Information Technology Auditing Ch
01 - 05 GRADE A+ GUARANTEED
Access controls
Controls that ensure that only authorized personnel have access to
the firm's assets.
Accounting records
"The documents, journals, and ledgers used in transaction cycles. "
Audit objectives
Audit goals derived from management assertions that lead to the
development of audit procedures.
Audit opinion
Opinion of auditor regarding the presentation of financial statements.
Audit planning
Stage at which the auditor identifies the financially significant
applications and attempts to under- stand the controls over the
primary transactions that are processed by these applications.
Audit procedure
Tasks performed by auditors to gather evidence that supports or
refutes management assertions.
Audit risk
"Probability that the auditor will render unqualified opinions on
financial statements that are, in fact, materially misstated. "
Auditing
Form of independent attestation performed by an expert who expresses
an opinion about the fairness of a company's financial statements.
Control activities
Policies and procedures used to ensure that appropriate actions are
taken to deal with the organization's risks.
Control environment
The foundation of internal control.
Control risk
Likelihood that the control structure is flawed because controls are
either absent or inadequate to prevent or detect errors in the
account.
Corrective controls
Actions taken to reverse the effects of errors detected in the
previous step.
Detection risk
, Risk that auditors are willing to take that errors not detected or
prevented by the control structure will also not be detected by the
auditor.
Detective controls
"Devices, techniques, and procedures designed to identify and expose
undesirable events that elude preventive controls. "
Inherent risk
Risk that is associated with the unique characteristics of the
business or industry of the client.
Internal control system
"Policies a firm employs to safeguard the firm's assets, ensure
accurate and reliable accounting records and information, promote
efficiency, and measure compliance with established policies. "
Management assertions
Explicit or implicit statements made by management within the
financial statements pertaining to the financial health of the
organization.
Monitoring
The process by which the quality of internal control design and
operation can be assessed.
Preventive controls
Passive techniques designed to reduce the frequency of occurrence of
undesirable events.
Risk assessment
"The identification, analysis, and management of risks relevant to
financial reporting. "
Segregation of duties
Separation of employee duties to minimize incompatible functions.
Substantive tests
Tests that determine whether database contents fairly reflect the
organization's transactions.
Supervision
A control activity involving the critical over- sight of employees.
Tests of controls
Tests that establish whether internal controls are functioning
properly.
Transaction authorization
Procedure to ensure that employees process only valid transactions
within the scope of their authority.
Disaster recovery plan (DRP)
"Comprehensive statement of all actions to be taken before, during,
and after a disaster, along with documented, tested procedures that
will ensure the continuity of operations. "
Empty shell
01 - 05 GRADE A+ GUARANTEED
Access controls
Controls that ensure that only authorized personnel have access to
the firm's assets.
Accounting records
"The documents, journals, and ledgers used in transaction cycles. "
Audit objectives
Audit goals derived from management assertions that lead to the
development of audit procedures.
Audit opinion
Opinion of auditor regarding the presentation of financial statements.
Audit planning
Stage at which the auditor identifies the financially significant
applications and attempts to under- stand the controls over the
primary transactions that are processed by these applications.
Audit procedure
Tasks performed by auditors to gather evidence that supports or
refutes management assertions.
Audit risk
"Probability that the auditor will render unqualified opinions on
financial statements that are, in fact, materially misstated. "
Auditing
Form of independent attestation performed by an expert who expresses
an opinion about the fairness of a company's financial statements.
Control activities
Policies and procedures used to ensure that appropriate actions are
taken to deal with the organization's risks.
Control environment
The foundation of internal control.
Control risk
Likelihood that the control structure is flawed because controls are
either absent or inadequate to prevent or detect errors in the
account.
Corrective controls
Actions taken to reverse the effects of errors detected in the
previous step.
Detection risk
, Risk that auditors are willing to take that errors not detected or
prevented by the control structure will also not be detected by the
auditor.
Detective controls
"Devices, techniques, and procedures designed to identify and expose
undesirable events that elude preventive controls. "
Inherent risk
Risk that is associated with the unique characteristics of the
business or industry of the client.
Internal control system
"Policies a firm employs to safeguard the firm's assets, ensure
accurate and reliable accounting records and information, promote
efficiency, and measure compliance with established policies. "
Management assertions
Explicit or implicit statements made by management within the
financial statements pertaining to the financial health of the
organization.
Monitoring
The process by which the quality of internal control design and
operation can be assessed.
Preventive controls
Passive techniques designed to reduce the frequency of occurrence of
undesirable events.
Risk assessment
"The identification, analysis, and management of risks relevant to
financial reporting. "
Segregation of duties
Separation of employee duties to minimize incompatible functions.
Substantive tests
Tests that determine whether database contents fairly reflect the
organization's transactions.
Supervision
A control activity involving the critical over- sight of employees.
Tests of controls
Tests that establish whether internal controls are functioning
properly.
Transaction authorization
Procedure to ensure that employees process only valid transactions
within the scope of their authority.
Disaster recovery plan (DRP)
"Comprehensive statement of all actions to be taken before, during,
and after a disaster, along with documented, tested procedures that
will ensure the continuity of operations. "
Empty shell
