Computer Processing and Error Reduction

Questions and Answers

Computer processing virtually eliminates the occurrence of computational error normally associated with manual processing.

Computer processing virtually eliminates the occurrence of computational error normally associated with manual processing. (correct)

Errors or fraud in computer processing will be detected soon after their occurrences.

The potential for systematic error is ordinarily greater in manual processing than in computerized processing.

Most computer systems are designed so that transaction trails useful for audit purposes do not exist.

In a CIS environment, the overall objective and scope of an audit remains the same.

False

Which of the following is correct concerning batch processing of transactions?

Transactions are processed in the order they occur, regardless of type.

It has largely been replaced by on-line real-time processing in all but legacy systems.

It is more likely to result in an easy-to-follow audit trail than is on-line transaction processing. (correct)

It is used only in nondatabase applications.

What does a CIS environment affect?

Procedures in obtaining understanding of accounting systems

What should the auditor have sufficient knowledge of in a CIS?

CIS (IT)

In a CIS environment, transaction and master file data are often concentrated in _____________ form.

machine-readable

Which of the following is a basic type of network?

Local Area Network (LAN)

In On-line/Inquiry processing, users can make updates to the master file.

False

What does EDI stand for?

Electronic Data Interchange

In a Wide Area Network (WAN), the network covers a ________ geographic area.

large

Match the following database components with their descriptions:

Database = A collection of data shared by multiple users for different purposes. Database Management System (DBMS) = Software that creates, maintains, and operates the database.

Which of the following is correct concerning batch processing of transactions?

It has largely been replaced by on-line real-time processing in all but legacy systems.

Misstatements in a batch computer system caused by incorrect programs or data may not be detected immediately because

Errors in some transactions may cause rejection of other transactions in the batch.

A control feature in an electronic data processing system requires the central processing unit (CPU) to send signals to the printer to activate the print mechanism for each character. The print mechanism, just prior to printing, sends a signal back to the CPU verifying that the proper print position has been activated. This type of hardware control is referred to as

Echo control

What technology is needed in order to convert a paper document into a computer file?

Optical character recognition

Which of the following is an example of a validity check?

The computer ensures that a numerical amount in a record does not exceed some predetermined amount.

An entity has the following invoices in a batch: Invoice # Product Quantity Unit Price 201 F10 150 P 5.00 202 G15 200 P 10.00 203 H20 250 P 25.00 204 K35 300 P 30.00 Which of the following most likely represents a hash total?

204

Which of the following controls is a processing control designed to ensure the reliability and accuracy of data processing?

Validity check test

Which of the following activities would most likely be performed in the information systems department?

Conversion of information to machine-readable form

When computer programs or files can be accessed from terminals, users should be required to enter a(n)

Personal identification code

Which of the following is an example of a validity check?

The computer ensures that a numerical amount in a record does not exceed some predetermined amount.

Study Notes

Auditing in a CIS (Computer-based Information System) Environment

• A CIS environment exists when a computer is involved in processing financial information of significance to the audit, whether operated by the entity or a third party.
• The overall objective and scope of an audit do not change in a CIS environment, but the auditor's procedures may be affected.

Characteristics of a CIS Organizational Structure

• Concentration of functions and knowledge: fewer persons involved in processing financial information.
• Concentration of programs and data: transaction and master file data are often concentrated in machine-readable form.

Nature of CIS Processing

• Absence of input documents: data may be entered directly into the computer system without supporting documents.
• Lack of visible audit trail: transaction trail may be partly in machine-readable form and may exist only for a limited period.
• Lack of visible output: certain transactions or results may not be printed or may be summarized.
• Ease of access to data and computer programs: data and programs may be accessed and altered at the computer or remotely.

Design and Procedural Aspects of CIS

• Consistency of performance: CIS performs functions exactly as programmed, potentially more reliably than manual systems.
• Programmed control procedures: internal control procedures can be designed into computer programs.
• Single transaction update of multiple or database computer files: a single input can update multiple records.
• Systems-generated transactions: transactions may be initiated by the CIS without input documents.

Internal Controls in a CIS Environment

• General CIS controls: establish a framework of overall control over CIS activities and provide reasonable assurance that overall objectives of internal control are achieved.
• General CIS controls include:
  • Organization and management controls (e.g., strategic information technology plan, CIS policies and procedures, segregation of incompatible functions).
  • Development and maintenance controls (e.g., project initiation, requirements definition, systems design, testing, data conversion).
  • Delivery and support controls (e.g., service level agreements, performance and capacity management, event and problem management).
  • Monitoring controls (e.g., monitoring of key CIS performance indicators, internal/external CIS audits).

CIS Application Controls

• Controls over input: ensure transactions are properly authorized, accurately converted, and recorded in computer data files.
• Controls over processing and computer data files: ensure transactions are properly processed, and errors are identified and corrected.
• Controls over output: ensure results of processing are accurate, and access to output is restricted to authorized personnel.

Review of CIS Controls

• Review of general CIS controls: relate to some or all applications and are interdependent.
• Review of CIS application controls: test manual controls, controls over system output, and programmed control procedures.

CIS Environments

• Stand-alone personal computers: may not be practicable or cost-effective to implement sufficient controls.
• On-line computer systems: enable users to access data and programs directly through terminal devices.
• Types of on-line computer systems:
  • On-line/real-time processing: individual transactions are entered and updated immediately.
  • On-line/batch processing: individual transactions are entered and added to a transaction file for subsequent validation.
  • On-line/memo update: combines on-line/real-time and on-line/batch processing.
  • On-line/inquiry: restricts users to making inquiries of master files.
  • On-line/downloading/uploading processing: enables transfer of data from a master file to an intelligent terminal device.

Network Environment

• Enables computer users to share computer equipment, application software, data, and voice and video transmissions.
• Types of networks:
  • Local Area Network (LAN)
  • Wide Area Network (WAN)
  • Metropolitan Area Network (MAN)

CIS Environments - Database Systems

• A database is a collection of data shared and used by many users for different purposes.
• Database Management System (DBMS): software that creates, maintains, and operates the database.
• Characteristics of database systems:
  • Data sharing
  • Data independence

Electronic Data Interchange (EDI)

• Electronic exchange of transactions between entities' computers through an electronic communications network.
• EDI controls include:
  • Authentication: controls over origin, submission, and delivery of EDI communications.
  • Encryption: conversion of plain text data to cipher text data.
  • VAN (Value Added Network) controls: controls over network, storage, and forwarding services.

Audit Approaches

• Auditing around the computer: ignores or bypasses the computer processing function.
• Auditing with the computer: uses the computer as an audit tool.
• Auditing through the computer: enters the client's system and examines the computer and its system and application software.

Computer-Assisted Audit Techniques

• Program analysis: techniques to gain an understanding of the client's program.
• Program testing: uses auditor-controlled actual or simulated data.
• Review of operating system and other systems software:
  • Job accounting data/operating systems logs: track particular functions and resources used.
  • Library management software: logs changes in programs and processing activities.### Access Control and Security Software
• Restricts access to computers to authorized personnel through techniques such as "read-only" access or encryption.

Computerized Audit Tools

• Types:
  • Audit software: computer programs used to process data of audit significance from the client's accounting system.
  • Electronic spreadsheets: contain a variety of predefined mathematical operations and functions that can be applied to data entered into cells.
  • Automated workpaper software: designed to generate trial balances, lead schedules, and other reports useful for the audit.
  • Text retrieval software: allows the user to view any text available in an electronic format.
  • Database management systems: manage creation, maintenance, and processing of information.
  • Public databases: used to obtain accounting information related to particular companies and industries.

Factors to Consider in Using CAAT

• Degree of technical competence in CIS
• Availability of CAAT and appropriate computer facilities
• Impracticability of manual tests
• Effectiveness and efficiency
• Timing of tests: arrangements with the client for retention of needed data or timing of work when data are available.

Procedures to Control the Use of Audit Software

• Participating in design and testing of computer programs
• Checking coding of the program
• Requesting client's CIS personnel to review operating system instructions
• Running audit software on small test files before running on main data files
• Ensuring correct files were used
• Obtaining evidence that audit software functioned as planned
• Establishing appropriate security measures to safeguard against manipulation of entity's data files.

Procedures to Control the Use of Test Data

• Controlling sequence of submission of test data
• Performing test runs
• Predicting results of test data
• Confirming that current version of program was used
• Obtaining reasonable assurance that programs used to process test data were used by entity throughout applicable audit period.

Description

This quiz explores the advantages of computer processing in reducing errors that occur during manual processing. It highlights the accuracy and efficiency of computer-based processing methods.