Today’s auditors must possess additional skills in order to perform their work. As more and more businesses use information technologies (IT) and set up an information system (IS) to process all their data, auditors must get acquainted with essential aspects of their clients’ information systems and also make use of information technology in order to perform their duties. In this essay, we will attempt to answer the following two questions: 1) “What aspects of clients' accounting information systems must be understood by auditing professionals?” and 2) “How should auditing professionals use their firm's information technology in performing their work?”
As the use of information systems has extended over the past decade and continues to do so, auditors must understand that many business entities are in the process of going “paperless”, that is keeping all records in electronic form only. Hence, tasks which were previously performed manually are now completely automated.
Another aspect that the auditor is concerned with when performing an audit for an entity which uses information systems is the process by which authorization to information systems related to financial reporting is granted to certain individuals. The auditor must know who has access and what type of access is authorized, especially because this affects internal control issues.
In other words, the auditor must understand that an information system is as efficient as the people who operate it. If the personnel operating the information system is not well-informed and sufficiently trained in using the IS, mistakes are more likely to happen. Likewise, the engineers in charge of designing the information system might not have a good understanding of the company’s operations and how it processes transactions for financial reporting purposes, which is an issue the auditor must be aware of.
Because the auditor’s job is to make sure that the entity is correctly processing the data related to financial reporting, he or she must be aware of any changes to the information system used by the client and how those changes have affected the process of financial reporting.
As expressed on the Statements of Auditing Standards No. 109, auditors should pay very close attention to how the information system used by the entity treats the following: “different types of transactions, whether the procedures are automated or manual, keeping of accounting records, preparation of financial statements .” It is important for auditors to keep in mind that information systems still require manual input and because of that, even when data is automatically transferred to financial reporting elements, errors can still be found. The auditor must assess how these issues are internally handled by management and the IT professionals.
Auditors must also acquire an understanding of the general controls that contribute to the proper functioning of the client’s information system. Any malfunctioning of these...