Page 92 - CA Inter Audit PARAM
P. 92
CA Ravi Taori
(ii) Automated: A task or activity that is routinely performed by a computer system and does not require
manual effort
(iii) CAATs: Short form for Computer Assisted Audit Techniques, are a collection of computer-based tools and
techniques that are used in an audit for analysing data in electronic form to obtain audit evidence.
(iv) Data Processing: Refers to the systematic recording, storage, retrieval, modification and transformation
of electronic data using information systems
(v) General (IT) Controls: Are a type of internal controls that help in mitigating risks that arise due to use of
information technology and information systems in a business.
QNO Relevance of IT- Old Course -- (SM17/M19R/N19E/
AAE.10 Bhaskar CNO- AAE.040 SM20/N20R/N21R/SM21/ M22M/M22E/N22M/M23M/M23R)
Discuss the situations in which IT will be relevant to an audit.
OR
Briefly mention three reasons why IT should be considered relevant to an audit of financial statements.
OR
The auditors responsibility include reporting on Internal Financial Controls over Financial Reporting which
include and understanding IT environment of the company and relevant risks and control. Mention any
three situation where IT will be relevant to an audit.
OR
When a business operates in a more automated environment it is likely that we, as auditors, will see several
business functions and activities happening within the systems. Explain which of the aspect you will consider
relevant as an auditor.
Answer Given below are some situations in which IT will be relevant to an audit,
Shortcut to Remember
Hify CESS at PVR is relevant.
Text Examples
Hi-tech nature of business (H) Telecom, e-Commerce
Complexity of transactions has increased (C) multiple systems, network of systems
Increases Efficiency and effectiveness of audit. (E)
Increased use of Systems and Application Software in use of ERPs
Business (S)
Required by Indian and International Standards - (S) ISO, PCI-DSS, SA 315, SOC, ISAE.
Company Policy (P) Compliance
Volume of transactions are high (V) Insurance, Banking, Railways ticketing
Regulatory requirements - (R) Companies Act 2013 IFC, IT Act 2008.
➢ Relevance changes from company to company
In some of the above situations it is likely that carrying out audit using traditional substantive audit
procedures may be difficult or even not feasible if the company prepares, records and conducts
majority of business activities through IT systems only.
On the other hand, many companies may use less complex IT systems including desktop-based
accounting or spreadsheets. In such situations, the relevance of IT to an audit could be less.
However, the auditor is still required to carry out at least an understanding the IT environment of
the company and document the same.
➢ Data Analytics
Another area where IT can be relevant to audit is by using data analytics using computer assisted audit
techniques (CAATs). By using data analytics, it is possible to improve the effectiveness and efficiency
of an audit. We will learn more about data analytics in the later sections of this chapter.
From the above, we can see how IT is relevant to an audit under different situations viz., audit, non-
audit and meeting regulatory compliance requirements. We will learn more about understanding
risks, controls and documentation in further sections of this chapter
Author’s Note
www.auditguru.in 3.47
