As a modern day auditor, the idea of auditing in computer based environment should no longer be alien to you. In fact, I suggest you become proficient in conducting an AIS audit as this will broaden your horizon as an auditor – internal or external.
Auditing through computer and auditing around computer are two different approaches to conducting audits in the context of information technology and computer systems. These approaches have distinct purposes and methods:
Auditing Through Computer (Computer-Assisted Audit Techniques – CAATs)
At the very least, you must fully grasp the rudiments and purpose of the two terminologies involved in computer based auditing.
Auditing through computer involves using computer-assisted audit techniques (CAATs) to perform audit procedures with the help of business technologies. The primary purpose is to enhance the efficiency and effectiveness of the audit process by leveraging technology. Auditors evaluate clients software and hardware to determine whether to rely on the system for operations that are not visible to human eyes or not.
Auditing through the computer methodology
Data analysis: Auditors use specialized software to analyze large volumes of data quickly and accurately, identifying anomalies, trends, and potential risks.
Automated testing: Audit procedures, such as reconciliation, validation, and compliance testing, are automated using software tools.
Continuous monitoring: Computer systems can be set up to continuously monitor transactions and processes, providing real-time insights into potential issues.
Data extraction: Auditors can extract data from various systems and databases for analysis without manual data entry.
Advantages of auditing through the computer
Auditing through computer allows for more comprehensive and timely audits, reduces the risk of human error, and provides deeper insights into an organization’s financial and operational activities.
Auditing Around Computer
Auditing around computer, on the other hand, refers to the traditional audit approach where auditors rely primarily on manual methods and do not heavily use computer-based tools. The purpose is to assess an organization’s financial statements and internal controls without significant reliance on automated systems. It could be as simple as selecting sample documents and verify the correspondence of input and output.
Auditing around the computer methodology
Manual sampling: Auditors select a sample of transactions or documents manually for examination, which may not be as comprehensive as data analysis performed through computer-assisted techniques.
Manual testing: Audit procedures are performed manually, such as counting physical inventory or inspecting paper documents.
Limited use of technology: Auditors may use computers for administrative tasks like document management and communication but do not heavily rely on technology for substantive audit procedures.
Advantages of auditing around the computer
Auditing around computer is often used when auditors have limited access to an organization’s computer systems or when they want to maintain independence from automated processes. It provides a more traditional and conservative approach to auditing.
Similarities between auditing through the computer and auditing around the computer
In as much as the two approaches are distinct, they have certain things in common as discussed below.
Audit Objectives:
Both approaches aim to achieve the same primary objectives of auditing, which include assessing the accuracy and reliability of financial statements, evaluating internal controls, and detecting fraud or irregularities.
Compliance:
Both approaches must adhere to auditing standards and regulations, such as Generally Accepted Auditing Standards (GAAS) and International Standards on Auditing (ISA), to ensure the quality and integrity of the audit process.
Audit Planning:
In both approaches, auditors must plan their procedures, assess risks, and determine the scope of the audit based on the audit objectives and the characteristics of the audited entity.
Documentation:
Auditors, regardless of the approach used, are required to maintain thorough documentation of their work, including audit plans, procedures, findings, and conclusions.
Differences between auditing through the computer and auditing around the computer
That they have commonalities does not mean that they don’t differences. Some of the differences are briefly discussed below.
Use of Technology:
The most significant difference is the extent to which technology is employed. Auditing through computer relies heavily on computer-assisted audit techniques (CAATs) and technology for data analysis, testing, and continuous monitoring. Auditing around computer, in contrast, primarily uses manual audit methods with limited reliance on technology.
Efficiency:
Auditing through computer is generally more efficient due to automation, which allows for faster and more comprehensive data analysis and testing. Auditing around computer may be less efficient as it relies on manual sampling and testing methods.
Data Analysis:
Auditing through computer involves sophisticated data analysis techniques, including data mining, statistical analysis, and automated testing. Auditing around computer relies on manual sampling and manual testing, which may not uncover all potential issues.
Access to Systems:
Auditing through computer requires auditors to have access to an organization’s computer systems and data. Auditing around computer may not require extensive access to computer systems, making it suitable for situations where such access is restricted or not feasible.
Independence:
Auditing around computer may be seen as a more independent approach since it does not rely heavily on an organization’s automated systems. Auditing through computer may involve a closer connection to and reliance on the organization’s technology infrastructure.
Risk Assessment:
Auditing through computer allows for more comprehensive risk assessment by analyzing large datasets and identifying anomalies and trends automatically. Auditing around computer may have a more limited ability to assess risks comprehensively.
What we do in practice
In practice, many audits today involve a combination of both approaches. Auditors often use computer-assisted audit techniques to analyze large datasets, identify risks, and perform automated testing, while also conducting traditional audit procedures where necessary.
The choice between auditing through computer and auditing around computer depends on factors such as the nature of the audit, the availability of data, the level of automation in the organization, the experience / skillsets of the auditor and regulatory requirements.
Many modern audits incorporate elements of both approaches to leverage technology for efficiency while maintaining traditional audit procedures for assurance and independence.
Leave a Reply