did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780324191981

Information Technology Auditing and Assurance

by ;
  • ISBN13:

    9780324191981

  • ISBN10:

    0324191987

  • Edition: 2nd
  • Format: Paperback
  • Copyright: 2004-07-27
  • Publisher: South-Western College Pub
  • View Upgraded Edition
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $212.95

Summary

Understand how audits take place in the real world with INFORMATION TECHNOLOGY AUDITING AND ASSURANCE and its accompanying ACL software! With coverage of traditional auditing as well as auditing of information systems, this accounting text provides you with the background you need to succeed in the real world. ACL Fraud and Auditing Cases, ACL Tutorials, Computer Aided Audit Tools and Techniques, and Chapter-Ending Projects are just a few of the tools that will prepare you for success in your future career.

Table of Contents

Auditing, Assurance, and Internal Control
2(38)
Different Types of Audits
3(2)
Internal Audits
3(1)
Information Technology Audits
3(1)
Fraud Audits
4(1)
External/Financial Audits
4(1)
External versus Internal Audits
5(1)
What Is a Financial Audit?
5(4)
Attest Services versus Assurance Services
5(2)
Auditing Standards
7(1)
A Systematic Process
8(1)
Management Assertions and Audit Objectives
8(1)
Obtaining Evidence
8(1)
Ascertaining the Degree of Correspondence with Established Criteria
9(1)
Communicating Results
9(1)
Audit Risk
9(2)
Audit Risk Components
10(1)
Audit Risk Formula/Model
11(1)
The Relationship Between Tests of Controls and Substantive Tests
11(1)
What Is the Role of the Audit Committee?
11(1)
What Is an IT Audit?
12(2)
The IT Environment
12(1)
The Structure of an IT Audit
13(1)
Internal Control
14(18)
Brief History of Internal Control
15(2)
Modifying Assumptions
17(1)
Exposures and Risk
17(2)
The PDC Model
19(2)
Statement on Auditing Standards No. 78
21(9)
The Importance of the Internal Controls
30(1)
General Framework for Viewing IT Risks and Controls
30(2)
Summary
32(8)
Computer Operations
40(52)
Structuring the Information Technology Function
41(12)
Centralized Data Processing
41(2)
Segregation of Incompatible IT Functions
43(4)
The Distributed Model
47(5)
Controlling the DDP Environment
52(1)
The Computer Center
53(12)
Computer Center Controls
54(3)
Disaster Recovery Planning
57(7)
Fault Tolerance Controls
64(1)
Operating Systems and System-Wide Controls
65(2)
Operating System Security
66(1)
Threats to Operating System Integrity
67(1)
System-Wide Controls
67(10)
Controlling Access Privileges
67(1)
Password Controls
68(3)
Controlling Against Malicious Objects and E-Mail Risks
71(4)
Controlling Electronic Audit Trails
75(2)
Personal Computer Systems
77(7)
PC Operating Systems
78(1)
PC Systems Risks and Controls
79(5)
Summary
84(8)
Data Management Systems
92(44)
Data Management Approaches
93(4)
The Flat-File Approach
93(2)
The Database Approach
95(2)
Centralized Database Systems
97(17)
Database Management System
97(3)
Users
100(2)
The Database Administrator
102(2)
The Physical Database
104(3)
Three DBMS Models
107(7)
Databases in a Distributed Environment
114(6)
Centralized Databases
114(2)
Distributed Databases
116(2)
Concurrency Control
118(2)
Controlling and Auditing Data Management Systems
120(10)
Access Controls
120(5)
Backup Controls
125(5)
Summary
130(6)
Systems Development and Maintenance Activities
136(56)
Participants in Systems Development
137(1)
Why Are Accountants and Auditors Involved with SDLC?
137(1)
How Are Accountants Involved in the SDLC?
138(1)
Information Systems Acquisition
138(3)
In-House Development
138(1)
Commercial Systems
138(3)
The Systems Development Life Cycle
141(31)
Systems Planning---Phase I
142(2)
Systems Analysis---Phase II
144(5)
Conceptual Systems Design---Phase III
149(4)
System Evaluation and Selection---Phase IV
153(8)
Detailed Design---Phase V
161(1)
System Programming and Testing---Phase VI
162(3)
System Implementation---Phase VII
165(6)
Systems Maintenance---Phase VIII
171(1)
Controlling and Auditing the SDLC
172(9)
Controlling New Systems Development
172(2)
Controlling Systems Maintenance
174(7)
Summary
181(11)
Networks, Internet, and E-Commerce
192(66)
Networks
193(23)
Types
193(1)
Network Topologies
194(3)
Architectures
197(1)
Protocols
198(2)
Components
200(16)
Internet
216(8)
Internet Types/Applications
216(1)
Components
217(1)
EDI
218(6)
Electronic Commerce
224(3)
Types
224(1)
Components
225(1)
Risks
225(2)
Controlling Internet/E-Commerce
227(13)
Controls
228(9)
Audit Objectives
237(2)
Audit Procedures
239(1)
Summary
240(11)
Appendix: Issues of Increasing Importance to the Accounting Profession
251(1)
Seals of Assurance
251(7)
Privacy Violation
253(1)
Audit Implications of XBRL
254(1)
Continuous Auditing
254(1)
Electronic Audit Trails
255(1)
Confidentiality of Data
255(1)
Authentication
255(1)
Nonrepudiation
255(1)
Certification Authority Licensing
255(1)
Data Integrity
256(1)
A Changing Legal Environment
256(2)
Enterprise Resource Planning Systems
258(40)
What Is an ERP?
259(3)
ERP Core Applications
260(2)
Online Analytical Processing
262(1)
ERP System Configurations
262(5)
OLTP versus OLAP Servers
262(4)
Database Configuration
266(1)
Bolt-On Software
266(1)
Data Warehousing
267(8)
Modeling Data for the Data Warehouse
268(2)
Extracting Data from Operational Databases
270(1)
Cleansing Extracted Data
270(1)
Transforming Data into the Warehouse Model
271(1)
Loading the Data into the Data Warehouse Database
271(2)
Decisions Supported by the Data Warehouse
273(1)
Supporting Supply Chain Decisions from the Data Warehouse
273(2)
Risks Associated with ERP Implementation
275(5)
Big Bang versus Phased-In Implementation
275(1)
Opposition to Changes to the Business Culture
276(1)
Choosing the Wrong ERP
276(2)
Choosing the Wrong Consultant
278(1)
High Cost and Cost Overruns
279(1)
Disruptions to Operations
280(1)
Implications for Internal Control and Auditing
280(4)
Transaction Authorization
280(1)
Segregation of Duties
281(1)
Supervision
281(1)
Accounting Records
281(1)
Access Controls
282(1)
Auditing the Data Warehouse
283(1)
Summary
284(6)
Appendix: Leading ERP Products
290(1)
SAP
290(8)
J.D. Edwards
293(1)
Oracle
294(1)
PeopleSoft
295(1)
BAAN
296(2)
Computer-Assisted Audit Tools and Techniques
298(38)
Application Controls
298(22)
Input Controls
299(13)
Processing Controls
312(3)
Output Controls
315(5)
Testing Computer Application Controls
320(3)
Black-Box Approach
320(1)
White-Box Approach
320(3)
Computer-Aided Audit Tools and Techniques for Testing Controls
323(7)
Test Data Method
324(3)
The Integrated Test Facility
327(1)
Parallel Simulation
328(2)
Summary
330(6)
CAATTs for Data Extraction and Analysis
336(42)
Data Structures
337(20)
Flat-File Structures
337(8)
Hierarchical and Network Database Structures
345(1)
Relational Database Structures
346(11)
Embedded Audit Module
357(3)
Disadvantages of EAMS
359(1)
Generalized Audit Software
360(3)
Using GAS to Access Simple Structures
360(1)
Using GAS to Access Complex Structures
361(1)
Audit Issues Pertaining to the Creation of Flat Files
362(1)
ACL Software
363(5)
Input File Definition
363(1)
Customizing a View
363(1)
Filtering Data
364(1)
Stratifying Data
365(1)
Statistical Analysis
366(2)
Summary
368(10)
Auditing the Revenue Cycle
378(58)
Overview of Revenue Cycle Technologies
378(15)
Batch Processing Using Sequential Files---Manual Procedures
379(4)
Batch Processing Using Sequential Files---Automated Procedures
383(5)
Batch Cash Receipts System with Direct Access Files
388(2)
Real-Time Sales Order Entry and Cash Receipts
390(3)
Revenue Cycle Audit Objectives, Controls, and Tests of Controls
393(11)
Input Controls
394(4)
Process Controls
398(4)
Output Controls
402(2)
Substantive Tests of Revenue Cycle Accounts
404(16)
Revenue Cycle Risks and Audit Concerns
404(1)
Understanding Data
405(3)
Testing the Accuracy and Completeness Assertions
408(6)
Testing the Existence Assertion
414(4)
Testing the Valuation/Allocation Assertion
418(2)
Summary
420(16)
Auditing the Expenditure Cycle
436(58)
Overview of Expenditure Cycle Technologies
436(1)
Purchases and Cash Disbursement Procedures Using Batch Processing Technology
437(5)
Reengineering the Purchases/Cash Disbursement System
442(4)
Overview of Payroll Procedures
446(4)
Expenditure Cycle Audit Objectives, Controls, and Tests of Controls
450(12)
Input Controls
450(5)
Process Controls
455(5)
Output Controls
460(2)
Substantive Tests of Expenditure Cycle Accounts
462(13)
Expenditure Cycle Risks and Audit Concerns
462(1)
Understanding Data
463(4)
Testing the Accuracy and Completeness Assertions
467(1)
Review Disbursement Vouchers for Unusual Trends and Exceptions
468(4)
Testing the Completeness, Existence, and Rights and Obligations Assertions
472(3)
Summary
475(19)
Introduction to Business Ethics and Fraud
494(26)
Ethics
495(8)
What Is Business Ethics?
495(1)
How Some Firms Address Ethical Issues
496(3)
What Is Computer Ethics?
499(4)
Fraud and Accountants
503(10)
Factors that Contribute to Fraud
505(1)
Financial Losses from Fraud
506(1)
The Perpetrators of Fraud
506(3)
The Underlying Problems
509(2)
Sarbanes-Oxley Act
511(1)
Anit-Fraud Profession
512(1)
Summary
513(7)
Fraud Schemes and Fraud Detection
520(27)
Fraud Schemes
520(8)
Fraudulent Statements
521(1)
Corruption
521(2)
Asset Misappropriation
523(5)
Auditor's Responsibility for Detecting Fraud
528(3)
Fraudulent Financial Reporting
529(1)
Misappropriation of Assets
529(1)
Auditor's Response to Risk Assessment
530(1)
Response to Detected Misstatements Due to Fraud
530(1)
Documentation Requirements
531(1)
Fraud Detection Techniques
531(4)
Payments to Fictitious Vendors
531(1)
Payroll Fraud
532(1)
Lapping Accounts Receivable
533(2)
Summary
535(12)
Glossary 547(10)
Index 557

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program