GAS

Generalized audit software (GAS) is used in many companies to perform routine audit procedures. It is
software purchased as a package and each company selling it offers diversity in the software’s
capabilities.

Details

GAS performs routines on files, uses various calculations and prints reports based on the information
used. Standard audits are performed by analyzing sample information from a company’s records.
Random information is chosen and analyzed since investigating all information is too time-consuming.

Purpose

This software allows auditors the ability to sort through large amounts of data in a rapid manner. GAS
can scan and test all data within a computer system, allowing for a more accurate audit of the books.
Instead of random sampling, 100 percent of the company’s data is examined.

Functions

GAS software is designed to examine financial information for quality, completeness, correctness and
consistency. It verifies all calculations, compares data and prints audit samples.

Disadvantages

GAS software is costly to purchase. Many users feel it is difficult to learn as well. GAS software, over the
years, has become easier to use than the packages offered years ago

CAS

Test data
Test data
Audit test data
Audit test data is used to test the existence and effectiveness of controls built into an application program used by an
audit client. As such, dummy transactions are processed through the client’s computerised system. The results of
processing are then compared to the auditor’s expected results to determine whether controls are operating efficiently
and systems’ objectiveness are being achieved. For example, two dummy bank payment transactions (one inside
and one outside authorised parameters) may be processed with the expectation that only the transaction processed
within the parameters is ‘accepted’ by the system. Clearly, if dummy transactions processed do not produce the
expected results in output, the auditor will need to consider the need for increased substantive procedures in the area
being reviewed.

Test data involves the auditor submitting 'dummy' data into the client's system to ensure that the system
correctly processes it and that it prevents or detects and corrects misstatements. The objective of this is to
test the operation of application controls within the system.
Simulation Data

Parallel simulation is a process of simulating data processing with a set of data (from client) and
comparing the results of simulation with that of client's system results.

For example: Let us consider an example of invoice processing. Collect a set of invoices from
client's data and simulate to arrive at the expected accounting entries on invoice processing. Now
compare the simulated results with that of client's system.

If the results are same, the client's system control is intact. Suppose there are exceptions in the
comparison, additional test procedures should be performed to identify the impact of exception.
PARALLEL SIMULATION TESTING is the simultaneous performance of multiple operations. It
provides evidence of the validity of processing if the second processing system yields the same
results as the first. Auditors use their own generalized audit software to process the same data as
was processed by the client’s software. If the output of the audit software is the same as the
output of the client’s software that is evidence that the client’s software is performing properly.

ITF

Integrated test facility is a computer auditing technique whose value has been attested by
auditors and researchers alike. However, this technique has several disadvantages. Two of these
are cost of the audit procedure and reduced data base integrity for the users. It is shown how the
concept of differential files can be used to facilitate an audit by integrated test facility. This new
use of differential files can reduce the cost of an audit and allows the auditor to use a wider
variety of audit transactions while not violating data base integrity during the audit.

Integrated test facility (ITF) adalah teknik yang menempatkan serangkaian kecil catatan
fiktif di file utama. Catatan tersebut dapat saja mewakili bagian, departemen, atau kantor
cabang, pelanggan, atau pemasok fiktif..Pemrosesan transaksi uji yang memperbarui catatan
fiktif ini tidak akan mempengaruhi catatan asli.

Oleh karena catatan fiktif dan yang sesungguhnya diproses bersama-sama, para pegawai
perusahaan biasanya tetap tidak menyadari bahwa pengujian tersebut berjalan. Sistem
tersebut harus membedakan catatan ITF dari catatan yang sesungguhnya, mengumpulkan
informasi atas dampak transaksi uji, serta melaporkan hasilnya.

Auditor akan membandingkan pemrosesan dengan hasil yang diharapkan, untuk

memverifikasi bahwa sistem tersebut beserta pengendaliannya beroperasi dengan benar.

Dalam pemrosesan seeara batch, teknik ITF meniadakan kebutuhan untuk melakukan
penelusuran transaksi uji dan dengan mudah disembunyikan dari para pegawai yang
mengoperasikan sistem tersebut.
ITF sangat sesuai untuk menguji sistem pemrosesan on¬line, karena transaksi uji dapat
dilakukan sesering mungkin, diproses bersama dengan transaksi yang sesungguhnya, dan
ditelusuri melalui seluruh tahap pemrosesan.

Semua ini dapat dicapai tanpa mengganggu operasional pemrosesan yang normal; akan
tetapi, perhatian harus diberikan untuk tidak menggabungkan catatan fiktif dengan yang
sesungguhnya selama proses pelaporan.

Concurrent audit techniques

Concurrent audit techniques involve the ongoing automated examination of business processes. This is achieved by
embedding audit sub-routines into the application systems used by employees to process transactions. The system
then flags unusual transactions for review by the audit staff. This approach has the advantage of providing a
complete review of all transactions, rather than the small sample sizes that auditors normally examine. Concurrent
audit techniques are especially useful when there is a heightened need to spot errors and irregularities immediately.
This approach is becoming more common, as larger businesses use highly integrated systems to run their operations.

Concurrent auditing techniques are tools that auditors use to collect audit evidence on
the reliability of a computer-based application system at the same time as the application
system carries out live operational processing of transaction data. They are implemented
via program instructions that are embedded within the application software or within the
system software, such as the database management system, that supports the
application system (Clark et al., Groomer & Murthy, 1989). In sensitive, high-materiality
application systems, concurrent auditing techniques may be executed continuously.
Alternatively, they may be executed periodically e.g. during random intervals or during
high-risk intervals. The evidence they collect can be reported immediately to the auditor,
which is likely to be the case if high-risk errors or irregularities are identified during
application system processing. Alternatively, the evidence they collect can be stored and
reported periodically, which is likely to be the case when the expected losses associated
with the exceptions identified are low.