a. What do you understand “auditing around the computer” and “auditing through the computer”?
b. State the circumstances in which “auditing through computer” must be used.
The auditor must plan whether to use the computer to assist the audit or whether to audit without using the computer. The former approach is known as “auditing through the computer”, the latter is called “auditing around the computer”.
Auditing around the computer involves arriving at an audit opinion through examining internal control for computer installation and the input and output only for application systems. On the basis of quality of input and output of application systems, the auditor infers the quality of processing carried out. Application system processing is not examined directly. The auditor views the computer as a black box.
Auditing through computer: The auditor can use the computer to test: (a) the logic and controls existing within the system and (b) the records produced the system. Depending upon the complexity of application system being audited, the approach may be fairly simple or require extensive technical competence on the part of the auditor.
a. There are several circumstances where auditing through computer must be used:
Application system processes large where volume of input and produces large volume of output that makes extensive direct examination of the validity of input and output difficult.
Significant parts of internal control systems are embodied in the computer system.
The logic of the system is complex and there are large portions that facilitate use of the system for efficient processing.
Because of cost-benefit considerations, there are substantial gaps in visible audit trial.