Audit Proposal
Team C analyzed the accounts payable, accounts receivable, payroll, and inventory systems for Kudler Fine Foods. Kudler would now like to see a proposed audit schedule for these systems. The team will distinguish between the types of audits that may use for each process. The team will also recommend the most appropriate audit for each process and explain how to conduct the audits. Identifying events that may prevent reliance on auditing through the computer will also be presented to Kudler for review (Apollo Group, 2009).
Types of Audits The types of information technology audits are attestation, findings and recommendations, SAS 70 audits, and SAS 94 audits. If Kudler wants the auditor to provide an assurance for each of the system, an attestation audit could be used. An attestation audit can assist Kudler by issuing reports on examinations, reviews, or agreed-upon procedures. An attestation audit can provide Kudler with independent assurance on the reliability or validity of information related to the four systems under review (KPMG, 2011). A findings and recommendations audit can provide Kudler with other information about each system. A findings and recommendations audit includes system implementations, security reviews; database application reviews; IT infrastructure and improvements needed engagement; project management; and IT internal audit services. If Kudler chooses to use a findings and recommendations audit, no opinion will be produced, only a summary of the audit for each of the systems (Hunton, Bryant, & Bagranoff, 2004). A SAS 70 audit is generally to provide assurance about the existence and effectiveness of the company’s internal controls around a service provided to others. Kudler is not a service provider. However, Kudler does transmit data to the Electronic Payment Clearing House for automatic submission of the credit card transactions to the applicable financial institutions. A SAS 70 could be beneficial to
Types of Audits The types of information technology audits are attestation, findings and recommendations, SAS 70 audits, and SAS 94 audits. If Kudler wants the auditor to provide an assurance for each of the system, an attestation audit could be used. An attestation audit can assist Kudler by issuing reports on examinations, reviews, or agreed-upon procedures. An attestation audit can provide Kudler with independent assurance on the reliability or validity of information related to the four systems under review (KPMG, 2011). A findings and recommendations audit can provide Kudler with other information about each system. A findings and recommendations audit includes system implementations, security reviews; database application reviews; IT infrastructure and improvements needed engagement; project management; and IT internal audit services. If Kudler chooses to use a findings and recommendations audit, no opinion will be produced, only a summary of the audit for each of the systems (Hunton, Bryant, & Bagranoff, 2004). A SAS 70 audit is generally to provide assurance about the existence and effectiveness of the company’s internal controls around a service provided to others. Kudler is not a service provider. However, Kudler does transmit data to the Electronic Payment Clearing House for automatic submission of the credit card transactions to the applicable financial institutions. A SAS 70 could be beneficial to
References: Apollo Group, Inc. (2009). Kudler Fine Foods. Overview. Retrieved from ACC/542 – Accounting Information Systems course website. Hunton, J. A., Bryant, S. M., & Bagranoff, N. A. (2004). Core concepts of information technology auditing. New York: Wiley & Sons. KPMG. (2011). Attestation Services. Retrieved from http://www.kpmg.com/Global/en/WhatWeDo/Audit/Attestation- Services/Pages/default.aspx [pic]