Unit 06: Acct 8630 Information Systems Assurance updated 9/25/07

Syllabus 01
 02
 03
 04
 		05 06 07 08 09 uLearn
Learning objective
Activity
Resources & links
In class Tuesday September 25
  1. Represent business processes as a means to understand business situations sufficient to:
    1. Develop assurance objectives for risks of financial accounting systems
  2. Design assurance procedures

Eticket audit program

  1. Distinguish between the meanings of different management assertions on financial statements, comparing the standards language with the succinctness of Krishnan et al. (2005):
    1. existence
    2. completeness
    3. rights/obligations
    4. valuation
    5. presentation/disclosure

  2. Why can't an auditor obtain absolute assurance that financial statements contain no material misstatements for management assertions?

  3. Based on the eticket situation:
    1. Risks
      1. What risks do etickets engender that are absent with paper tickets?
      2. What risks do etickets avoid that paper tickets engender?
    2. How can an auditor use entity and referential integrity to give assurance about financial statement assertions?

  4. Controls for existence:
    1. How do you recognize them? E.g.,
      1. Identify the requirements for a transaction to be valid
      2. Find controls that enforce the requirements for valid transactions
      3. For parallel processes, look for analogous controls in each process
    2. What is their "coverage capability" (set of errors a control is able to eliminate)?
    3. What is their "span" (set of flows for which a control can prevent or detect its error classes)?

  5. Controls for existence of eticket revenue:
    1. What are they?
    2. What do they achieve for financial reporting?
    3. How would you test them?
    4. What substantive tests are needed for existence?
  1. Eticket situation
  2. Auditing standards:
    1. Pre-SOX: AU326
    2. Post-SOX:
      1. SAS 106
      2. AS 5
  3. Krishnan et al. 2005. On data reliability assessment in accounting information systems. Information Systems Research 16(3): 307-326

  4. Eticket BPD fragments for debugging:
    1. Create reservation

 

 

Before the next class
  1. Represent business processes as a means to understand business situations sufficient to:
    1. Develop assurance objectives for risks of financial accounting systems
  2. Design assurance procedures

Eticket audit program

  1. Develop and publish the eticket audit program by completing the audit program
    1. Name the file 07-eticketAuditProgram.htm
    2. Verify that your audit program can be viewed through the link on the learning progress page

  2. What have you learned in the course of completing the eticket audit program that would be valuable in subsequent audit and analysis situations?

  3. Examine other students' eticket audit programs. What surprises you about them?
  1. Eticket:
    1. Situation
    2. Audit program for existence
  2. Auditing standards:
    1. Pre-SOX: AU326
    2. Post-SOX:
      1. SAS 106
      2. AS 5
  3. Krishnan et al. 2005. On data reliability assessment in accounting information systems. Information Systems Research 16(3): 307-326

 

 

Design assurance procedures
  1. Characterize analytical procedures
  2. Distinguish analytical procedures from other audit techniques
  3. Recognize situations for which analytical procedures are appropriate or necessary

Analytical procedures

Think through responses to the following questions:

    1. What are analytical procedures as defined in AU329?
    2. Why are analytical procedures necessary and what do they accomplish?
    3. What are applications of analytical procedures like? What do these applications have in common? What's different about them?
    4. For which financial statement assertions are analytical procedures potentially relevant? How?
    5. What role might analytical procedures have with respect to the Sarbanes-Oxley Act of 2002 (SOX)?
    6. Were there analytical procedures in the eticket audit program?

Analytical procedures:

  1. Auditing Standard AU329
  2. Applications

 
  1. Develop assurance objectives for risks of information systems.
  2. Design assurance procedures.
  3. Implement assurance procedures with software tools.
  4. Communicate assurance results.

Prepare questions about the Threadchic case. To get you started, here are some aspects to think about:

  1. What does the case ask you to do?
  2. How do due dilgence engagements differ from audits of financial statements?
  3. What do you need to learn in order to complete the case?
  4. How would you decide what audit objectives are needed?

Threadchic

Assertion-based auditing standards:

  1. Pre-SOX: AU326
  2. Post-SOX:
    1. SAS 106
    2. AS 5

Analytical procedures:

  1. Auditing Standard AU329
  2. Applications
Syllabus 01
 02
 03
 04
 		05 06 07 08 09 uLearn
Copyright © 2001-2007 A. Faye Borthick, Atlanta, Georgia, USA. All rights reserved.