IT Auditing, Hall, 3e - Walailak Universitymit.wu.ac.th/mit/images/editor/files/Ch6.pdf · IT Auditing, Hall, 3e ... Event Into the General Ledger Hall, 3e 6 ... The REA model version

© 2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or

duplicated, or posted to a publicly accessible website, in whole or in part.

IT Auditing, Hall, 3e



an economic event that affects the assets and equities of the firm, is reflected in its accounts, and is measured in monetary terms.

similar types of transactions are grouped together into three transaction cycles:

◦ the expenditure cycle ◦ the conversion cycle ◦ the revenue cycle

1 Hall, 3e



Relationship between Transaction Cycles

2 Hall, 3e



Expenditure Cycle: time lag between the two due to credit relations with suppliers:

◦ physical component (acquisition of goods)

◦ financial component (cash disbursements to the supplier)

Conversion Cycle :

◦ the production system (planning, scheduling, and control of the physical product through the manufacturing process)

◦ the cost accounting system (monitors the flow of cost information related to production)

Revenue Cycle: time lag between the two due to credit relations with customers :

◦ physical component (sales order processing)

◦ financial component (cash receipts)

3 Hall, 3e



Source Documents - used to capture and formalize transaction data needed for transaction processing

Product Documents - the result of transaction processing

Turnaround Documents - a product document of one system that becomes a source document for another system

4 Hall, 3e



Journals - a record of chronological entry ◦ special journals - specific classes of transactions

that occur in high frequency ◦ general journal - nonrecurring, infrequent, and

dissimilar transactions

Ledger - a book of financial accounts ◦ general ledger - shows activity for each account

listed on the chart of accounts ◦ subsidiary ledger - shows activity by detail for each

account type

5 Hall, 3e



Flow of Information from Economic Event Into the General Ledger

6 Hall, 3e



EXPLANATION OF STEPS IN FIGURE:

1. Compare the AR balance in the balance sheet with the master file AR control account balance. 2. Reconcile the AR control figure with the AR subsidiary account total. 3. Select a sample of update entries made to accounts in the AR subsidiary ledger and trace these to transactions in the sales journal (archive file). 4. From these journal entries, identify source documents that can be pulled from their files and verified. If necessary, confirm these source documents by contacting the customers.

Accounting Records in a Computer-Based System

7 Hall, 3e



Accounts Receivable Control Account-General Ledger Accounts Receivable Subsidiary Ledger (sum of all customers’ receivables)

Sales Journal Cash Receipts Journal

Sales Order Deposit Slip

Remittance Advice Shipping Notice

Example of Tracing an Audit Trail Verifying Accounts Receivable

Physical Financial

8 Hall, 3e



The audit trail is less observable in computer-based systems than traditional manual systems.

The data entry and computer programs are the physical trail.

The data are stored in magnetic files.

9 Hall, 3e



Master File - generally contains account data (e.g., general ledger and subsidiary file)

Transaction File - a temporary file containing transactions since the last update

Reference File - contains relatively constant information used in processing (e.g., tax tables, customer addresses)

Archive File - contains past transactions for reference purposes

10 Hall, 3e



Documentation in a CB environment is necessary for many reasons.

Five common documentation techniques: ◦ Entity Relationship Diagram ◦ Data Flow Diagrams ◦ Document Flowcharts ◦ System Flowcharts ◦ Program Flowcharts

11 Hall, 3e



A documentation technique to represent the relationship between entities in a system.

The REA model version of ERD is widely used in AIS. REA uses 3 types of entities: ◦ resources (cash, raw materials) ◦ events (release of raw materials into the

production process) ◦ agents (inventory control clerk, vendor,

production worker)

12 Hall, 3e



Represent the numerical mapping between entities: ◦ one-to-one

◦ one-to-many

◦ many-to-many

13 Hall, 3e



Sales- person

Car Type

Customer Order

Vendor Inventory

Assigned

Places

Supply

Entity Relationship Entity

1

M

M M

1

1

Cardinalities

14 Hall, 3e



use symbols to represent the processes, data sources, data flows, and entities in a system

represent the logical elements of the system

do not represent the physical system

15 Hall, 3e



Entity Name

N

Process Description

Data Store Name

Direction of data flow

16 Hall, 3e



illustrate the relationship among processes and the documents that flow between them

contain more details than data flow diagrams

clearly depict the separation of functions in a system

17 Hall, 3e



Symbol Set for Representing Manual Procedures

Terminal showing source or destination of documents and reports

Source document or report

Manual operation

File for storing source documents and reports

Accounting records (journals, registers, logs, ledgers)

Calculated batch total

On-page connector

Off-page connector

Description of process or comments

Document flowline

18 Hall, 3e



Sales Department Credit Department Warehouse Shipping Department

Flowchart Showing Stated Fact Translated into Visual Symbols

Customer

Customer

Order

Prepare

Sales

Orders

Sales

Order #1 Sales

Order #1 Sales

Order #1 Sales

Order #1

19 Hall, 3e


duplicated, or posted to a publicly accessible website, in whole or in part. 20

Flowchart Showing All Stated Facts Translated into Visual Symbols

Hall, 3e



are used to represent the relationship between the key elements--input sources, programs, and output products--of computer systems

depict the type of media being used (paper, magnetic tape, magnetic disks, and terminals)

in practice, not much difference between document and system flowcharts

21 Hall, 3e



Symbol Set for Representing Computer Processes

Hard copy

Computer process

Direct access storage device

Magnetic tape

Terminal input/ output device

Process flow

Real-time (online) connection

Video display device

22 Hall, 3e


duplicated, or posted to a publicly accessible website, in whole or in part. 23

Flowchart Showing Translation of Facts 1, 2, and 3 into Visual Symbols

Hall, 3e





24 Hall, 3e



illustrate the logic used in programs

Program Flowchart Symbols

Logical process

Decision

Terminal start or end operation

Input/output operation

Flow of logical process

25 Hall, 3e



Modern systems characteristics: ◦ client-server based and process transactions in real time ◦ use relational database tables ◦ have high degree of process integration and data sharing

◦ some are mainframe based and use batch processing

Some firms employ legacy systems for certain aspects of their data processing. ◦ Accountants need to understand legacy systems.

Legacy systems characteristics: ◦ mainframe-based applications ◦ batch oriented ◦ early legacy systems use flat files for data storage ◦ later legacy systems use hierarchical and network databases ◦ data storage systems promote a single-user environment

that discourages information integration

26 Hall, 3e


duplicated, or posted to a publicly accessible website, in whole or in part. 27 Hall, 3e



•Destructive updates leave no backup. •To preserve adequate records, backup procedures must be implemented, as shown below:

The master file being updated is copied as a backup. A recovery program uses the backup to create a pre-update version of the master file.

28 Hall, 3e



Two broad classes of systems: ◦ batch systems

◦ real-time systems



A batch is a group of similar transactions that are accumulated over time and then processed together.

The transactions must be independent of one another during the time period over which the transactions are accumulated in order for batch processing to be appropriate.

A time lag exists between the event and the processing.

30 Hall, 3e



Sales Orders

Keying Unedited Transactions

Edit Run

Errors

Edited Transactions

Sort Run

Transactions

Update Run

Old Master (father)

AR

AR New Master (son)

Transactions (eventually transferred to an archive file)

correct errors and resubmit

catches clerical errors

rearranges the transaction data by key field so that it is in the same sequence as the master file

changes the values in the master file to reflect the transactions that have occurred

Batch Processing/Sequential File

31 Hall, 3e



Keystroke - source documents are transcribed by clerks to magnetic tape for processing later

Edit Run - identifies clerical errors in the batch and places them into an error file

Sort Run - places the transaction file in the same order as the master file using a primary key

Update Run - changes the value of appropriate fields in the master file to reflect the transaction

Backup Procedure - the original master continues to exist and a new master file is created

32 Hall, 3e



Organizations can increase efficiency by grouping large numbers of transactions into batches rather than processing each event separately.

Batch processing provides control over the transaction process via control figures.

33 Hall, 3e



process transactions individually at the moment the economic event occurs

have no time lag between the economic event and the processing

generally require greater resources than batch processing since they require dedicated processing capacity; however, these cost differentials are decreasing

oftentimes have longer systems development time

34 Hall, 3e





AIS processing is characterized by high-volume, independent transactions, such are recording cash receipts checks received in the mail.

The processing of such high-volume checks can be done during an off-peak computer time.

This is one reason why batch processing maybe done using real-time data collection.

36 Hall, 3e



Concisely represent large amounts of complex information that would otherwise be unmanageable

Provide a means of accountability over the completeness of the transactions processed

Identify unique transactions and accounts within a file

Support the audit function by providing an effective audit trail

37 Hall, 3e



Represent items in sequential order Used to prenumber source documents

Track each transaction processed Identify any out-of-sequence documents

Disadvantages: ◦ arbitrary information ◦ hard to make changes and insertions

38 Hall, 3e



Represent whole classes by assigning each class a specific range within the coding scheme

Used for chart of accounts ◦ The basis of the general ledger

Allows for the easy insertion of new codes within a block ◦ Don’t have to reorganize the coding structure

Disadvantage: ◦ arbitrary information

39 Hall, 3e



Represent complex items or events involving two or more pieces of data using fields with specific meaning

For example, a coding scheme for tracking sales might be 04-09-476214-99, meaning:

Store Number Dept. Number Item Number Salesperson

04 09 476214 99

• Disadvantages:

– arbitrary information

– overused

40 Hall, 3e



Used for many of the same purposes as numeric codes

Can be assigned sequentially or used in block and group coding techniques

May be used to represent large numbers of items ◦ Can represents up to 26 variations per

field

Disadvantage: ◦ arbitrary information

41 Hall, 3e



Alphabetic characters used as abbreviations, acronyms, and other types of combinations

Do not require users to memorize the meaning since the code itself is informative – and not arbitrary

◦ NY = New York

Disadvantages:

◦ limited usability and availability

42 Hall, 3e



General ledger systems should: ◦ collect transaction data promptly and accurately

◦ classify/code data and accounts

◦ validate collected transactions/ maintain accounting controls (e.g., equal debits and credits)

◦ process transaction data

post transactions to proper accounts

update general ledger accounts and transaction files

record adjustments to accounts

◦ store transaction data

◦ generate timely financial reports

Input

Process

Output

43 Hall, 3e



General Ledger System (GLS)

Financial Reporting

System

Management Reporting

System

Inventory Control

Payroll

Cash Disbursements

Accounts Payable

Cost Accounting

Cash Receipts

Sales

Billings

44 Hall, 3e



General ledger master file ◦ principal FRS file based on chart of accounts

General ledger history file ◦ used for comparative financial support

Journal voucher file ◦ all journal vouchers of the current period

Journal voucher history file ◦ journal vouchers of past periods for audit trail

Responsibility center file ◦ financial data by responsibility centers for MRS

Budget master file ◦ budget data by responsibility centers for MRS

45 Hall, 3e







Source documents

Journal entries in the journal

Post entries to the ledger

Trial balance

Financial statements

Adjusting and closing

47 Hall, 3e





General ledger analysis: ◦ listing of transactions

◦ allocation of expenses to cost centers

◦ comparison of account balances from prior periods

◦ trial balances

Financial statements: ◦ balance sheet

◦ income statement

◦ statement of cash flows

Managerial reports: ◦ analysis of sales

◦ analysis of cash

◦ analysis of receivables

Chart of accounts: coded listing of accounts

49 Hall, 3e



Improperly prepared journal entries Unposted journal entries Debits not equal to credits Subsidiary not equal to G/L control accounts Inappropriate access to the G/L Poor audit trail Lost or damaged data Account balances that are wrong because of

unauthorized or incorrect journal vouchers

50 Hall, 3e



Transaction authorization - journal vouchers must be authorized by a manager at the source dept

Segregation of duties – G/L clerks should not: ◦ have recordkeeping responsibility for

special journals or subsidiary ledgers ◦ prepare journal vouchers ◦ have custody of physical assets

51 Hall, 3e



Access controls: ◦ Unauthorized access to G/L can result in

errors, fraud, and misrepresentations in financial statements.

◦ Sarbanes-Oxley requires controls that limit database access to only authorized individuals.

Accounting records - trace source documents from inception to financial statements and vice versa

52 Hall, 3e



Independent verification ◦ G/L dept. reconciles journal vouchers

and summaries. Two important operational reports

used: ◦ journal voucher listing – details of each

journal voucher posted to the G/L ◦ general ledger change report – the

effects of journal voucher postings on G/L accounts

53 Hall, 3e





Advantages: ◦ immediate update and reconciliation

◦ timely, if not real-time, information

Removes separation of transaction authorization and processing ◦ Detailed journal voucher listing and account activity

reports are a compensating control

Centralized access to accounting records ◦ Passwords and authorization tables as controls

55 Hall, 3e



Format used to produce Web pages ◦ defines the page layout, fonts, and graphic elements

◦ used to lay out information for display in an appealing manner like one sees in magazines and newspapers

◦ using both text and graphics (including pictures)

appeals to users

Hypertext links to other documents on the

Web ◦ Even more pertinent is HTML’s support for hypertext

links in text and graphics that enable the reader to ‘jump’ to another document located anywhere on the World Wide Web.

56 Hall, 3e



XML is a meta-language for describing markup languages.

Extensible means that any markup language can be created using XML. ◦ includes the creation of markup languages

capable of storing data in relational form, where tags (formatting commands) are mapped to data values

◦ can be used to model the data structure of an organization’s internal database

57 Hall, 3e



XBRL is an XML-based language for standardizing methods for preparing, publishing, and exchanging financial information, e.g., financial statements.

XBRL taxonomies are classification schemes.

Advantages: ◦ Business offer expanded financial information to all

interested parties virtually instantaneously. ◦ Companies that use XBRL database technology can

further speed the process of reporting. ◦ Consumers import XBRL documents into internal

databases and analysis tools to greatly facilitate their decision-making processes.

58 Hall, 3e



Audit implication for XBRL ◦ taxonomy creation: incorrect taxonomy results

in invalid mapping that may cause material misrepresentation of financial data

◦ validation of instance documents: ensure that appropriate taxonomy and tags have been applied

◦ audit scope and timeframe: impact on auditor responsibility as a consequence of real-time distribution of financial statements

59 Hall, 3e