Explore BrainMass

Strategies for Testing Internal Controls and Risk

1a. Briefly describe three strategies for testing internal controls when information technology is used for significant accounting processing.

b. Identify two strategies that might be used to support a low control risk assessment. Discuss the difference between the two strategies.

c. Discuss a third audit strategy that might be used to assess control risk at a high level. Explain why this strategy will not support a low control risk assessment.

2. What are the advantages and disadvantages of the computer-assisted audit technique known as parallel simulation?

3 a. What is the difference between the conventional test data approach and the integrated test facility approach?

b. In lieu of traditional testing, what approaches can be used in on-line entry/on-line processing systems?

Solution Preview

To make the audit successful or in the favor of the organization; it is important for the organization to understand various auditing strategies. The risk in the financial statements is also necessary to be understood. As per the direction, the different strategies of the internal control will be described further. The other strategies that are used for the assessment of the low and high level risk also help to understand the internal control risks. I am providing just an introduction about the internal
control strategies or other strategies. One can insert more information in this section. For example:

A) Security is an important concern for testing the internal controls with information technology. Earlier, when there was a lack of computer awareness, there was auditing around the computer strategy.
1. Recognize the spot where security is most often and regularly penetrated and to know the variation between losses that are accidental and intentional.
2. Awareness about the features and characteristics of a successful security control.
3. Understand the process for selecting techniques to test security - First, the objective of application is set and the execution steps are discussed. Then, an appropriate technique is selected for data collection.

The two strategies that might be used to support a low control risk assessment are:
- Varying the degree and level of substantive tests, for example, with a small size of sample.
- Another strategy is to change the time of conducting substantive tests. It can be performed at an interim date rather than performing at the end of year.
In the first strategy, the scale of substantive test is changed and the level is reduced, where as, the other strategy is to change the timing of the tests. Level and timing is changed in both strategies, which are entirely different from each other.

C) The primary substantive approach is the assessment of financial and non financial information to identify if the figures make sense. It is ...

Solution Summary

The response addresses the queries posted in 1184 words with references.