What duties of the IT function should be performed by different people, or located in separate departments? Why?
Answer to relevant QuestionsWhat areas of computer operations should company policies specifically address?How can the use of CAATS prevent an auditor from having to rely on sampling?What kinds of illegal acts does the auditor address during testing?Give examples of accounts and classes of transactions that have greater inherent risk for specific assertions. Why is their inherent risk greater?Why might an auditor decide not to test certain application controls at specific business units or locations?
Post your question