Determining the extent to which IT impacts the audit area
Show/hide Sharepoint toolbar
Toggle navigation
Menu
Home
General
Currently selected
Compliance
Concepts
Planning
Examination
Reporting
Financial
Concepts
Planning
Examination
Reporting
Performance
Concepts
Planning
Examination
Reporting
More
Review
Opinion
Tools
How To ?
Page index
Resources
Terms
It looks like your browser does not have JavaScript enabled. Please turn on JavaScript and try again.
Determining the extent to which IT impacts the audit area
Determining the extent to which IT impacts the audit area
We determine the impact of IT on the audit objectives, and the extent of the audit work needed to address the risks identified.
Compliance audit
Financial audit
Performance audit
Planning
Ref: 16.700
Page Content
Principles
We take account of information technology (IT) – computers, storage, networking and other physical devices, infrastructure and processes – in our work throughout the audit process.
During the annual work programme process, we consider whether it is necessary to propose an IT audit as a separate task.
For all other audit tasks, as part of our risk assessment, we assess the impact of IT on the
objectives of the audit
Objectives PA
Objectives CA
Objectives FA
. We then determine whether to cover IT risks as part of the audit.
Instructions
When getting to know the audit area, determine the extent to which the audit subject is impacted by IT, and how critical they are to the reliability, regularity or performance of the processes and/or transactions.
To perform this assessment, consider the extent to which the audit objectives are affected if:
the auditee is highly dependent on IT systems for the operation of the area in question;
audit work is likely to be based on data sourced from, or reliant on data extracted from IT systems;
the audit area includes complex processing and dataflows involving one or more IT systems and/or controls; and
the audit area depends critically on IT system availability, responsiveness, security, storage, etc.
ISA 315, Appendix 5: Considerations for Understanding Information Technology (IT) provides further details on performing this assessment. A positive response to one or more of the points above may indicate that the audit area is significantly impacted by IT. If you consider that this is likely to affect the audit objectives, ask for an
initial assessment
by the DATA team’s IT audit experts, who will determine the type and extent of IT audit work that is feasible and should prove useful to address the risks identified. Some of this work could also be done in part or in whole by members of the audit team qualified to do so. Include the proposed IT audit work in the
task plan
Compliance and financial
Performance
.
Principles
Instructions
Last Modified
: 05/12/2024 15:24
Tags
:
‹
›
×
