Page 229 - CA Final Audit Titanium Full Book. (With Cover Pages)
P. 229
CA Ravi Taori
- Standardize repeatable tasks and optimize efforts.
- Techniques include robotics for data gathering, data analytics for planning and budgeting, and dashboard
reporting.
Examples of Automation.
(Shortcut: Manage Business with Robots & Intelligence)
• Macros and Scripts: Rules-based automation within a specific application
• Business Process Automation (BPA): Reengineering existing business processes e.g. workflows.
• Robotic Process Automation (RPA): Automating labour-intensive, repetitive activities across multiple
systems and interfaces.
• Intelligent Process Automation (IPA): Combining RPA with artificial intelligence technologies to identify
patterns, learn over time, and optimize workflows.
(CNO DAA.080) Understand The IT Environment
Understanding the IT setup and its significance to the business helps auditors identify potential IT-related risks.
Understanding How IT is Used: Knowing the entity's IT usage aids in pinpointing controls over IT processes
and grasping the technological landscape.
Assessing the Complexity: Evaluating the IT environment's intricacy determines the need for IT specialists
during the audit.
Involving IT Specialists: Deciding early on whether specialists are needed ensures the audit team possesses the
required expertise.
The auditor’s understanding of the automated environment should include the following:
Organization and Governance: The organization structure and governance.
Extent of IT Integration: Extent of IT integration, use of service organizations.
Applications Used: The applications that are being used by the company.
IT Infrastructure Details: Details of the IT infrastructure components for each of the application.
Policies and Procedures: The policies, procedures and processes followed.
IT Risks and Controls: IT risks and controls.
Key Areas for an Auditor to Understand IT Environment
(Shortcut: FAST & Complex)
1. Understand the Flow of transaction: Understand the specific IT applications and aspects related to
transaction flows and information processing. Recognize how program changes or database alterations affect
these flows.
2.Identification of Manual and Automated Controls: Recognize the blend of manual and automated
components in an entity's internal control. These characteristics impact the auditor's risk assessment of material
misstatements.
3. Identification of Significant Systems: Recognize IT applications and infrastructure in relation to the flow of
significant transaction information within the entity's system.
4. Identification of the Technologies used: Comprehend emerging technologies and their role in financial
reporting. Evaluate risks from their use and consider involving experts. Emerging technologies include:
- Blockchain (e.g., token issuers, exchanges)
- Robotics
- Artificial Intelligence
- Internet of Things
- Biometrics
- Drones
5. Assessing the complexity of the IT environment: Understand that IT applications vary in complexity based
on factors like automation, reliance on system reports, customization, business model, yearly changes, and
emerging technology adoption. Assess the overall complexity of the IT setting.
www.auditguru.in 12.4