Audit Proposal Audit Proposal Kudler Fine Foods has many different types of audit to consider that could be used for each functional areas of AP, AR, inventory management and payroll. This brief has the purpose to distinguish among the types of audits that could be used for each process; to recommend the audit most appropriate for each process; to explain how the audits will be conducted; and to identify events that could prevent reliance on auditing through the computer. Types of Audit
Due to increasing economic and financial growth, many types of audit have been incorporated throughout the development process of internal activities. Audits can be performed manually or they can incorporate technology. According to Hunton and Bagranoff (2004), there are four main types of audit: 1) Attestation; 2) Findings and Recommendations; 3) SAS 70; and 4) SAS 94. Each type brings something unique to the table and can be used in different situations. Attestation. The Attestation audit present reports on examinations reviews or agreed-upon procedures.
The auditor provides assurance on something for which the client is responsible. Findings and Recommendations. Findings and Recommendations is an audit that summarizes the audit work for each of the systems, which does not include an opinion. It could be considered “consulting” services. SAS 70 Audit. The SAS 70 is an auditing standard created by the AICPA and has two report types – Type I, which the auditor reports an opinion about the operating controls and Type II, that meets the objectives of the Type I additionally includes a detailed test of the effectiveness of the controls.
SAS 94 Audit. SAS 94 audit deals with electronic records and have the purpose to guide and extend the auditor responsibilities in reference to internal controls knowledge as a part of a regular financial audit. Appropriate Audit Recommendations and Steps for each Process Accounts Payable. The appropriate IT audit for accounts payable (A/P) is the SAS 94 Audit. The steps that are taken for the SAS 94 Audit and ones that Kudler will use is the application software review. The steps are to do a limit, range, validity and completeness check. Accounts Receivable.
The appropriate IT audit for accounts receivable (A/R) is also the SAS 94 Audit. This is for the same reasons. Kudler will check different areas to see how to handle different errors as they arise and to be sure that the system is checking for the errors within a timely manner by using software review. Inventory. The appropriate IT audit for inventory is also SAS 94 audit. SAS 94 audit uses administration review to determine how accurate the inventory is and how accurate the transactions for inventory are. The steps that are taken for this is to identify any areas that may have fraudulent information.
According to COSO (2010), Inventory is the most misstated asset in an IT audit, pg 18. Para 14. Payroll. The appropriate IT audit for payroll is also SAS 94 audit. SAS 94 audit software review uses the steps to test payroll in the same ways that it will test A/R and A/P. Kudler will have the ability to test payroll, A/R, and A/P in the same audit test and possibly at the same time. Events that could Prevent Reliance on Auditing through the Computer Since we have discussed what types of audits we recommended for each accounting process.
We would now like to focus on certain events that can assist Kudler’s Fine Foods on the events that could prevent the reliance on auditing through a computer. The events that must happen involve testing the data, validate computer programs, review the system software, validate user accounts and access privileges, and embed modules to achieve continuous auditing. Testing the data. The first event that has to happen is gathering data that can be tested and see how the data is processed . In more complex systems the data have to be put through an integrated test facility in order to audit the operational settings.
Data sometimes will go through a parallel simulation which is time consuming but will audit the processes to see if they are functioning according to company policies. Validate Computer Programs. The Next event deals with using audit techniques to validate new computer programs that upgrade or enhance the software by installing the internal controls to protect against unauthorized changes and it will also help develop better company software. This event also compare the new or enhanced program with the old software to see what processes or improved or useless. Review of System Software.
The third event actually reviews the systems software controls of the operating system and its utility programs that perform the housekeeping. It also reviews the program library controls, monitors storage programs, and accesses control software. The event is do in order make sure all the controls are in place and functioning and to ensure all controls we approved the documentation or by using the software tools. Validate User Accounts and Access Privileges. The fourth event that is validating user accounts and access privileges that will ensure who has access to what data and what account have to be set up to ensure security and accuracy.
The auditor needs to verify that the software parameters are there but make sure that the IT staff is using them correctly in or for this event to happen. Continuous Auditing. The last event is continuous auditing in which all the data will be audited as it is processed to ensure real time assurance and to provide faster financial reporting that is accurate. This process is done by embedded audit modules which capture the audit data, exception reporting that reject data that fall outside the predetermined specifications, transaction logging tag certain transaction so they can be reviewed to see f the controls in place are working, snapshot techniques examine the way special transactions are processed, and continuous simulation is involved in collecting data and comparing it to data in a database management system to look for discrepancies. These tools are designed to audit controls and procedures when no auditor is present. Conclusion In conclusion we feel that this audit proposal will effectively help the Kudler’s Fine Foods organization determine what type of audit to use for each accounting process. The recommendations will help this organization achieve the structural controls needed in order to function in the modern world.
We will be pleased the help this organization in achieve continuous auditing which will help with getting away from auditing through a computer. By going through the various processes of auditing Kudler's Fine Foods will have success and continues to gain market share in its industry. References Bagranoff, N. A. , Simkin, M. G. , & Strand Norman (2008). Core Concepts of Accounting Information Systems (10th ed. ). New York: NY: John Wiley & Sons, Inc. Galvenston (2012). How to Create Flowcharts for an Accounting Information System, eHow, Demand Media, Inc. , retrieved online July 8, 2012 from http://www. how. com/how_6827920_create-flowcharts-accounting-information-system. html. Grocery Store POS Software Solutions. (2010). Retrieved online July 8, 2012 from http://comcash. com/grocery. php Hunton, J. A. , Bryant, S. M. , & Bagranoff, N. A. (2004). Core Concepts of Information Technology Auditing. New York, New York: Wiley & Sons. O’Brien, J. A. , & Marakas, G. M. (2008). Management Information Systems (8th ed. ). Boston, MA: McGraw-Hill. COSO. (2010). Fraudulent Financial Reporting . Retrieved from http://www. coso. org/documents/COSOFRAUDSTUDY2010_001. pdf