IT System and Audit Risk
Audit risk has a direct co-relation with IT system in an organisation. Whenever organisation is planning and implementing new IT system or upgrading the present one, control risk will increase on account of change in flow of activities. Following are the possible scenario where IT system needs improvement or an implementation of a new or revise version of the present system.
- In case of merger
- In case of expansion by issue of equity shares
- In case of expansion in foreign subsidiaries
- In NFPO( Not For Profit Organisation), where present system is a manual one or needs upgrade due to problems in the existing system
- In case of old and out dated present IT system
In all above situation, control risk will increase and as such audit risk will decrease. Auditor will require collecting more evidences with substantive testing.
Audit and IT Environment
Due diligence and care is required while performing an audit with IT environment in an organisation. All accounting transactions are processed now a day through computer program and as such it will be difficult for the auditor to track and verify the accuracy. Auditor can do audit around the computer and audit within the computer through certain techniques. He can verify input record and output records, can do analysis, perform reasonability check and or do computation on calculators. He can verify management policies and procedures. He can also check programing by entering sample transaction in his own software to ensure accuracy and reliability of financial data.
