general model for accounting information systems by hall
TRANSCRIPT
General Model for Accounting Information Systems
Oleh : Bambang Setiawan, S.Kom
01/05/2023Information System UIN Suska Riau
2
01/05/2023Information System UIN Suska Riau
Data Collection and Data Processing
•Data collection frauds involve entering falsified data into the system by deleting, altering or creating a transaction.•Masquerading involves gaining remote access by pretending to be an authorized user. Piggybacking involves latching onto an authorized user in the system. Hacking involves both schemes motivated by the challenge of trying to access the system.
3
01/05/2023Information System UIN Suska Riau
4
• Data processing: A series of actions or steps performed on data to verify, organize, transform, integrate, and extract data in an appropriate output form for subsequent use. Methods of processing must be rigorously documented to ensure the utility and integrity of the data.• Data processing frauds are in two classes:• Program fraud includes creating illegal programs or
destroying, corrupting or altering computer logic to cause data to be processed incorrectly.• Operations fraud is misuse or theft of computer resources.
CONTINUE...
01/05/2023Information System UIN Suska Riau
5Database Management and
Information Generation
Database management fraud involves altering, deleting, corrupting, destroying, or stealing an organization’s data. Often associated with transaction or program fraud and
disgruntled employees who may copy, sell or destroy data.
01/05/2023Information System UIN Suska Riau
6CONTINUE...
Information generation fraud involves stealing, misdirecting or misusing computer output. Useful information has: relevance, timeliness,
accuracy, completeness and summarization. Scavenging involves searching for discarded output. Eavesdropping involves listening to output
transmissions over telecommunication lines.
01/05/2023Information System UIN Suska Riau
7
Auditor’s Responsibility for Detecting Fraud
• Description and characteristics of fraud• Professional skepticism• Engagement personnel discussion• Obtaining audit evidence and information• Identifying risks• Assessing the identified risks
• Responding to the assessment• Evaluating audit evidence and
information• Communicating possible fraud• Documenting consideration of
fraud
o Auditor also required to assess risk factors related to fraudulent financial reporting and misappropriation of assets.
01/05/2023Information System UIN Suska Riau
8
Fraudulent Financial Reporting
Risk factors: Management’s characteristics and influence
over the control environment, industry conditions and operating characteristics and financial stability.
Common schemes: Improper revenue recognition or treatment
of sales. Improper asset valuation or deferral of
costs and expenses. Improper recording of liabilities. Inadequate disclosures.
01/05/2023Information System UIN Suska Riau
9
Misappropriation of Assets
Risk factors:Susceptibility of assets to misappropriation and
controls.Common schemes:
Personal purchases or ghost employees.Fictitious expenses or altered payee.Pass-through vendors.Theft of cash (or inventory).Lapping.
01/05/2023Information System UIN Suska Riau
10
Auditor’s Response to Risk Assessment
Judgments about the risk of material misstatements may affect the audit in regards to:Engagement staffing, extent of supervision,
professional skepticism, nature, timing, extent of procedures performed.
01/05/2023
11
Risk of material misstatement due to fraud always exists. Auditor:may determine currently planned audit
procedures are sufficient to respond to risk factors.
may determine to extend audit and modify planned procedures.
may conclude procedures cannot be modified sufficiently to address risk and consider withdrawing.
CONTINUE...
Information System UIN Suska Riau
01/05/2023Information System UIN Suska Riau
12
Auditor’s Response to Detected Misstatements Due to Fraud
Auditors will enter a much expanded arena of procedures to detect fraud as they implement SAS no. 99. The new standard aims to have the auditor’s consideration of fraud seamlessly blended into the audit process and continually updated until the audit’s completion. SAS no. 99 describes a process in which the auditor 1) gathers information needed to identify risks of material
misstatement due to fraud, 2) assesses these risks after taking into account an evaluation
of the entity’s programs and controls and 3) responds to the results. Under SAS no. 99, you will gather
and consider much more information to assess fraud risks than you have in the past
01/05/2023Information System UIN Suska Riau
13CONTINUE...
If no material effect: Refer matter to management and ensure implications to other aspects of audit have been addressed.
If effect is material or undeterminable:Consider implications for other aspects of the
audit.Discuss with senior management and audit
committee.Attempt to determine if material effect.Suggest client consult with legal counsel.
01/05/2023Information System UIN Suska Riau
14
Working papers document criteria used for assessing fraud risk: Where risk factors are identified,
documentation should include. those risk factors identified andauditor’s response to them.
CONTINUE...
01/05/2023Information System UIN Suska Riau
15
Fraud Detection Techniques Using ACL
Payroll fraud:Use expression builder to test for excessive
hours worked.Use duplicate function to test for duplicate
payments.Use join function to link payroll and
employee files to test for non-existent employees.
01/05/2023Information System UIN Suska Riau
16CONTINUE...
Lapping Accounts Receivable:Use expression builder to locate and
investigate invoices whose Remittance Amount is less than the Invoice Amount.
Calculate the amounts carried forward and use the duplicates command to search for carry-forward amounts that are the same.
01/05/2023Information System UIN Suska Riau
17
Finish