Audit 2

APPOINTMENT OF FIRST AUDITOR The first auditor of a company is appointed by the directors within sixty days of the date of incorporation of the company and first auditor holds office upto the conclusion of the first annual general meeting. If the directors fail to appoint first auditor, the members in general meeting may appoint the first auditor. APPOINTMENT OF AUDITOR BY THE SECURITIES AND EXCHANGE COMMISSION OF PAKISTAN The Commission has the power to appoint auditor under following circumstances (1)

If first auditor is not appointed within one hundred and twenty days of the date of incorporation of the company.

(2)

Subsequent auditor is not appointed at an annual general meeting.

(3)

Auditor appointed is unwilling to act as auditors of the company.

(4)

A casual vacancy in the office of an auditor is not filled within thirty days after the occurrence of the vacancy,

Notice of Commission for appointment of auditor. The company has to give notice within one week of the power becoming exercisable for exercise of its power and factual situation. The remuneration of the auditor appointed under the situation is also fixed by the Commission. SUBSEQUENT AUDITOR First auditor stands retired on the conclusion of first annual general meeting and subsequent auditor is appointed in the said annual general meeting. Thereafter, the auditor is appointed by the members at each annual general meeting and the auditor holds the office until next annual general meeting. An auditor can be re-appointed.

  :­ 

- 1 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

The members consider and approve the appointment of the auditor who is recommended by the directors in their board of directors' meeting. Agenda of the annual general meeting is always decided by the directors. FILLING OF CASUAL VACANCY OF THE AUDITOR Casual vacancy of the auditor is filled by the directors and the remuneration of such auditor is fixed y the directors as well. The surviving or continuing auditor can continue to act as auditor during the period. Auditor appointed to fill in the casual vacancy holds office till the remaining tenure of the auditor i.e. till the conclusion of the next annual general meeting.

  :­ 

- 2 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

PROCEDURE OF CHANGING AN AUDITOR Although heading of section 253 of the Companies Ordinance, 1984 contains the word "removal" but nothing has been stated about removal of auditors. There is still controversy whether an auditor can be removed of not. One version is that he cannot be removed before expiry of his tenure and this version speaks of the independence of the auditors. But other version discusses that he can be removed so that the auditors may not be bale to exert undue pressure on the company. If the version of removal of auditors is accepted, the company, either listed or unlisted, should make appropriate measures that the removal is not unfair. Following procedure may be adopted. Board meeting: The proposal for removal of auditors is considered and approved by the directors in the Board of Directors meeting. Notice to Auditors Notice for removal is given to the auditors. Representation by auditors The auditor is allowed to make representation against his removal. Notice to Members Notice accompanied with representation is sent to the members. The notice also contains proposal of appointing new auditors. General Meeting The proposal of removal of auditors is considered and approved by members as an ordinary resolution. The Chairman may allow the auditor to present his representation. The members also approve appointment of new auditors. Filling of Form 29 Removal of existing auditors and appointment of new auditor is notified on Form 29 within 14 days. Consent of new auditors is enclosed.

  :­ 

- 3 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

LEGAL REQUIREMENTS ABOUT THE REMUNERATION OF THE AUDITOR Under section 252 of the Companies Ordinance, 1984 provides the legal requirements about the remuneration of the auditor. According to which remuneration of first auditor is fixed by the directors and subsequent auditor by the members in the general meeting. The remuneration is fixed by the directors or Securities and Exchange Commission of Pakistan in case the auditor is appointed by the directors to fill casual vacancy or by the Commission in exercise of its power conferred under the law. The Institute of Chartered Accountants of Pakistan in its 136th meeting of the Council held on January 29, 2000 decided and issued ATR 14 (Revised). According to which minimum hourly charge out rates for audit work by practicing members have been suitably increased. These are exclusive of traveling, hotel expenses, out of pocket expenses and other disbursements: Partner Qualified assistants Senior (5 years and above Junior (0-5 years) Supervisor Senior Semi-Senior Junior

Rs. 3,000 Rs. Rs. Rs. Rs. Rs. Rs.

1,800 1,200 450 300 240 150

The actual fees charged in individual cases will be a matter of agreement between the member and the client.

  :­ 

- 4 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

QUALIFIED AUDIT REPORT The auditor is required to make a report to the members of the company on the accounts and books of accounts of the company and on every balance-sheet and profit and loss accounts or income and expenditure account. His report covers all other document forming part of the balance-sheet and profit and loss account or income and expenditure account, including notes, statements or schedules annexed with the financial statements and which are laid before the members of company in general meeting during his tenure of office. This report covers the following matters: -

  :­ 

(a)

Obtaining of all information and explanations necessary for the purposes of the audit.

(b)

Proper books of accounts required by the Companies Ordinance, 1984 have been kept by the company.

(c)

Preparation of the balance-sheet and profit and loss account or in the income and expenditure account in conformity with the Companies Ordinance, 1984 and in agreement with the books of accounts.

(d)

Opinion regarding the true and fair view of the (1) balance sheet as at the end of its financial year (2) the profit and loss account or the income and expenditure account and profit, loss surplus or deficit for its financial year and (3) the statement f changes in financial position or sources and application of funds of a listed company, of the changes in the financial position or the sources and application of funds for its financial year.

(e)

Opinion regarding (1) incurring of expenditure during the year for the purposes of the company's business and (2) conducing the business, making investments and incurring of expenditure during the year in accordance with the objects of the company, and

(f)

Deduction of Zakat deductible at source under the Zakat and Usher Ordinance.

- 5 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

Qualification notes of the auditors.If the auditor's report contains a reference to any other report, statement or remarks which they have made on the balance sheet and profit and loss account or income and expenditure account examined by them, such statement or remarks are required to be annexed to the auditor's report and is considered to be a part of the auditor's report.

  :­ 

- 6 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

AUDITOR’S REPORT We have audited the annexed balance sheet of Askari Leasing Limited as at 30 June 1999 and the related profit and loss account and the statement of changes in financial position, together with the notes forming part thereof, for the year then ended and we state that we have obtained all the information and explanations which to the best of our knowledge and belief were necessary for the purposes of our audit and, after due verification thereof, we report that: a)

In our opinion, proper books of account have been kept by the company as required by the Companies Ordinance, 1984;

b)

In our opinion: i)

The balance sheet and profit and loss account together with the notes thereon have been drawn up in conformity with the Companies Ordinance, 1984 and are in agreement with the books of account and are further in accordance with accounting policies consistently applied except for the change as explained in note 2.3 with which we concur;

ii)

The expenditure incurred during the year was for the purpose of the company's business; and

iii)

The business conducted, investments made and the expenditure incurred during the year were in accordance with the objects of the company;

c)

In our opinion and to the best of our information and accordingly the explanations given to us, the balance sheet, profit and loss account and the statement of changes in financial position, together with the notes forming part thereof, give the information required by the Companies Ordinance, 1984 in the manner so required and respectively give a true and fair view of the state of the' company's affairs as at 30 June 1999 and of the profit and the changes in financial position for the year then ended; and

d)

In our opinion Zakat deductible at source under the Zakat and Ushr Ordinance, 1980 was deducted by the company and deposited in the Central Zakat Fund established under section 7 of that Ordinance.

ISLAMABAD November 8, 1999

  :­ 

CHARTERED ACCOUNTANTS

- 7 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

THREE QUALIFYING NOTES REVENUE RECOGNITION The company has changed its revenue recognition policy for lease contracts executed during the year ended June 30, 1999. The policy has been changed to comply to the provisions of revised International Accounting Standard for Leases (IAS17) and to adhere to the directive dated August 1, 1999 issued by the Institute of Chartered Accountants of Pakistan. Consequently, it has not been considered necessary to give disclosures required under IAS8. Due to this change in accounting policy lease income and profit for the year has decreased by Rs. 18,966,186. FOREIGN CURRENCY TRANSACTIONS Transactions in foreign currencies are accounted of in rupees at the rates of exchange ruling on the date of the transactions. Monetary assets and liabilities in foreign currencies are translated into rupees at the rate of exchange ruling at the balance sheet date, except for liabilities covered under State Bank of Pakistan exchange risk cover scheme, which are translated at contracted rates. Exchange gains and losses are taken to the profit and loss account. OFFSETTING LIABILITIES

OF

FINANCIAL

ASSETS

AND

FINANCIAL

Financial assets and financial liabilities are offset at the year ended June 30, 1999 and net amount is reported in the balance sheet, if the company has a legally enforceable right to set off the recognized amounts and also intends to settle the liabilities simultaneously. Corresponding income on assets and charge on liabilities are also reported at next amount.

  :­ 

- 8 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

ADVERSE OPINION It is one of the duty of the auditors to provide opinion regarding the true and fair view of the (1) balance sheet as at the end of its financial year (2) the profit and loss account or the income and expenditure account and profit, loss surplus or deficit for its financial year and (3) the statement f changes in financial position or sources and application of funds of a listed company, of the changes in the financial position or the sources and application of funds for its financial year. In this way the auditor states that in his opinion, the financial statements do not give a true and fair view. The auditor expresses an adverse opinion on a particular aspect of the financial statements, which is not considered fundamental. DISCLAIMER In a disclaimer of opinion, the auditor states that he is unable to form an opinion as to whether the financial statements give a true and fair view. This occurs when the auditors conclude that they have not been able to obtain sufficient evidence to support, and accordingly are unable to express, an opinion on the financial statements.

  :­ 

- 9 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

Risk in audit means the change of damage to the audit firm as a result of giving an audit opinion that is wrong in some particular. INHERENT RISK Inherent risk which derives from the nature of the entity and of its environment prior to the establishment of internal controls. Some enterprises are inherently more risky than other. e.g. new versus old established. Inherent factors include background knowledge of the client and post audit record indication no special difficulties. CONTROL RISK Control risk is defined as the risk that a misstatement that could occur in an account balance or class of transactions and that could be material, either individually or when aggregated with misstatements in other balances or classes, would not be prevented, or detected and corrected on a timely basis, by the accounting and internal control system. DETECTION RISK The risk that the auditor's substantive procedures and his review of the financial statements will not detect material errors. Detection risk arising out of small based substantive tests. Some of these are sub-set of others (e.g. sampling risk of detection risk). Many modern writers consider the use of risk based auditing as a new direction in auditing, contrasting with the older substantive testing and systems based auditing. Risk based auditing takes account of substantive test risk, internal control risk, detection risk, analytical control risk, sampling risk and inherent risk.

  :­ 

- 10 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

MANAGEMENT AUDIT

STATUTORY AUDIT

Scope - the extent of the work undertaken. 

This audit work is determined by management.



This auditor's work is laid down by statute.

Approach 

Auditor may have a number of aims in his work including an appraisal of the efficiency of the internal control system and the management information system.



Auditor is interested primarily in the truth and fairness of the accounts.

Responsibility - Both are of course answerable to their consciences and the ethical conceptions of their professional bodies. 







  :­ 

The auditor is answerable only to management.



The auditor is responsible to shareholders and arguably to an even wider public.

Management and statutory auditors do similar work and economics dictates that they should co-operate. Management audit has many objectives and some of these may be useful to a statutory auditor. The statutory auditor must assess the management auditor and his work. The extent of reliance may depend on materiality, audit risk, level of judgement required, the level of complementary evidence and the specialist skills required.

- 11 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment



The process of relying on the work of a management auditor must be planned, controlled and recorded.

COMMON INTERESTS 

An effective system of internal control.



Continuous effective operation of such system.



Adequate management information flow.



Asset safeguarding.





Adequate accounting system (for example to comply with the Companies Ordinance, 1984). Ensuring compliance requirements.

with

statutory

and

regulatory

AREAS OF WORK OVERLAP 

This can apply in the following areas:



Examination of the system of internal control.



 

  :­ 

Examination of the accounting records and supporting documents. Verification of assets and liabilities. Observation, enquiry and the making of statistical and accounting ratio measurements.

- 12 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

Management audit can be defined as "an independent appraisal function established by the management of an organization for the review of the internal control system as a service to the organization. It objectively examines, evaluates and reports on the adequacy of internal controls as a contribution to the proper, economic, efficient and effective use of resources". Management auditors are employees of the organization and work exclusively for the organization. Their functions are determined by management and very greatly from organization to organization and also partly overlap those of the external auditors and in part are quite different. Their job is to appraise the activity of other, not to perform a specific part of data processing. Their activities are to ensure that:  The policies are fulfilled  The information to manage effectively the organization is reliable and complete. This information is not only that provided by the accounting system.  The organization's assets are safeguarded.  The internal control system is well designed.  The internal control system works in practice.

  :­ 

- 13 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

QUALITIES  

 







  :­ 

Should be truly independent in mind and attitude. Their unit should be adequately staffed in terms of number, grades and experience. They should be fully trained. Should foster constructive working relationships and mutual understanding with management, with external auditors, with any review agencies and where appropriate with an audit committee. Mutual understanding is the goal. Should behave much as an external auditor in terms of skill, care and judgment. Should be up-to-date technically and have personal standards of knowledge, honesty, probity and integrity much as an external auditor. It is desirable that the management auditor be qualified as much because of the ethical as the technical standards implied by membership of a professional body.

- 14 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

Electronic Data Processing (EDP) has revolutionized the accounting and control methods of many concerns in recent years. The technical innovations have reduced prices to the extent that EDP methods are now available to even the smallest firms. The approach of an auditor to a computerized system is not fundamentally different from that to a manual, or mechanical or electro-mechanical system. His approach in the majority of audits is to determine, evaluate and test the system to see that it: 

 

Produces records that form a reliable basis for the preparation of accounts. Safeguards the assets. Audits are executed in accordance with the Auditing Standards either for EDP or manual. However, there are some features of computerized systems which make it necessary to change some of the audit approach.

More and more firms are using EDP for their accounting. Methods range from the use of giant mainframe computers to desktop machines, from centralized computer departments to the use of outside bureaux, from real-time systems to electronic invoicing systems. The auditor has to adopt himself to this revolution. However, it must be emphasized that the auditor's duties remain the same whatever the data processing systems is used. The accounting environment, in which computer-based accounting systems are developed, maintained and operated and which therefore apply to all individual applications. The objectives of these are to ensure: 

and

implementation



the integrity of programme and data files



the integrity of computer operations



Internal control in an EDP system is vital.





  :­ 

Proper development applications;

of

new

EDP systems have characteristics which have effects on the auditor's approach. Some basics ideas about internal control in EDP systems have been developed. - 15 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment







 



General controls are concerned with the environment in which the computer is operated and systems and programmes are developed and implemented. Applications controls are concerned with the transactions and data specific to each application. The use of the word "control" must be understood. the objective of controls is to ensure that: The records are accurate, reliable, and free from error. Frauds are not committed, or if they are, that they are promptly uncovered. Assets are safeguarded.

The possibility of errors and fraud occurring in EDP systems is much larger than in manual system. The likelihood of discovery is also much less. therefore, there is a need for well designed control systems which are carefully monitored in operation. Any system or programme which is put into operation will continue to be used with amendments for a long time possibly many years. If any such system or programme can permit or cause error or fraud then its effect will be continuous and not "one-off". Consequently inadequate systems can cause large losses or even corporate failure. To prevent inadequate systems being used standards must be prescribed for the design, development, testing and implementing of systems, programmes and amendments to them. Control must be instituted to ensure that these standards are adhered to.

  :­ 

- 16 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

SECURITY CONTROL Computer systems are now found in the smallest companies. Very often these are systems bought off the peg without all the development. It is these systems that tend to have error and fraud potential. The auditor can have an advisory role in their implementation to ensure that the information provided from the system will be adequate to produce proper accounting records and accounts which show a true and fair view. For the purposes of security control: 



A basic segregation is between the computer department and the rest of the organization. Within the computer department division is usually i. ii. iii.



Generally duties should be arranged so that: i. ii. iii. iv. v.



Manually maintained records are not accessible to computer personnel. No person has charge of the complete processing of a transaction. Development personnel have no access to operational processing. Input generation is separated from input control and computer operations. All operations are supervised.

Control over computer operators: i. ii. iii. iv.

  :­ 

Development of systems and programmes Operations - actual processing of data Control and management of the EDP Functions.

Rotation of duties so that no person is responsible alone for any aspect of work. The use of machine generated logs specifying the programmes used and processing done. These have to be reviewed by a senior official. Recording of operator intervention in programmes. This applies mainly to main frame computers. Physical access. Methods to restrict access to computers include locks and keys, close circuit television surveillance and lockable terminals.

- 17 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

v.

Access via terminals. Methods to achieve this include the uses of specific passwords for terminals or particular applications. vi. The scheduling of work to prevent bottlenecks and to promote efficiency and maximum usage of the hardware. vii. Two operator per shift. This is basic internal control and prevents some types of fraud except where there is collusion. viii. Precise and detailed operating instructions for each programme.

  :­ 

- 18 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

GENERALIZED COMPUTER AUDIT PROGRAMME This consists of computer programmes used by an auditor to read magnetic files and to extract specified information from the files as well as to carry out audit work on the contents of the file.  



Selection of representatives or transaction or items for audit tests.

randomly

chosen

Scrutiny of files and selection of exceptional items for examination.



Comparison of two files and printing out differences.



Preparation of exception reports.



Stratification of data.



Carrying out detail tests and calculations.



 







  :­ 

Uses of computer audit programmes

Verifying data such as stock or fixed assets at the interim stage and then comparing the examined file with their end file so that only changed items need be examined at the final audit. Comparison of files at succeeding year ends. There can be no doubt that standard computer audit programme packages will be in general use in the near future. Use of audit software raises the visibility of the auditor in the eyes of the company. It makes the audit more credible. Interesting "Quirks" in the system are often discovered and can be reported to management. This also makes the audit more credible. Packages are not usually available for small machines.

- 19 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

ON LINE REAL TIME SYSTEM On line and real time systems are growing in number particularly in banks, building societies, and other financial institutions. The auditor has the same duties whatever the system but his techniques will need to change to accommodate this type of processing. Special difficulties will arise because: i. ii. iii.

Information will be stored and continuously changed. There will be a minimum of print outs and a minimum of permanently retained data. Authority for approval of a transaction will be under programme control. i.e., without human intervention.

The auditor's problems will however, not be insuperable and the following points need to be made. a. b. c. d.

e. f. g.

  :­ 

External evidence will still be available. The audit trail will still exist, as management will need to trace transactions. The use of compute audit programme will increase and become more sophisticated. Internal Control evaluation is already very important as audit evidence. In some parts of real time systems the only evidence of record reliability may be adequate internal control. The client will himself set up extensive monitoring and testing systems. The client will probably set up internal audit support. Modern systems feature rapid search facilities on remote terminals.

- 20 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

PROGRAMME DOCUMENTATION. Every programme should be fully documented and recorded in it all activities. This must be on standard stationery in accordance with prescribed methods. Programme documentation will include: a. b. c. d. e. f.

Flow charts of clerical and computer procedures. Types of input and specimens of input forms. The form and content of master and other files. The processing detail and how error conditions will be specified and dealt with whether by rejection or notice on the screen for operator correction. The output forms specified and who the output is to be distributed to. The control to be operated on the system to ensure completeness and accuracy of processing and how the audit trail is maintained.

Programming documentation will include: a. b. c. d. e.

  :­ 

Block diagrams as well as program listings A statement of control procedures incorporated into the programs. These will be particularly important to the auditor. Detailed instructions to the operators with special reference to error routines. How the programs were tested and the results of testing. Details of all amendments to the programs and how they were tested, authorized, approved and implemented.

- 21 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

SPECIAL AUDIT There are innumerable types of business and all of them have accounts prepared and most of them have these accounts audited. Every type of business has its audit problems but the sheer number of different types makes it impossible to discuss these problems in any other than a general way. Some enterprises should have their audits conducted in accordance with special audit guidelines. These include charities, trade unions, etc. Special features of audit of a charitable institution

  :­ 

1.

The auditor must understand the constitution of the charity i.e., under the guarantee, law of trusts or unincorporated bodies. The auditor must understand it in detail with particular reference to any accounting or auditing regulations.

2.

A letter of engagement stating to whom auditor should report.

3.

Funding must be investigated and evidence found for the inclusion of all funds received. Some of these may be grants and a notable point is that grants may be repayable in certain circumstances. A provision may be required for this or at least a note to the accounts.

4.

Legacies from another form of income and it is difficult for an auditor to be sure all have been received especially if these are reversions. The auditor should see that the charity has procedures to ensure tall legacies are received. This may require legal assistance to search all notified wills.

5.

Direct donations can often be verified by a proper system for opening the post or by the publication of a list of donors.

6.

Cash collections are impossible to verify for completeness but some work can be done. The charity should have a system for issuing collecting tins and for recording their returns. Counting should be done by several people and cash counts acknowledged in writing. A good system is required not only for the benefit of the charity but also for the protection of the volunteers. - 22 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

  :­ 

7.

Expenditure can be verified by reference to written evidence. Expenditure should be authorized by committee minute or by delegated authority. Yearend liabilities should be particularly examined to ensure all are included.

8.

Fixed assets can be verified in the usual way. However, a particular problem arises with gifts of fixed or other assets in kind. These should be valued in some appropriate way to recognize and account for the asset.

9.

A point arises on liquidity and going concern. Some charities are government, local authority or other grant dependent. In he wake of lowered expenditure by these bodies, some charities may have liquidity problems and may not even be going concerns.

10.

The auditor should always make a report.

11.

Most charities produce accounts although these are often just cash receipts and payments accounts. Most of these receive some form of audit although the auditor is often not a qualified accountant and is often not paid for his pains. It is essential that the auditor takes his duties seriously and applies his sills with proper care.

- 23 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

ANALYTICAL PROCEDURE Analytical procedures are used to describe the analysis of significant ratios and trends including the resulting investigation of unusual fluctuations and items. It includes comparison of financial information with (i) comparable information for a prior or periods; (ii) anticipated results, such as budgets or forecasts; and (iii) similar industry information or with other entities of comparable size in the same industry. Factors that should be considered before relying upon analytical procedures are given as under:





 

  :­ 

Materiality of the items involved in relation to the financial information taken as a whole. The auditor may rely only on analytical procedures for certain expense items when they are not individually significant to the financial information taken as a whole and there is an absence of unexpected fluctuations. Other audit procedures directed toward the same audit objectives. Accuracy with which the expected result of analytical procedures can be predicted. Evaluation of internal controls. Reliance to be placed on the results of analytical procedures will depend on the auditor's assessment of the risk that the analytical procedures may identify relationships as expected when, in fact, a material misstatement exists.

- 24 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

PERMANENT AUDIT FILE This type of file is created for the following purposes: 





  :­ 

The object is to ensure that file is maintained correctly and protected for erroneous or deliberate corruption or unauthorized alterations. File integrity is the aim. This also to ensure that the completeness of accounting record. The accuracy of accepting records and the validity of accounting records. Techniques for ensuring the completeness, accuracy and authorization of amendments to master file and standing data files and for ensuring the completeness and accuracy of the processing of these amendments. Master files and standing data files can be controlled by the use of record counts and hash totals which are established and checked each time the file is used.

- 25 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment

CONTROL ENVIRONMENT The Electronic Data Processing environment in which microcomputers are used is less structured than a centrally controlled EDP environment. The controls over the system development process and operations which are essential to the effective control of a large computer environment may not be viewed by the developer, the user or management as being as important or cost-effective in a microcomputer environment. However, because the data are being processed on a computer, users of such data may tend to place unwarranted reliance on the financial information stored or generated by a microcomputer. In a typical microcomputer environment, the distinction between general EDP controls and EDP application controls may not be easily ascertains. Use of security and control procedures that can help improve the overall level of internal control.

  :­ 

- 26 Ejaz Alam Khan H-5279752 – Auditing – 2nd Assignment