This paper discusses the influence of accounting computerization on audit, and the content, technology and work of audit under the condition of accounting computerization, which provides reference for audit under the condition of accounting computerization.
Keywords: computerized accounting, auditing
First, the impact of accounting computerization on auditing
The influence of 1. on the audit trail. Audit trail is extremely important for audit. In manual accounting, audit clues include accounting documents, account books, statements and other accounting materials. These materials are all embodied in words. Auditors can use these materials to trace the original vouchers to accounting statements through accounting vouchers and account books, or examine the cross-checking relationship of accounting data between statements and between statements and account books, and check the legitimacy of economic business reflected by vouchers, accounts and table data through these visible audit clues. In short, in manual accounting, accountants' detailed records of economic business are vividly on the paper. Audit clues that auditors need can be audited through these written records. During the audit, auditors can conduct spot checks as needed. However, in computerized accounting, the use of computers has changed the storage and processing of accounting records, which is manifested in the following aspects.
(1) Storage and handling of accounting vouchers. Once the original voucher or accounting voucher is entered into the computer, it will be stored in the data file in the eighth computer in the form of a file. Once the original voucher is converted into a machine-readable input medium, it will no longer play the role of data processing; In some systems, traditional original vouchers may not exist because of direct data acquisition equipment (for example, in online real-time processing systems).
(2) the custody and handling of account books. The general ledger is replaced by a file, and the detailed data calculated by summary data may not be seen in the main file. The subsidiary ledger is printed on a full page, which leads to the daily check between the two types of data can only be carried out in the machine. When the account book is logged in, it is automatically executed by the computer bookkeeping program, so it is difficult to judge which bookkeeping program is used.
(3) Reports are compiled in account book files according to predefined formulas, and other report files are in the form of internal files, such as data retrieval calculation, data source formula definition, editing results, printing format, etc. Due to the characteristics of magnetic media modification leaving no trace, it is difficult for auditors to believe that the printed accounting statements are compiled according to the public IT: definition documents provided by enterprises. If someone distorts the formula definition file to prepare a distorted financial statement, and then restores the formula definition file, in this case, the auditor cannot judge whether the statement is prepared correctly according to the formula definition file in the machine.
The above situation shows that it is difficult for auditors to track and review the economic business as in the manual operation environment because the computer processing process is carried out between files in the machine. Therefore, when designing computerized accounting information system, we should pay attention to leaving enough audit clues, so that auditors can track audit clues under computerized conditions and successfully complete audit tasks. At present, although the Ministry of Finance stipulates in the computerized accounting system that all vouchers, account books and statements should still be printed out, which makes auditors increase audit clues in the audit work, it should be noted that whether these written records are the same as the correct processing results of accounting software needs further verification.
2. Impact on audit content. Due to the inherent characteristics and corresponding risks of computerized accounting, the content of audit should also be changed accordingly. On the basis of the original audit content, the audit of computerized accounting information system also includes the audit of system development, use and maintenance. Information system audit (also known as computer audit or it audit) is basically mature abroad, and there are relevant legal norms and standards. In our country, IT audit only appeared in recent years with the popularization of computerized accounting. Due to the limited personnel and heavy audit tasks of audit institutions in our country, it is unrealistic to require auditors to participate in the development of every computerized accounting system. Therefore, audit institutions can only audit large or widely used computerized systems in advance and in the process.
3. Impact on audit techniques and means. Due to the use of computers, accounting letters
The information system has changed in many aspects, and it is difficult for auditors to achieve the expected purpose by using traditional audit methods. Therefore, we must adopt new methods and take into account the changes of audit objects caused by accounting computerization. For example, because many internal controls are automatically executed by computers, the method of evaluating these control measures must be computer-oriented. In addition, under the condition of computerization, the audit content has been extended to computerized system procedures, system design and development, data files and internal control, forcing auditors to adopt computer-aided audit technology as well as traditional audit technology, and use increasingly advanced computer audit software to help auditors audit accounting software under various working platforms such as single machine, network and multi-users.
4. Impact on auditing standards and auditing standards. In the traditional audit work, a series of audit standards and guidelines have been established, such as auditor standards, on-site audit standards, audit effect measurement standards, and economic benefit audit standards. However, due to a series of changes in audit objects, audit clues, audit contents and audit technical means under the condition of computerized accounting, the auditing standards and norms formulated in traditional auditing are difficult to apply. Therefore, it is necessary to supplement and formulate a set of relevant auditing standards and norms. Abroad, the Ministry of International Trade and Industry of Japan published the IT auditing standards in 1985, and revised the auditing standards in an all-round way in 1996. In 1990s, ISACA (Information System Audit and Control Association), the only information system audit and control association in the world, set up more than 65,438+060 branches in more than 65,438+000 countries and regions around the world, and formulated and promulgated it audit standards and practical guidelines. Standardize and guide the work of auditors. The association also holds annual examinations for registered auditors. In China, because IT auditing has just started, there are almost no standards and guidelines for computer auditing.
5. Impact on auditors. The popularization of computerized accounting puts forward higher requirements for auditors' quality level and knowledge ability, and auditors are faced with the need to update their knowledge. They should not only have rich knowledge and skills in accounting, finance and auditing, but also be familiar with auditing policies, laws and other auditing foundations, as well as master certain computer knowledge and its application technology and modern information processing and management technology. Not only do most auditors need to know how to operate audit software. Moreover, some auditors should be able to write various test and evaluation program modules in time according to various problems in the audit process.
Second, the audit content under the condition of computerized accounting
As mentioned above, the emergence of computerized accounting has expanded the content of audit. Now, only the audit contents of the audited unit under the condition of computerized accounting are explained, and the audit contents of system development and maintenance are not repeated here.
1. Data entry audit. Data entry is the key link of the whole computerized accounting information system, and it is the basis of report generation and decision support in the future. If the data is entered incorrectly, the information system will process and process the wrong data, which will not only help users understand the enterprise situation and make effective decisions, but even mislead users to make wrong decisions, which will bring great losses and injuries to information system users. System data input audit mainly reviews the input operation of information system, evaluates the correctness and standardization of system input operation and management, and re-examines the input interface and data validity verification to further determine and evaluate the effectiveness of system data input and the ability to identify and correct erroneous data, points out the defects and deficiencies of system input, and puts forward corresponding improvement suggestions.
2. Communication system audit. Information system is generally not a stand-alone system, and network communication is an important part of information system, which is the basis of data sharing and remote data processing. Communication system audit mainly checks and evaluates the scientificity and effectiveness of communication system management, and re-audits the effectiveness of communication equipment and various controls in the communication process of information system to further determine the effectiveness and efficiency of system data transmission, point out the defects and deficiencies in communication system management and its own performance, and put forward corresponding improvement suggestions.
3. Process audit. Processing refers to the process that the processor processes the input data after receiving it. Processing audit is to audit whether the data is processed correctly after it is entered into the system. Auditors should sample the processing process, track and record the whole process of sampling, test the whole processing process of the system from receiving data to processing completion, analyze and evaluate the correctness and efficiency of data processing, and give an evaluation report and reasonable suggestions on the data processing performance of the information system. .
4. Database audit. Database subsystem is a functional system for defining, creating, modifying, deleting and storing data in information system. Usually, in this system, the main data reflects the objects in real life and their relationships. For example, employee salary documents and personnel documents reflect the salary ratio of each employee, each position and the corresponding personnel in each position. Database audit mainly audits the database management of information system, and also re-audits the design and operation of database. Further determine the effectiveness of database system for data operation and the ability to protect data when abnormal operation occurs, evaluate the effectiveness and standardization of database management and maintenance, and put forward corresponding improvement suggestions.
5. Data output audit. The data content is finally provided to the user through the output subsystem. The data provided can have a certain format, and the data will reach the user through a certain path. The data output audit of the system is an audit of the output data management of the information system, and it is also a re-audit of the design of system output results such as reports. Further determine the correctness and effectiveness of the system data output and the acceptability and understandability of the system output data to users, evaluate the scientific and normative management of the system output data, point out the defects and deficiencies of the system output, and put forward corresponding improvement suggestions.
6. Management audit. The operation of information system needs scientific organization and management, because without scientific management, the system will not automatically provide high-quality and reliable information services. Information system, as a man-machine system, ultimately provides services for users through human operation of the information system. Therefore, whether the operation management of the system is scientific and effective directly affects the system operation of information system services, and scientific and standardized operation management is the guarantee for the correct operation of the system. Moreover, due to the changes of users and usage patterns, the state of the system is constantly changing, so it is particularly important to audit the operation management, that is, the overall management rules of the whole operation process of the information system.