SlideShare une entreprise Scribd logo
1  sur  18
Télécharger pour lire hors ligne
oleh :
DWIKI APSYARIN
11353104674
CONTROL AND AUDIT INFORMATION SYSTEM
Dosen Pengampu : M. Jasman, S.Kom, M.InfoSys
5 Accounting Information Systems Audit Cycle
1. Revienue Cycle (sales and cloction)
2. Expenditure Cycle (about how to buy goods)
3. Production Cycle (How to produce Goods)
4. HRM
5. General Regent and Reporting System
 Internal audit
Internal audit is independent appraisal function to examine and evaluate the
activities and as a service for an organization. internal auditor perform a
variety of activities, including financial, operational, compliance and audit
fraud. Auditors can work for your organization or tasks can be outsourced.
Independence is self-imposed, but the auditor representing the interests of the
organization.
 External vs. Internal Auditor
The external auditors are outsiders while internal auditors representing
the interests of the organization. Internal auditors often cooperate with
and assist the external auditors in some aspects of the financial audit.
Extent of cooperation depends on the independence and competence of
the internal audit staff. external auditors may rely in part on evidence
gathered by the internal audit department is organizationally independent
and reports to the audit committee of the board of directors.
 The role of the Audit Committee
Subcommittee of the board of directors
• Usually three external members.
• SOX requires at least one member must be a "financial expert".
Functioning as an independent "check and balance" to the
internal audit function.
SOX mandates that external auditors report to the audit
committee:
• the employee committee and auditor fire and resolve disputes.
 Auditing standards
statements of management and auditing purposes:
1. The existence or occurrence; Completeness; Rights and obligations; Valuation
or Allocation; Presentation and Disclosure.
2. The auditor develops auditing purposes and to design audit procedures based
on this statement.
3. Auditor search for material evidence corroborating the statement.
4. The auditor should determine whether internal control deficiencies and material
misstatement.
5. The auditor should communicate the results of their tests, including an audit
opinion.
 Audit risk
The probability that the auditor will make ineligible opinions (net) of the financial statements are,
in fact, a material misstatement. the inherent risk (IR) is associated with the unique
characteristics of the client's business or industry. control risk (CR) is the possibility of
controlling structure is flawed because the control does not exist or is inadequate to prevent or
detect errors. Detection risk (DR) is the auditor is willing to take the risk that errors are not
detected or prevented by the control structure will not be detected by the auditor. components
of audit risk in the model used to define the scope, nature and timing of substantive testing:
audit risk model: AR = IR x CR x DR
If the risk is acceptable audit is 5%, the risk of detection will depend on the planned control
structure.
The stronger the internal control structure, the lower the risk control and less substantive testing
the auditor should do.
substantive testing is labor intensive audit costs and time-consuming, which encourages and cause
interference.
management interests are served by a strong internal control structure.
Internal control
Management is required by law to establish and maintain an adequate system of internal controls.
A brief history of the law of internal control:
1. SEC Acts of 1933 and 1934.
2. Copyright law of 1976.
3. Foreign Corrupt Practices (FCPA) in 1977 requires companies registered with the SEC to:
• Keep records sufficient and fairly reflect the transactions and the company's financial position.
• Maintain internal control systems which provide reasonable assurance that organizational goals are met.
Committee of Sponsoring Organizations - 1992
• Sarbanes-Oxley Act of 2002 (SOX) requires management of public companies to implement an adequate system
of internal controls over their financial reporting process. Under Section 302:
• Managers should state the organization's internal controls quarterly and annually.
• external auditors must perform certain procedures quarterly to identify modifications that control material can
affect financial reporting.
Section 404 requires management of public companies to access the effectiveness of internal controls in their
annual reports.
 Internal Control System
internal control system consists of policies, practices and
procedures to achieve four broad objectives:
-Safeguard company assets.
-Ensure the accuracy and reliability of accounting records and
information.
-Promoting efficiency in operations.
-Measuring compliance with prescribed policies and procedures
management.
 Modifying Principles
management's responsibility to make laws by SOX.
Goals must be achieved regardless of the data processing method used.
Each system has limitations on its effectiveness including: the possibility of
error, circumvention, overriding management and changing conditions.
The system should provide reasonable assurance that the broad objectives are
met.
Costs to achieve improved control should not be greater than the benefits.
Cost of material weaknesses corrected offset by gains.
PDC Model
PDC Model
passive preventive control techniques designed to reduce the frequency of
undesirable events occurred.
more cost effective than detect and fix problems after they occur.
is a detective control devices, techniques and procedures to identify and
expose the undesirable events that pass preventive controls.
corrective controls to correct problems identified.
 IT Governance
Part of the corporate governance focusing on resource
management and strategic IT assessment.
key object to reduce risk and ensure investment in IT
resources add value to the corporation.
All of the company's stakeholders must be active
participants in key IT decisions.
Control IT Governance
COSO (Committee Of Sponsoring Organitation) was first made in 1992. Three
issues of IT governance is handled by SOX and the COSO internal control
framework:
• the organizational structure of the IT function.
• computer operations center.
• disaster recovery planning.
There are 5 parts of COSO, namely:
1. Control environment
2. The risk factors
3. The information communication
4. monitoring
5. control activity, in control of this activity there are two categories,
Namely • in IT • physically
The purpose of control is to avoid the occurrence of Error, Froud (thieves), Acess and
Nischip.
In 2001 there kasun EROM, which occurred between the public transport games.
Sabban Oxcly has made rule of law sourch in 2002, 4 times in a year perform an audit.
For membagun a company needs to be held to protect preventive control, detective and
corrective controls to mendekteksi control to fix.
 Audit Data Base
Access to data resources controlled by a database
management system (DBMS). Centralize the organization's
data into a common database shared by a community of
users. All users have access to the data they need to
overcome the problem of flat-file.
Deletion of data storage problem: There is no data
redundancy.
Elimination of the problem of updating the data: Single
update procedure eliminates a problem of information.
Abolition of duty-dependency problems User data is limited
only by the legitimacy of the access needs.
 Physical database
the lowest level and the only one in the physical form.
Sports magnetic disk coated metal that makes a logical collection of files and
records.
data structure of bricks and mortar database.
Allows records to be located, stored, and retrieved.
Two components: organization and access methods.
File organization refers to the way records are physically arranged in the
storage device - either sequential or random.
access method is a program used to search for records and to navigate through
the database.
 Terminology database
Entity: Organization Anything want to capture data about.
Record Type: physical representation of database entities.
Genesis: In relation to the number of records is represented by a particular
record type.
Attributes: Defining entities with values different (ie each employee has a
different name).
Database: Set the type of record that organizations need to support their
business processes.

Contenu connexe

Tendances

Ais Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And AisAis Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And AisSharing Slides Training
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and auditAstri Stiawaty
 
Information Systems Audit-Related Designations
Information Systems Audit-Related DesignationsInformation Systems Audit-Related Designations
Information Systems Audit-Related DesignationsMichael Lin
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems Jeffrey Paulette
 
Information System audit
Information System auditInformation System audit
Information System auditPratapchandra
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16  internal control - james a. hall book chapter 3Lecture 16  internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Sreekanth Narendran
 
Information systems audit and control
Information systems audit and controlInformation systems audit and control
Information systems audit and controlKashif Rana ACCA
 
Compliance Management | Compliance Solutions
Compliance Management | Compliance SolutionsCompliance Management | Compliance Solutions
Compliance Management | Compliance SolutionsCorporater
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and ControlAsad Raza
 
Technology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal ControlTechnology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal ControlZefren Edior
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditingDamilola Mosaku
 
Effective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesikEffective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesikEric Pesik
 

Tendances (19)

Ais Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And AisAis Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And Ais
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
 
Information Systems Audit-Related Designations
Information Systems Audit-Related DesignationsInformation Systems Audit-Related Designations
Information Systems Audit-Related Designations
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems
 
Information System audit
Information System auditInformation System audit
Information System audit
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16  internal control - james a. hall book chapter 3Lecture 16  internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3
 
Internal controls in an IT environment
Internal controls in an IT environment Internal controls in an IT environment
Internal controls in an IT environment
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1
 
Information systems audit and control
Information systems audit and controlInformation systems audit and control
Information systems audit and control
 
Compliance Management | Compliance Solutions
Compliance Management | Compliance SolutionsCompliance Management | Compliance Solutions
Compliance Management | Compliance Solutions
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
 
3c 2 Information Systems Audit
3c   2   Information Systems Audit3c   2   Information Systems Audit
3c 2 Information Systems Audit
 
Information System Audit and Control
Information System Audit and ControlInformation System Audit and Control
Information System Audit and Control
 
Technology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal ControlTechnology Auditing, Assurance, Internal Control
Technology Auditing, Assurance, Internal Control
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
 
Auditing
AuditingAuditing
Auditing
 
COSO ERM
COSO ERMCOSO ERM
COSO ERM
 
Ais Romney 2006 Slides 07 Is Control1
Ais Romney 2006 Slides 07 Is Control1Ais Romney 2006 Slides 07 Is Control1
Ais Romney 2006 Slides 07 Is Control1
 
Effective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesikEffective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesik
 

En vedette

Kontrol audit sistem informasi
Kontrol audit sistem informasiKontrol audit sistem informasi
Kontrol audit sistem informasiDinda Afani
 
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASIPENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASIDhina Pohan
 
Kontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem InformasiKontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem InformasiHerman efendi
 
Kontrol dan audit sistem informasi
Kontrol dan audit sistem informasiKontrol dan audit sistem informasi
Kontrol dan audit sistem informasisyul amri
 
Tugas mandiri audit novita dewi 11353202277
Tugas mandiri audit  novita dewi 11353202277Tugas mandiri audit  novita dewi 11353202277
Tugas mandiri audit novita dewi 11353202277novita dewi
 
Audit Sistem Informasi Akuntansi Keuangan dg software e-solution financial
Audit Sistem Informasi Akuntansi Keuangan dg software e-solution financialAudit Sistem Informasi Akuntansi Keuangan dg software e-solution financial
Audit Sistem Informasi Akuntansi Keuangan dg software e-solution financialSoftware Developer
 
Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )James Montolalu
 
Audit Sistem Informasi Rumah Sakit
Audit Sistem Informasi Rumah SakitAudit Sistem Informasi Rumah Sakit
Audit Sistem Informasi Rumah Sakitmanrary
 
Pengembangan SDM Keamanan Informasi Indonesia
Pengembangan SDM Keamanan Informasi IndonesiaPengembangan SDM Keamanan Informasi Indonesia
Pengembangan SDM Keamanan Informasi IndonesiaThe World Bank
 
Project, Program & Portofolio Management Contribution, an Article from the PM...
Project, Program & Portofolio Management Contribution, an Article from the PM...Project, Program & Portofolio Management Contribution, an Article from the PM...
Project, Program & Portofolio Management Contribution, an Article from the PM...rahmatmoelyana
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013   03202014Iso 27001 transition to 2013   03202014
Iso 27001 transition to 2013 03202014DQS Inc.
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentationMidhun Nirmal
 

En vedette (20)

Kontrol audit sistem informasi
Kontrol audit sistem informasiKontrol audit sistem informasi
Kontrol audit sistem informasi
 
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASIPENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
PENGENALAN AUDIT DAN KONTROL SISTEM INFORMASI
 
Kontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem InformasiKontrol dan Audit Sistem Informasi
Kontrol dan Audit Sistem Informasi
 
Kontrol dan audit sistem informasi
Kontrol dan audit sistem informasiKontrol dan audit sistem informasi
Kontrol dan audit sistem informasi
 
Lailatul izzati
Lailatul izzatiLailatul izzati
Lailatul izzati
 
Tugas mandiri audit novita dewi 11353202277
Tugas mandiri audit  novita dewi 11353202277Tugas mandiri audit  novita dewi 11353202277
Tugas mandiri audit novita dewi 11353202277
 
Audit Sistem Informasi Akuntansi Keuangan dg software e-solution financial
Audit Sistem Informasi Akuntansi Keuangan dg software e-solution financialAudit Sistem Informasi Akuntansi Keuangan dg software e-solution financial
Audit Sistem Informasi Akuntansi Keuangan dg software e-solution financial
 
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno   forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...Sarwono sutikno   forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
 
Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )Indeks kami ( keamanan informasi )
Indeks kami ( keamanan informasi )
 
Audit Sistem Informasi Rumah Sakit
Audit Sistem Informasi Rumah SakitAudit Sistem Informasi Rumah Sakit
Audit Sistem Informasi Rumah Sakit
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Pengembangan SDM Keamanan Informasi Indonesia
Pengembangan SDM Keamanan Informasi IndonesiaPengembangan SDM Keamanan Informasi Indonesia
Pengembangan SDM Keamanan Informasi Indonesia
 
Sarwono sutikno wisuda stsn - 10 nov 2015 v2
Sarwono sutikno   wisuda stsn - 10 nov 2015 v2Sarwono sutikno   wisuda stsn - 10 nov 2015 v2
Sarwono sutikno wisuda stsn - 10 nov 2015 v2
 
Project, Program & Portofolio Management Contribution, an Article from the PM...
Project, Program & Portofolio Management Contribution, an Article from the PM...Project, Program & Portofolio Management Contribution, an Article from the PM...
Project, Program & Portofolio Management Contribution, an Article from the PM...
 
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAPSandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
Sandingan ISO/IEC 27001 SMKI vs ISO 37001 SMAP
 
SNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar SiregarSNI ISO 27001 Anwar Siregar
SNI ISO 27001 Anwar Siregar
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
Iso 27001 transition to 2013 03202014
Iso 27001 transition to 2013   03202014Iso 27001 transition to 2013   03202014
Iso 27001 transition to 2013 03202014
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 

Similaire à Kontrol & Audit Sistem Informasi

Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information Systemarif prasetyo
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Issharing notes123
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsSharing Slides Training
 
Advanced auditing Chapter Five.Internal control pptx
Advanced auditing Chapter Five.Internal control pptxAdvanced auditing Chapter Five.Internal control pptx
Advanced auditing Chapter Five.Internal control pptxseidIbrahim2
 
Assessing risks and internal controls training
Assessing  risks and internal controls   trainingAssessing  risks and internal controls   training
Assessing risks and internal controls trainingshifataraislam
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controlTommy Zul Hidayat
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal controljayussuryawan
 
Lecture 17 sas framework internal control - james a. hall book chapter 3
Lecture 17  sas framework internal control - james a. hall book chapter 3Lecture 17  sas framework internal control - james a. hall book chapter 3
Lecture 17 sas framework internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Companies Frequently Conduct Internal Audits Of Their...
Companies Frequently Conduct Internal Audits Of Their...Companies Frequently Conduct Internal Audits Of Their...
Companies Frequently Conduct Internal Audits Of Their...Jennifer Mower
 
Ais Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And AisAis Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And Aissharing notes123
 
Ais Romney 2006 Slides 06 Control And Ais Part 1
Ais Romney 2006 Slides 06 Control And Ais Part 1Ais Romney 2006 Slides 06 Control And Ais Part 1
Ais Romney 2006 Slides 06 Control And Ais Part 1sharing notes123
 
topic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptxtopic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptxvailethmwaisanila
 
Internal control.. control env
Internal control.. control envInternal control.. control env
Internal control.. control envPhillys Sebastiane
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self AssessmentManoj Agarwal
 
SOX ICMS Implmenetation - 2007
SOX ICMS Implmenetation - 2007SOX ICMS Implmenetation - 2007
SOX ICMS Implmenetation - 2007Slava Gorbunov
 

Similaire à Kontrol & Audit Sistem Informasi (20)

Control and Audit Information System
Control and Audit Information SystemControl and Audit Information System
Control and Audit Information System
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Is
 
Ais Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based IsAis Romney 2006 Slides 09 Auditing Computer Based Is
Ais Romney 2006 Slides 09 Auditing Computer Based Is
 
Advanced auditing Chapter Five.Internal control pptx
Advanced auditing Chapter Five.Internal control pptxAdvanced auditing Chapter Five.Internal control pptx
Advanced auditing Chapter Five.Internal control pptx
 
Auditing concept
Auditing conceptAuditing concept
Auditing concept
 
Assessing risks and internal controls training
Assessing  risks and internal controls   trainingAssessing  risks and internal controls   training
Assessing risks and internal controls training
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal control
 
Chapter 1 auditing and internal control
Chapter 1 auditing and internal controlChapter 1 auditing and internal control
Chapter 1 auditing and internal control
 
Lecture 17 sas framework internal control - james a. hall book chapter 3
Lecture 17  sas framework internal control - james a. hall book chapter 3Lecture 17  sas framework internal control - james a. hall book chapter 3
Lecture 17 sas framework internal control - james a. hall book chapter 3
 
Companies Frequently Conduct Internal Audits Of Their...
Companies Frequently Conduct Internal Audits Of Their...Companies Frequently Conduct Internal Audits Of Their...
Companies Frequently Conduct Internal Audits Of Their...
 
Ais Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And AisAis Romney 2006 Slides 06 Control And Ais
Ais Romney 2006 Slides 06 Control And Ais
 
Ais Romney 2006 Slides 06 Control And Ais Part 1
Ais Romney 2006 Slides 06 Control And Ais Part 1Ais Romney 2006 Slides 06 Control And Ais Part 1
Ais Romney 2006 Slides 06 Control And Ais Part 1
 
topic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptxtopic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptx
 
Internal audit
Internal auditInternal audit
Internal audit
 
Internal control.. control env
Internal control.. control envInternal control.. control env
Internal control.. control env
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self Assessment
 
SOX ICMS Implmenetation - 2007
SOX ICMS Implmenetation - 2007SOX ICMS Implmenetation - 2007
SOX ICMS Implmenetation - 2007
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 

Dernier

What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?TechSoup
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17Celine George
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...raviapr7
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxMYDA ANGELICA SUAN
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICESayali Powar
 
Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational PhilosophyShuvankar Madhu
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphNetziValdelomar1
 
Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesMohammad Hassany
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...CaraSkikne1
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice documentXsasf Sfdfasd
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17Celine George
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxAditiChauhan701637
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesCeline George
 
Prescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxPrescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxraviapr7
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxEduSkills OECD
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 

Dernier (20)

What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?
 
Prelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quizPrelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quiz
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptx
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICE
 
Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational Philosophy
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a Paragraph
 
Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming Classes
 
UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024UKCGE Parental Leave Discussion March 2024
UKCGE Parental Leave Discussion March 2024
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice document
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptx
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 Sales
 
Prescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxPrescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptx
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 

Kontrol & Audit Sistem Informasi

  • 1. oleh : DWIKI APSYARIN 11353104674 CONTROL AND AUDIT INFORMATION SYSTEM Dosen Pengampu : M. Jasman, S.Kom, M.InfoSys
  • 2. 5 Accounting Information Systems Audit Cycle 1. Revienue Cycle (sales and cloction) 2. Expenditure Cycle (about how to buy goods) 3. Production Cycle (How to produce Goods) 4. HRM 5. General Regent and Reporting System
  • 3.  Internal audit Internal audit is independent appraisal function to examine and evaluate the activities and as a service for an organization. internal auditor perform a variety of activities, including financial, operational, compliance and audit fraud. Auditors can work for your organization or tasks can be outsourced. Independence is self-imposed, but the auditor representing the interests of the organization.
  • 4.  External vs. Internal Auditor The external auditors are outsiders while internal auditors representing the interests of the organization. Internal auditors often cooperate with and assist the external auditors in some aspects of the financial audit. Extent of cooperation depends on the independence and competence of the internal audit staff. external auditors may rely in part on evidence gathered by the internal audit department is organizationally independent and reports to the audit committee of the board of directors.
  • 5.  The role of the Audit Committee Subcommittee of the board of directors • Usually three external members. • SOX requires at least one member must be a "financial expert". Functioning as an independent "check and balance" to the internal audit function. SOX mandates that external auditors report to the audit committee: • the employee committee and auditor fire and resolve disputes.
  • 6.  Auditing standards statements of management and auditing purposes: 1. The existence or occurrence; Completeness; Rights and obligations; Valuation or Allocation; Presentation and Disclosure. 2. The auditor develops auditing purposes and to design audit procedures based on this statement. 3. Auditor search for material evidence corroborating the statement. 4. The auditor should determine whether internal control deficiencies and material misstatement. 5. The auditor should communicate the results of their tests, including an audit opinion.
  • 7.  Audit risk The probability that the auditor will make ineligible opinions (net) of the financial statements are, in fact, a material misstatement. the inherent risk (IR) is associated with the unique characteristics of the client's business or industry. control risk (CR) is the possibility of controlling structure is flawed because the control does not exist or is inadequate to prevent or detect errors. Detection risk (DR) is the auditor is willing to take the risk that errors are not detected or prevented by the control structure will not be detected by the auditor. components of audit risk in the model used to define the scope, nature and timing of substantive testing: audit risk model: AR = IR x CR x DR If the risk is acceptable audit is 5%, the risk of detection will depend on the planned control structure. The stronger the internal control structure, the lower the risk control and less substantive testing the auditor should do. substantive testing is labor intensive audit costs and time-consuming, which encourages and cause interference. management interests are served by a strong internal control structure.
  • 8. Internal control Management is required by law to establish and maintain an adequate system of internal controls. A brief history of the law of internal control: 1. SEC Acts of 1933 and 1934. 2. Copyright law of 1976. 3. Foreign Corrupt Practices (FCPA) in 1977 requires companies registered with the SEC to: • Keep records sufficient and fairly reflect the transactions and the company's financial position. • Maintain internal control systems which provide reasonable assurance that organizational goals are met. Committee of Sponsoring Organizations - 1992 • Sarbanes-Oxley Act of 2002 (SOX) requires management of public companies to implement an adequate system of internal controls over their financial reporting process. Under Section 302: • Managers should state the organization's internal controls quarterly and annually. • external auditors must perform certain procedures quarterly to identify modifications that control material can affect financial reporting. Section 404 requires management of public companies to access the effectiveness of internal controls in their annual reports.
  • 9.  Internal Control System internal control system consists of policies, practices and procedures to achieve four broad objectives: -Safeguard company assets. -Ensure the accuracy and reliability of accounting records and information. -Promoting efficiency in operations. -Measuring compliance with prescribed policies and procedures management.
  • 10.  Modifying Principles management's responsibility to make laws by SOX. Goals must be achieved regardless of the data processing method used. Each system has limitations on its effectiveness including: the possibility of error, circumvention, overriding management and changing conditions. The system should provide reasonable assurance that the broad objectives are met. Costs to achieve improved control should not be greater than the benefits. Cost of material weaknesses corrected offset by gains.
  • 12. PDC Model passive preventive control techniques designed to reduce the frequency of undesirable events occurred. more cost effective than detect and fix problems after they occur. is a detective control devices, techniques and procedures to identify and expose the undesirable events that pass preventive controls. corrective controls to correct problems identified.
  • 13.  IT Governance Part of the corporate governance focusing on resource management and strategic IT assessment. key object to reduce risk and ensure investment in IT resources add value to the corporation. All of the company's stakeholders must be active participants in key IT decisions.
  • 14. Control IT Governance COSO (Committee Of Sponsoring Organitation) was first made in 1992. Three issues of IT governance is handled by SOX and the COSO internal control framework: • the organizational structure of the IT function. • computer operations center. • disaster recovery planning.
  • 15. There are 5 parts of COSO, namely: 1. Control environment 2. The risk factors 3. The information communication 4. monitoring 5. control activity, in control of this activity there are two categories, Namely • in IT • physically The purpose of control is to avoid the occurrence of Error, Froud (thieves), Acess and Nischip. In 2001 there kasun EROM, which occurred between the public transport games. Sabban Oxcly has made rule of law sourch in 2002, 4 times in a year perform an audit. For membagun a company needs to be held to protect preventive control, detective and corrective controls to mendekteksi control to fix.
  • 16.  Audit Data Base Access to data resources controlled by a database management system (DBMS). Centralize the organization's data into a common database shared by a community of users. All users have access to the data they need to overcome the problem of flat-file. Deletion of data storage problem: There is no data redundancy. Elimination of the problem of updating the data: Single update procedure eliminates a problem of information. Abolition of duty-dependency problems User data is limited only by the legitimacy of the access needs.
  • 17.  Physical database the lowest level and the only one in the physical form. Sports magnetic disk coated metal that makes a logical collection of files and records. data structure of bricks and mortar database. Allows records to be located, stored, and retrieved. Two components: organization and access methods. File organization refers to the way records are physically arranged in the storage device - either sequential or random. access method is a program used to search for records and to navigate through the database.
  • 18.  Terminology database Entity: Organization Anything want to capture data about. Record Type: physical representation of database entities. Genesis: In relation to the number of records is represented by a particular record type. Attributes: Defining entities with values different (ie each employee has a different name). Database: Set the type of record that organizations need to support their business processes.