a. Three strategies for testing internal controls when information
technology is used for significant accounting processing include:
1. testing user controls
2. testing computer application controls, computer general controls, and manual follow-up procedures
3. testing only computer general controls and manual follow-up procedures
b. Two strategies that might be used to support a low control risk assessment include having the auditor test computer application controls using some form of computer-assisted audit techniques and computer general controls must also be tested.
With having the auditor test computer application controls you can determine that the application control properly identifies exceptions. With having the general controls being tested it will provide assurance that application controls are properly designed and tested, and any changes are authorized.
c. An audit strategy that might be used to assess control risk at a high level is the AICPA internal control audit guide. This strategy will not support a low control risk assessment because the information attained is from professional individuals exceptions about the control. The exceptions can offer information for the auditor and help in the development of the auditor’s conclusions.
Ch. 11: Learning Check 11-8
The advantages of the computer-assisted audit technique known as parallel simulation include:
- Because real data are used, the auditor can verify the transactions by tracing them to source documents and approvals
- The size of the sample can be greatly expanded at relatively little additional cost
- The auditor can run the test independently
The disadvantages of the computer-assisted audit technique known as parallel simulation include having care taken to determine that the data selected for simulations are representative of actual client transactions and it is also possible that the client’s system may perform operations that are beyond...