML Class Diagrams Outline Class

UML Class Diagrams UML Class Diagrams Steven Zeil February 25, 2013 UML Class Diagrams Outline Class Diagrams 1 A Class, in Isolation 2 Attributes Operations Generalization Relationships 3 Associations 4 Naming Your

948 views • 68 slides
Outline Introduction CS 239 Subject of class Advanced Topics in Network Class topics

Outline Introduction CS 239 Subject of class Advanced Topics in Network Class topics

Outline Introduction CS 239 Subject of class Advanced Topics in Network Class topics and organization Security Reading material Class web page Peter Reiher Grading April 3, 2006 Projects Office hours Lecture

442 views • 8 slides
Chapter 4 Mathematical Functions, Characters, and Strings 1 Outline 1. Java Class Library 2.

Chapter 4 Mathematical Functions, Characters, and Strings 1 Outline 1. Java Class Library 2.

Chapter 4 Mathematical Functions, Characters, and Strings 1 Outline 1. Java Class Library 2. Class Math Character Data Type 3. 4. Class String printf Statement 5. 2 1. Java Class Library A class library is a collection of classes

739 views • 47 slides
Class 3: Advanced techniques Class Outline 3.1 Operators (define, uses) and filtering on

Class 3: Advanced techniques Class Outline 3.1 Operators (define, uses) and filtering on

Class 3: Advanced techniques Class Outline 3.1 Operators (define, uses) and filtering on properties (site:) 3.2 The filetype: operator 3.3 Removing invasive results with the minus (-) operator 3.4 OR operator and quoted text 3.5 The

328 views • 4 slides
Outline Class Survey IT360: Applied Database Systems Why Databases (DB)? This Class?

Outline Class Survey IT360: Applied Database Systems Why Databases (DB)? This Class?

Outline Class Survey IT360: Applied Database Systems Why Databases (DB)? This Class? Admin Dr. Cr iniceanu Entity-Relationship Model www.cs.usna.edu/~adina/teaching/it360/ spring2009 Database Systems ICE: The Mid Store

590 views • 4 slides
Class 4: Finding facts faster Class Outline 4.1 Search-by-image 4.2 Search features 4.3

Class 4: Finding facts faster Class Outline 4.1 Search-by-image 4.2 Search features 4.3

Class 4: Finding facts faster Class Outline 4.1 Search-by-image 4.2 Search features 4.3 Conversions and calculator 4.4 Left-hand panel and date range limiting 4.5 Foreign pages and "translate" * Lesson 4.1 : Search-by-image

408 views • 5 slides
Outline Class Survey IT420: Database Management and Organization Why Databases (DB)?

Outline Class Survey IT420: Database Management and Organization Why Databases (DB)?

Outline Class Survey IT420: Database Management and Organization Why Databases (DB)? A Problem DB Benefits In This Class? Dr. Cr iniceanu Admin Capt. Balazs Syllabus

386 views • 9 slides
? Class Outline 5.1 Credibility 5.2 Variant data 5.3 Use quotes to verify a quote 5.4 Using

? Class Outline 5.1 Credibility 5.2 Variant data 5.3 Use quotes to verify a quote 5.4 Using

Class 5: Checking your facts ? Class Outline 5.1 Credibility 5.2 Variant data 5.3 Use quotes to verify a quote 5.4 Using WHOIS 5.5 Occasional misconceptions Lesson 5.1: Credibility Understanding rankingits not the same as

212 views • 5 slides
Lecture 6 Log into Linux Does everyone have the in-class exercise from last class

Lecture 6 Log into Linux Does everyone have the in-class exercise from last class

Lecture 6 Log into Linux Does everyone have the in-class exercise from last class (factal.cpp)? Questions? Questions about Homework 3? Monday, September 6 CS 215 Fundamentals of Programming II - Lecture 6 1 Outline Recursive

201 views • 17 slides
Electing Your Membership Class Class TG, Class TH, or Class DC As a school employee who

Electing Your Membership Class Class TG, Class TH, or Class DC As a school employee who

Electing Your Membership Class Class TG, Class TH, or Class DC As a school employee who first became an active member of PSERS on or after July 1, 2019, you are automatically enrolled as a Class TG member. Class TG is a hybrid of both

538 views • 17 slides
Outline IC220 Computer Architecture and Class Survey / Role Call Organization What is:

Outline IC220 Computer Architecture and Class Survey / Role Call Organization What is:

Outline IC220 Computer Architecture and Class Survey / Role Call Organization What is: - a computer? Spring 2011 - computer architecture? Asst. Prof. Luke McDowell - this class? Course Admin Capt Sean Forester, USMC

475 views • 5 slides
Outline IC220 Computer Architecture and Class Survey / Role Call Organization What is:

Outline IC220 Computer Architecture and Class Survey / Role Call Organization What is:

Outline IC220 Computer Architecture and Class Survey / Role Call Organization What is: - a computer? Spring 2017 - computer architecture? Prof. Luke McDowell - this class? Course Admin Capt Erik Rye, USMC Policy Letter

663 views • 4 slides
Presentation Class Lesson 1 Lesson Preview: I. Presentation Class a. Overview & Purpose b.

Presentation Class Lesson 1 Lesson Preview: I. Presentation Class a. Overview & Purpose b.

Presentation Class Lesson 1- Page 1 Presentation Class Lesson 1 Lesson Preview: I. Presentation Class a. Overview & Purpose b. General 6 Week Outline c. Final Presentation-Parts to Include II. Compare & Contrast a. Definition b.

474 views • 12 slides
Web Browser Privacy & Security Fan Du CMSC 818D Class Presentation 4/16/2015 1 Outline

Web Browser Privacy & Security Fan Du CMSC 818D Class Presentation 4/16/2015 1 Outline

Web Browser Privacy & Security Fan Du CMSC 818D Class Presentation 4/16/2015 1 Outline Q1: How to Prevent Web Tracking ? Q2: How to Opt Out Online Behavioral Advertising ? Q3: How to Design Phishing Websites ? 2 Outline

555 views • 51 slides
Outline SI232 Introduction to Computer Class Survey / Role Call Architecture What is:

Outline SI232 Introduction to Computer Class Survey / Role Call Architecture What is:

Outline SI232 Introduction to Computer Class Survey / Role Call Architecture What is: - a computer? - computer architecture? Spring 2006 - this class? Asst. Prof. Luke McDowell Course Admin

491 views • 4 slides
Class 2: Model-Free Prediction Sutton and Barto, Chapters 5 and 6 David Silver 295, class 2 1

Class 2: Model-Free Prediction Sutton and Barto, Chapters 5 and 6 David Silver 295, class 2 1

Class 2: Model-Free Prediction Sutton and Barto, Chapters 5 and 6 David Silver 295, class 2 1 Lecture 1: Introduction to Reinforcement Learning Course Outline, Silver Course Outline Part I: Elementary Reinforcement Learning 1 Introduction

1.12k views • 77 slides
A.I.S. Class 15: Outline I Questions relating to REA I Learning Objectives for Chapter 10 I

A.I.S. Class 15: Outline I Questions relating to REA I Learning Objectives for Chapter 10 I

A.I.S. Class 15: Outline I Questions relating to REA I Learning Objectives for Chapter 10 I Controls I Misstatements I Internal Control Structure I Control Objectives and Audit Objectives I COBIT I Group Work for Chapter 10 Dr. Peter R Gillett

486 views • 27 slides
Forensic Accounting Introduction and basic concepts Glossary Accounting: The bookkeeping

Forensic Accounting Introduction and basic concepts Glossary Accounting: The bookkeeping

Forensic Accounting Introduction and basic concepts Glossary Accounting: The bookkeeping methods involved in making a financial record of business transactions and in the preparation of statements concerning the assets, liabilities, and

588 views • 19 slides
Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 5 team sign-up deadline Thursday

Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 5 team sign-up deadline Thursday

Principles of Software Construction: Objects, Design, and Concurrency Software engineering in practice Teams, branch-based development, and workflows Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 5 team sign-up deadline

790 views • 43 slides
Internet Governance in February 2017 28 February 2017 Main events in February 2-3, 6-8 Feb: ITU

Internet Governance in February 2017 28 February 2017 Main events in February 2-3, 6-8 Feb: ITU

Internet Governance in February 2017 28 February 2017 Main events in February 2-3, 6-8 Feb: ITU Meetings: CWG-Child Online Protection, CWG-Internet, CWG-WSIS (Geneva) 6-8 Feb: NANOG 69 (Washington) 7 Feb: Safer Internet Day

352 views • 12 slides
Strategic Inference with a Single Private Sample Erik Miehling, Roy Dong, Cdric Langbort, and

Strategic Inference with a Single Private Sample Erik Miehling, Roy Dong, Cdric Langbort, and

Strategic Inference with a Single Private Sample Erik Miehling, Roy Dong, Cdric Langbort, and Tamer Ba ar CDC 2019 December 11, 2019 General Setting learning phase game We are interested in se tu ings of strategic interaction where one or

382 views • 20 slides
Game-Theoretic Approach to Security Problems Antonn Ku cera ech Joint work with Tom

Game-Theoretic Approach to Security Problems Antonn Ku cera ech Joint work with Tom

Game-Theoretic Approach to Security Problems Antonn Ku cera ech Joint work with Tom Brzdil, David Klaka, Tom Lamser, and Vojt Rehk (IJCAI 2018, AAMAS 2018) Brno, September 2018 Antonn Ku cera (FI MU Brno)

383 views • 16 slides
A Game-Theoretic Approach to Network Security Mohammad Pirani and Henrik Sandberg Department of

A Game-Theoretic Approach to Network Security Mohammad Pirani and Henrik Sandberg Department of

A Game-Theoretic Approach to Network Security Mohammad Pirani and Henrik Sandberg Department of Automatic Control KTH Royal Institute of Technology Outline Defense mechanisms in cyber physical systems security Game-theoretic

489 views • 24 slides
QUARTERLY REPORT #10 AUGUST 2018 CONTENTS HOMELESS INITIATIVE: INTRODUCTION 3 HOMELESSNESS IN

QUARTERLY REPORT #10 AUGUST 2018 CONTENTS HOMELESS INITIATIVE: INTRODUCTION 3 HOMELESSNESS IN

QUARTERLY REPORT #10 AUGUST 2018 CONTENTS HOMELESS INITIATIVE: INTRODUCTION 3 HOMELESSNESS IN LOS ANGELES COUNTY 4 HOMELESS INITIATIVE IMPLEMENTATION 5 HIGHLIGHTS 5 SUCCESS STORIES 9 PUBLIC ACCOUNTABILITY 16 PERFORMANCE DATA &

765 views • 29 slides

More recommend