Scribd
Upload
431 views6 pages

Study Notes 4 PAPS 1013

Study notes for our course in Auditing in a CIS environment, regarding the Philippine Auditing Practice Statement.

Uploaded by

Francis Ysabella Balagtas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
431 views6 pages

Study Notes 4 PAPS 1013

Study notes for our course in Auditing in a CIS environment, regarding the Philippine Auditing Practice Statement.

Uploaded by

Francis Ysabella Balagtas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

AA 3201

COURSE NAME

NAME:
Francis Ysabella S. Balagtas

SCHEDULE:
Group 2 MW 6:00-7:30

PROFESSOR:
Ms. Robee Ann Aranas
Contents
Introduction.................................................................................................................................................... 3
Purpose..................................................................................................................................................... 3
Skills & Knowledge........................................................................................................................................ 3
REQUIREMENTS.......................................................................................................................................................3
Knowledge of the Business............................................................................................................................ 3
Entity’s Business Activities and Industry....................................................................................................4
Entity’s E-Commerce Strategy................................................................................................................... 4
Extent of Entity’s E-Commerce Activities...................................................................................................4
Entity’s Outsourcing Arrangements............................................................................................................ 4
Risk Identification.......................................................................................................................................... 4
Legal and Regulatory Issues...................................................................................................................... 5
Internal Control Considerations..................................................................................................................... 5
Security...................................................................................................................................................... 5
Transaction Integrity................................................................................................................................... 5
Process Alignment..................................................................................................................................... 5
The Effect of Electronic records on Audit Evidence.......................................................................................6
Philippine Auditing Practice
Statement 1013
Effective date: December 31, 2003

Introduction
Purpose
1. To provide guidance to assist the auditors who are involved with entities who use connected computers over
a public network (the Internet).
2. To address specific matters to assist the auditor when considering the significance of e-commerce.
3. To provide material to enhance awareness of financial statements audit issues in this rapidly developing
area.

Internet
The worldwide network of computer networks, it is a shared public network that enables
communication with other entities and individuals around the world.

Skills & Knowledge


This will vary in accordance with the complexity of the entity’s e-commerce activities.

REQUIREMENTS
 Understand the entity’s e-commerce strategy and activities
 Understand the technology used and the IT skills and knowledge of entity personnel.
 Understand the risks involved in the entity’s use of e-commerce.
 Determine the nature, timing, and extent of audit procedures
 Evaluate audit evidence
 Consider the effect of dependence on e-commerce activities.

Knowledge of the Business


This section requires that an auditor should have sufficient knowledge of the business in order for the auditor to
identify and understand the events, transactions, and practices that are significant to the audit report.

This includes:
 General knowledge of the economy and industry in which the entity operates.
Entity’s Business Activities and Industry
 E-commerce activities may be complementary.

EXAMPLE: The entity may use the Internet to sell conventional products (such as books or
CDs), delivered by conventional methods from a contract executed on the Internet.

 E-commerce may represent a new line of business and the entity may use its web site to both sell and
deliver digital products via the Internet.

Entity’s E-Commerce Strategy


This may affect the security of the financial records and the completeness and reliability of the financial information
produced.

Auditors should know about the usual aspects:

- Involvement of those charged with governance


- If the e-commerce supports a new activity or existing activities
- Sources of revenue
- Management’s evaluation of how e-commerce affects the earnings and financial reqs
- Management’s attitude to risk
- Extent of e-commerce opportunities and risks identified
- Management’s commitment to relevant codes of best practice

Extent of Entity’s E-Commerce Activities


This aspect affects the nature of risks to be addressed by the entity.
Security infrastructure and related controls can be expected to be more extensive where the web site is
used for transacting with business partners, or where systems are highly integrated.
New ways of transacting business will differ from traditional forms of business
activity and will introduce new types of risks.

Entity’s Outsourcing Arrangements


Entity’s may depend on other service organizations to provide many or all of the IT requirements of e-commerce.
EXAMPLE: Internet Service Providers, Application Service Providers

The certain policies, procedures, and records maintained by these service organizations may be relevant to the audit
report.

Risk Identification
Business risks include the following:

 Loss of transaction integrity


 Pervasive e-commerce security risks (virus attacks and customer fraud)
 System availability risks
 Loss of information privacy
 Improper accounting policies
 Noncompliance with taxation and other legal and regulatory requirements
 Failure to ensure that e-contracts are binding
 Over reliance on e-commerce
Measures to mitigate these risks:

 Verify customer and supplier identity


 Ensure integrity of transactions
 Ensure the availability of information and information systems
 Obtain agreement on all terms and conditions that matter
 Obtain payment form and secure credit facilities for customers
 Establish privacy and information protection controls

Legal and Regulatory Issues


Issues that are relevant in an e-commerce environment:

 Adherence to national and international privacy requirements


 Adherence to national and international requirements for regulated industries
 Enforceability of contracts
 Legality of particular activities
 Risk of money laundering
 Violation of intellectual property rights

Internal Control Considerations


Security
In a public network, security is regarded as a very important accessory to maintain the integrity and confidentiality of
the information.

The auditor shall consider:

- The effective use of firewalls and virus protection software


- The effective use of encryption
- Controls over the development and implementation of systems
- Continued effectivity of the security controls put in place.
- Whether the control environment supports the control procedures

Transaction Integrity
The auditor considers the completeness, accuracy, timeliness and authorization of information provided for
recording and processing in the entity’s financial records. This aspect is largely concerned with the evaluating the
reliability of the systems in use for capturing and processing such information.

Process Alignment
This refers to the integration of the IT systems with one another, ultimately operating as one system. This aspect
shall affect the:

a. Completeness and accuracy if transaction processing and storage of information.


b. Timing of recognition of financial accounts
c. Identification and recording of disputed transactions.
The Effect of Electronic records on
Audit Evidence
Electronic records may be considered to be very efficient, nowadays, but only when it has the proper controls and
security. They can be easily destroyed or altered without leaving evidence of such alteration.

Solution:
1. The auditor shall test automated controls.
2. The auditor shall also confirm transaction details or account balances with third parties.

You might also like