Computer Auditing
Using computer-based tools and controls to enhance audit efficiency
General Controls
Policies over the entire IT environment like security
Application Controls
Controls over specific transactions within applications
CAATs (Computer-Assisted Audit Techniques)
Audit software and tools used to test data directly — e.g.
Embedded Audit Modules
Code built into systems to continuously collect audit evidence automatically.
Test Data
Simulated transactions run through client systems to verify processing accuracy.
Parallel Simulation
Auditor reprocesses client data with their own programs to compare results.
Integrated Test Facility (ITF)
Fake entity within system used to process dummy transactions without affecting real data.
Generalized Audit Software (GAS)
Tools like IDEA used to extract
IT Control Risk
The risk that IT weaknesses lead to material misstatements or fraud.
Advantages of Computer Auditing
Increases coverage
Limitations of Computer Auditing
Requires technical skill
