What Is the difference between transaction processing systems, management information systems, and decision support systems? Transaction processing systems – document financial activities Management Information systems – used to collect qualitative as well as quantitative information for decision making within organizations Decision support systems – help the developers of an ASS identify what information they need for their planning, decision making, and control functions How is a flowchart used?
A document flowchart traces the physical flow of documents wrought an organization?that is, the flow of documents from the departments, groups, or individuals who first created them to their final destinations. How is the accounting Information system documented? An accounting information system Is a collection of data and processing procedures that creates needed Information for Its users. An Information system’s components: Data or Information Is Input, processed, and output as Information for planning, decision-making, and control purposes.
What are effective coding systems used in ASS? (1) mnemonic codes, (2) sequence codes, (3) block codes. And (4) group codes. How do accounting information software packages differ? Owners will have to consider what tasks they’ll want their system to accomplish, identify what software package or packages can perform these tasks, and perhaps evaluate several different computer hardware configurations that might support these packages. What are the roles of accounting Information systems In e-commerce?
Enterprise resource management (ERP) software such as SAP are particularly Important to electronic commerce (e-commerce) applications?for example, because a simple sale over the Internet simultaneously affects accounts receivable, inventory, and racketing subsystems. How do accounting information software packages differ by business size? The type of accounting software package used in businesses depends on the size of company operations, number of users and different segments or departments in a company.
Do enterprise resource planning systems add productivity to a business enterprise? Enterprise resource management (ERP) software enables businesses and government agencies to transmit and manipulate financial data on an organization-wide basis. How could unethical behavior related to the use of information systems impact a acceptable and then acting accordingly. Ethics can govern organizations as well as individuals. An example is the practice of unauthorized software copying.
How can a business secure its electronic financial data? The Fair Employment Practices Guidelines suggest that company policies cover issues such as (1) who owns the computer and the data stored on the computer, (2) what purposes the computer may be used (e. G. , primarily for business purposes), and (3) what uses are unauthorized or prohibited. Further, employers should specifically identify the types of acceptable and unacceptable uses, with some examples. What are some vulnerabilities and threats in information systems? The data that are input manually to a system are particularly vulnerable to compromise – Viruses can hide in e-mails from friends and colleagues because their computer systems have been infected. How would input controls, processing controls, and output controls be used? Data input controls ensure the accuracy, completeness, and timeliness of data during its conversion from its original source into computer data, or entry into a computer application. Data processing controls are used to ensure the accuracy, completeness, ND timeliness of data during either batch or online processing.
Data output controls ensure the integrity of output and the correct and timely distribution of any output produced. What are parts of an information security system? An information security management system (ISMS) is a set of policies concerned with information security management or IT related risks. How do disaster risk management practices benefit a company? An organization’s disaster recovery plan describes the procedures to be followed in the event of an emergency, as well as the role of every member of the disaster recovery team (which s made up of specific company employees).
What are the techniques used for analyzing internal control systems? Review existing documentation or create new materials. Observe the current system in operation. Use questionnaires and surveys. Review internal control procedures. Interview system participants. How do internal auditing and external auditing of information systems differ? In an internal audit, a company’s own accounting employees perform the audit, whereas accountants working for an independent CPA firm conduct an external audit. What are information system audits?
The auditor will first decide if computer examination of the computer-based information system itself What potential risks must be evaluated during an information system audit? The auditors will perform compliance testing to ensure that the controls are in place and working as prescribed. This may entail using some computer-assisted audit techniques (Scats) to audit the computerized ASS. These involve the use of computer processes or controls to perform audit functions, such as sorting data to detect duplicate accounts payable invoice numbers. Finally, the auditor will need to obstructively test some account balances.
What control procedures should be used to minimize risks in an information system? The desirability of an internal control procedure is a function of its ability to reduce business risk. In fact, it is the business risk itself that is important, not the internal control system. Why is a financial statement audit required? In performing financial statement audits, the auditors gather and evaluate audit evidence to form an opinion about whether the financial statements follow the appropriate criteria, usually generally accepted accounting principles.
The auditors must gather sufficient appropriate audit evidence to provide a reasonable basis for their opinion on the financial statements. What are the auditor’s responsibilities in performing an audit engagement? The auditor may make separate assessments of the two risks or an overall assessment of the risk of material misstatement for the relevant assertions. How are generally accepted auditing standards used? These adopted and issued standards are required to be followed when auditors audit the financial statements (and internal control) of issuers of securities (public companies).
What analytical procedures are used during an audit? A simple analytical procedure is to compare revenue and expense amounts for the current year to those of prior periods, noting significant differences. A more sophisticated analytical procedure might involve the development of a multiple regression model to estimate the amount of sales for the year using economic and industry data. Analytical procedures also may involve computations of percentage relationships of various items in the financial statements, such as gross profit percentages.
In all these approaches, the auditors attempt to identify unexpected differences or the absence of expected differences. Such differences may indicate misstatements in the financial statements that should be investigated fully by the auditors. How is an audit engagement planned? The requirements for the engagement include the financial statements to be audited, any other requirements (e. G. , regulatory filings), and the timing of the engagement. Engagement What is included in an audit engagement letter? The objective and scope of the audit – The responsibilities of the auditor The responsibilities of management and identification of the applicable financial reporting framework – Other information [fee arrangements, billings, timings, and other specific terms – Reporting What is the relationship between audit risk and materiality? Audit risk – at the overall engagement level, this is the risk that the auditors may unknowingly fail to appropriately modify their opinion on financial statements that are materially misstated.
At the financial statement assertion level, it is the risk that a particular assertion about an account balance is materially misstated. Materiality – recognizes hat some matters are important to the fair presentation of financial statements, while others are not. The materiality concept is basic to the audit, because the audit report states that an audit is performed to obtain reasonable assurance about whether the financial statements are free of material misstatement. What risks are present that affect the procedures to be used during an audit? Complexity of calculations involved.
Risk of fraud. Selection and application of accounting policies. Internal and external circumstances giving rise to business risks (e. G. , technological change in the industry). Recent developments in the industry and economy. How do the ethical standards set by the American Institute of Certified Public Accountants (CPA), Securities Exchange Commission (SEC), and Government Accounting Office (GAO) differ? CPA – The national professional organization of Spas engaged in promoting high professional standards to ensure that Spas serve the public interest.
SEC – A government agency authorized to regulate companies seeking approval to issue securities for sale to the public. GAO – The Governmental Accounting Standards Board (GABS) was formed in 1984 to establish and improve tankards of financial accounting for state and local government entities. How do rules of independence impact the CPA and the client? It is important to recognize that independence concerns exist both at the individual CPA level and at the public accounting firm level; one, both, or neither may be considered independent with respect to a client or potential client.
A public accounting firm does not necessarily lose independence with respect to an engagement when one (or more) of its employees or partners are not independent. What is prohibited by the code of professional conduct? The Code of Professional Conduct prohibits a member of the audit team for a client company from holding any common stock in that company. In such circumstances, no further consideration is required?that individual is not independent. 2002 requires that one year pass before a member of the audit team may accept employment with an SEC registrant in certain designated positions (e. . , chief executive officer, controller, chief financial or accounting officer). What elements should be included in an internal control structure? Preventive controls are aimed at avoiding the occurrence of misstatements in the financial statements. Detective controls are designed to discover misstatements after they have occurred. A corrective control is ordinarily needed to remedy the situation. How would an auditor test the relationship between control risk and the internal control structure?
Internal control is a process, effected by the entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the categories of (1) effectiveness and efficiency of operations, (2) reliability of financial reporting, and (3) compliance with applicable laws and regulations. Prior to 1996, the Aspic’s Professional Standards referred to an entity’s internal control as its internal control structure. What audit sampling is used by the auditor?
Statistical and Non-statistical Sampling A sample is said to be non-statistical (or Judgmental) when the auditors estimate sampling risk by using professional Judgment rather than statistical techniques. Statistical sampling may assist auditors in (1) designing efficient samples, (2) measuring the sufficiency of the evidence obtained, and (3) objectively evaluating sample results. How is evidential matter used? Sufficient competent evidential matter is to be obtained through inspection, observation, inquiries, and confirmations to afford a reasonable basis for an opinion regarding the financial statements under audit.
What should a CPA include in a standard management representation letter? A report to management containing the auditors’ recommendations for correcting any deficiencies disclosed by the auditors’ consideration of internal control. In addition to providing management with useful information, a management letter may also help limit the auditors’ liability in the event a control weakness subsequently results in a loss by the client. What information should the entity’s internal control structure report include? Deficiency in internal control Less than a significant deficiency Significant deficiency Material weakness the word independent.
It is addressed to those for whom it is prepared, generally the audited company itself or to those charged with governance. After the introductory paragraph, the report is divided into sections with headings. The introductory paragraph of the auditors’ report identifies the financial statements that have been audited. To reduce confusion, audit reports issued in the United States now use arms such as “generally accepted auditing standards (United States of America)” or “auditing standards generally accepted in the United States of America. The date of the audit report is quite significant because the auditors have a responsibility to perform procedures through that date to search for any subsequent events that may affect the fairness of the client’s financial statements, and due to requirements relating to changes in documentation that arise after that date What information is included in an audit exit interview? After they have completed he draft report, they should arrange an exit conference to review the findings with all persons directly concerned with the operations audited.
For each finding, a complete report will describe (1) the criteria used to evaluate the activity, (2) the condition (e. G. , problem) that exists, (3) the cause, (4) the effect, and (5) recommendations for improvement What can the CPA learn from the attorney representation letter? Management provides an assertion about compliance in writing in a representation letter to the Spas. That assertion also may be presented in a formal report that accompanies the Spas’ report or be included in the Spas’ report.
The Spas’ report provides assurance on either management’s assertion or directly on compliance. What other services can CPA firms provide? – Tax – Accounting and Assurance What is an attestation engagement? In compliance attestation engagements, Spas address an organization’s compliance with specified requirements, or its internal control over compliance with specific laws and regulations. How do governmental auditing standards and financial auditing standards differ? GAP defines how businesses, both public and private, prepare their financial tenements.
Governmental Auditing Standards are a series of rules that define how an independent agent is supposed to review a government agency’s financial statements and internal processes. Do governmental regulations have an effect on financial statement audits? Governmental organizations are subject to a variety of laws and regulations that affect their financial statements?many more than typical business enterprises. An important aspect of generally accepted accounting principles for governmental organizations is the recognition of various legal and contractual requirements.