Question: We are assuming the following: During our external IT audit control interim testing, three control failures were identified. 1. Security and Access Logical 1) Control

We are assuming the following:

During our external IT audit control interim testing, three control failures were identified.

1. Security and Access Logical

1) Control Objective => Policies and procedures are in place to prevent the improper use, disclosure, modification, or loss of critical financial data that would adversely affect the reliability of financial reporting.

ITGC Control Failure #1 => Users are required to change passwords every 120 days.

2. Security and Access Physical

1) Control Objective => Policies and procedures are in place to prevent the improper use, disclosure, modification, or loss of critical financial data that would adversely affect the reliability of financial reporting.

ITGC Control Failure #2 => Only authorized personnel are allowed to access computer facilities. Access logs are regularly reviewed.

3. Computer Operations Data Backup

1) Control Objective => Policies and procedures are in place to prevent the loss or corruption of critical financial data that would adversely affect the reliability of financial reporting.

ITGC Control Failure #3 => Programs and data are regularly and appropriately backed up and available in the event of an emergency

These three ineffective ITGCs affect the nature, timing, and extent of substantive and control procedures that the IT auditor performs to address the risks that financial statement amounts, or disclosures are materially misstated.

I. Please explain in some detail the impact of ineffective ITGCs on:

How the nature of the testing changes from the interim testing procedures to the year-end testing procedures.

The most appropriate timing of the year-end testing procedures.

How the extent of the year-end testing procedures will be impacted.

II. How could the auditor substantively test the three ineffective ITGCs to provide reasonable assurance that the financial statements are free of material misstatements?

Assume that the auditor concludes that all three ITGC processes are ineffective for the full year for a financial statement audit.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Accounting Questions!

Q:

Use 2018 Form 990 and the 2019 audited financial statements for Feeding America. Although Form 990 Indicates it is for 2018, It Is actually for the period July 1, 2018, to June 30, 2019, the same...

Q:

1. Which of the following is not true? a) An internal audit is never performed by external auditors b) The primary goals of an internal audit and an external audit are somewhat different c) Both...

Q:

Need help with these multiple choice questions for internal audit final exam. Due in 2 hours. QUESTION 1 RsQ_004Without management direction and assumption of responsibility, it would be...

Q:

The Office of Personnel Management Breach MIS The Problem Despite high-profile security breaches in the past, many U.S. govern ment agencies have not made cybersecurity a priority. In fact, govern...

Q:

Please help me answer this question Background Veronese 81 Tiffany Inc. is a medium-sized business located in Elmira, Ontario. It sells designerjewelry to specialty stores through Canada as well as...

Q:

I need assistance with the case requirement questions, Part A and Part B (Exhibit 3) and Background, scope, findings and conclusions (exhibit 4) Assessing Information Technology General Control Risk:...

Q:

ACC 640 Keystone Case Study Engagement Overview Keystone Inc., a listed company on a U.S. stock exchange (publicly traded) in the United States, is looking to expand. XBroker was seen as a potential...

Q:

"PCAOB Inspection Reports for KPMG" is an excellent topic. Summarize 3 reports - 2010, 2012 & 2014.At least 6 references are needed - 3 academic & 3 practitioner (short articles).Please follow the...

Q:

He want us to identify the 18 vulnerabilities. template is attach. Case No. 2000-02: Recreation, Inc. 1 AICPA Case Development Program RECREATION, INC. AN INFORMATION TECHNOLOGY RISK ASSESSMENT CASE...

Q:

If possible pls help me with this via email as the answer should be limited to one individual per submission. again pls if possible thru email antonionlyfans6969 g mail.com Prepare a word doc., about...

Q:

I was wondering if Scenerio 1 activies #1-4 from this article could be answered. Need Help. CASES: CASE 1 AUDITING ENTITY-LEVEL CONTROLS Learning Objectives Describe why entity-level controls are a...

Q:

Answer the following questions based on the payoff matrix for a single-period, two-firm game for firms, Six, Inc. and Seven Corp. The numbers in the matrix indicate the profit in billions of dollars...

Q:

90) Let _A = 1 4 33 22 3

Q:

The three major costs of manufacturing a product are: Multiple Choice 0 t 2 8 - 2 5 Direct materials, direct labor, and factory overhead. Marketing, selling, and administrative costs. Product costs,...

Q:

Exports Unlimited is an unlevered firm with an aftertax net income of $51,300. The unlevered cost of captial is 14.6 % & the tax rate is 36% . What is the value of this firm?