Impact of Computerization on Audit Approach - Audit report, Auditing & Secretarial practice | Auditing and Secretarial Practice - B Com PDF Download

Scope of Audit in CIS Environment / Impact of CIS on Auditing

The use of CIS in various organisations has caused drastic impact on audit approaches, techniques, risk involved and internal control methods. Following factors (risks) must be given due consideration while framing an audit plan for an organisation:

1. High speed and Automatic initiation/execution of transactions: In CIS environment, transactions are processed instantly. Once the transaction is fed into the system, it might get executed automatically without requiring for authorisation of the same. Similarly, reports (even complex one’s also) can be generated at a very high speed and can be viewed by multiple users at a time. Thus giving rise to many security issues.
2. Uniform processing of transaction, hence low clerical error: While feeding input, processing transactions and generating outputs, computer system performs multiple checks on data at each at each point of time. Moreover, the processing of transaction is in a uniform manner. Hence the clerical errors generated are minimised. However, there is a shift of errors from human generated errors towards system generated errors.

1. Unintentional or system generated errors: As discussed earlier, there is a shift in nature of errors from human generated to system generated. Errors occur due to lack of experienced personnel. And errors are mainly related to development, maintenance and execution of CIS.
2. Inexperienced personnel: Now-a-days, the technological advancement is occurring at a very fast pace. It has created a deficit of expertized staff to understand the current technology, both at client end as well as auditor end.
3. Concentration of duties: Under CIS environment, more than one kind of task/function can be performed by an individual. This leads to difficulty in segregation of duties among individual. Consequently, it gives rise to a number of security issues also.
4. Lack of audit trail: In computerised system, the processing of a transaction takes place instantly. This leads to loss of audit trail. Thus, auditor needs to apply some alternate procedure to compensate the loss of audit trial.
5. Auditor’s participation in SDLC and dependence on other (manual) controls: We know that there is a constraint of audit trail in CIS environment. Thus, a computerised information system lacks manual reasonableness. An information system of an organisation can only be effective if it has reasonable level of audit facilities integrated into it. Hence participation of auditor is highly important in SDLC. Moreover, auditor may use certain manual methods also while performing the audit.
6. Internal Control Environment & management supervision: The success of CIS highly depends upon the involvement of management in development and maintenance of CIS. Under CIS environment, the risk of fraud & error is relatively high. Thus higher management supervision and better internal control environment is required.
7. Use of CAAT: The audit under CIS environment cannot be carried by traditional (manual) approaches, effectively. Since the processing of transaction in CIS environment is fast and complicated, the audit must be carried out using computer assisted audit techniques (CAAT). This requires a reasonably good amount of IT skills on part of the auditors.