ABSTRACT
This study was carried out to examine the auditor’s perception of the
usefulness of computer assisted audit techniques in Nigerian organizations. The study seeks
to evaluate the nature and extent of the utilization of GAS in financial
institutions, which economical significant entities typically make intensive
use of information systems for many business processes. Many financial
institutions are of a sufficient size to warrant investment in GAS by internal
or external auditors. Financial institutions also are often subject to
regulatory regimes that require monitoring of particular risks and potential
malfeasance in areas such as money laundering. It was used to determine
whether the effected Computer Assist Audit technique has been used in the
auditing practice and to determine if there is a significant relationship
between CAATS and effective financial reporting in an organization. It was
concluded that Computer Assisted Audit Techniques (CAATS) and generalized Audit
software (GAS) have been seen as an important element of both the external and
internal audit processes. Finally, it was recommended that all auditing firms
should be instructed to have the security code to enhance effectiveness and
efficiency in their business and that training of personnel in auditing should
be based on workshop, seminar and conference to boost the awareness of the
security auditors.
TABLE OF CONTENTS
Title
Page i
Certification
ii
Dedication
iii
Acknowledgements
iv
Abstract
v
Table
of Contents vi
Chapter
One: Introduction 1
1.1
Background to the Study 1
1.2
Statement of Study 4
1.3
Research Questions 6
1.4 Objective of the Study 6
1.5 Statement of Hypothesis 7
1.6
Significance of the Study 8
1.7 Scope of the Study 9
1.8
Limitations of the Study 10
1.9
Definition of Terms 10
Chapter
Two: Review of Related Literature 12
2.1
Introduction 12
2.2
The Unified Theory of Acceptance and
use
of Technology 14
2.3
Factors influencing auditor acceptance
of CAATS 15
2.4
Computer Audit Versus Manual Audit 17
2.5
An Overview of Information System and
System
Based
Audit 20
2.6
Information Technology Audit Based
Process 22
2.7
Power Supplies, Fire Retardant/Fighting
Equipment 24
2.8
Auditing Technique in Computerized
System 25
2.9
Use of Computers in Audit Tests 26
2.10
Audit is for Security 28
2.11
Audit Standards 30
2.12 Audit Plan 34
2.13 Generally Accepted System Security Principles 37
2.14 Computer Security Supports the Mission of
Organization 39
2.15
Computer-Security is an Integral
Element of
Sound
Management 41
2.16 Computer Security should be Cost-Effective 43
2.17 System owners have Security Responsibilities
outside
their own Organizations 45
2.18 Computer Security Responsibilities and
Accountability
should be made Explicit 47
2.19
Computer Security requires a Comprehensive
and
Integral Approach 48
2.20
Computer Security should be
Periodically
Reassessed
49
2.21
Computer Security is Constrained by
Societal
Factors 50
2.22 Common Security Practices 52
Chapter
Three: Research
Method and Design 55
3.1
Introduction 55
3.2
Research Design 55
3.3
Population of the Study 56
3.4
Sample Size 56
3.5 Sampling Techniques 56
3.6
Sources of Data Collection 57
3.7
Method of Data Presentation 58
3.8
Method of Data Analysis 59
CHAPTER
FOUR: Data
Presentation, Analysis
and
Hypothesis Testing 60
4.1
Introduction 60
4.2 Presentation of Data 60
4.3
Data Analysis 63
4.4
Hypothesis Testing 63
Chapter
Five: Summary Finding,
Conclusion
and
Recommendations 72
5.1 Introduction 72
5.2 Summary of Findings 72
5.3 Conclusion 75
5.4 Recommendations 76
References 78
Appendix 83
Questionnaire 84
CHAPTER ONE
INTRODUCTION
1.1
Background to the Study
While
the use of Information Technology (IT) in the business world has grown
exponentially in the past two decades, the extent to which auditors have
adopted IT such as Computer-Assisted Auditing Techniques (CAATS) to meet this
growth remains an empirical question (Arnold and Sutton 1998; Curtis and Payne
2008; Janvrin et al 2009). CAATS are computer tools that extract and analyze
data from computer applications (Braun and Davis 2003). CAATS permit auditors
to increase their productivity as well as that of the audit function (Zhao et
al. 2004, 389). For example, CAATS may automatic previously manual audit tests
reducing total audit hours expended. They enable auditors to test 100 percent
of the population rather than a sample, thereby increasing the reliability of
conclusions based on that test (AICPA 2001; Curtis and Payne 2008). In
addition, CAATS may be used to select sample transactions meeting specific
criteria, sort transactions with specific characteristics, obtain evidence
about control effectiveness, and evaluate inventory existence and completeness
(AICPA
2006).
Recent
audit standards encourage auditors to adopt CAATS to improve audit efficiency
and effectiveness (AICPA 2001, 2002a, 2002b, 2002c, 2006). For example SAS No
106 suggests that CAATS may be used to improve audit efficiency by
recalculating information provided by audit clients (AICPA 2006). Furthermore,
SAS No. 106 indicates CAATS increase audit effectiveness by allowing auditors
to directly inspect evidence stored in electronic from (AICPA 2006). Improving
audit efficiency and effectiveness in particularly important in today audit
environment where auditors have enhanced responsibilities for detecting fraud
due to SAS No. 999 requirement and internal control effectiveness as directed
under Section 404 of the Subanes Oxieg Act and Public. Company
Accounting oversight Board (PCAOB) Audit standard No. 5 Despite the current
emphasis on CAATS, research indicates that auditors do not frequently and
systematically use CAATS (Liang et al. 2001; Kalaba 2002; Debrecency et al 205.
Shaikh 2005) Curtis and Payne 2008; Janriv et al 2009). Auditor acceptance of
CAATS may be driven by both firm resource issues and individual user
perceptions. Prior information systems research indicates that even when
sufficient resource exist to purchase IT, users may not use (i.e., accept) the
new IT (Davis 1989). Thus, the primary purpose of our research is to examine
factors that influence individual, auditor acceptance of CAATS.
Information
systems research has developed several models to predict user acceptance of IT.
This study uses a recent technology acceptance model, the unified technology
acceptance and use of technology theory (UTAUT) (Venkatesh et al. 2003). UTAUT
integrates several previously accepted models to assess the likelihood of
success for new technology introductions. Understanding the drivers of
acceptance allows researchers and audit firm management to proactively design
interventions (including training, marketing etc) targeted (including training,
marketing etc) targeted at populations of auditors that may be less inclined to
adopt and use new systems (Venkatesh et al 2003). UTAUT proposes that four
factors influence user acceptance.
1. The expectation users hold regarding how
well the system may improve their performance (i.e., performance expectancy)
2. The degree of effort users, believe will be
needed to use the new system (i.e., degree expectancy).
3. The extent users perceive that individuals
important to them encourage system usage (i.e., social influence).
4. The expectation users hold regarding the
existence of an organization and technical infrastructure to support system
usage (i.e. facilitating conditions).
1.2
Statement of Problem
Prior
CAAT research is generally descriptive in nature. Braun and Davis (2003)
surveyed government auditor regarding their usage of Audit command language
(ACL), a commercially available CAAT. They found that while participants
perceived the potential benefits associated with ACL, they displayed a lower
confidence in their technical abilities to use ACL (Braun and Davis 2003).
Debreceny et al (2005) interviewed bank internal auditors are external auditors
in Singapore. They note that internal auditors tend to use CAATS for special
investigations rather than as a foundation for their regular audit work.
Furthermore, external auditors did not adopt CAATS citing its inapplicability
to the nature of testing the financial statement assertions or the extent or quality
of computerized internal controls.
Liang
et al (2001) noted that auditors do not frequently and systematically adopt
CAATS in practice and proposed a new electronic audit approach. Sheikh (2005)
suggested a new CAAT based on the electronic auditing from work that includes
most feature of existing generalized audit software but can be designed and
deployed independently from the auditor’s EDP system. Finally, Zhao et al
(2004) describes how CAATS must exist in order to conduct continuous auditing.
1.3 Research Questions
The following research questions will help in the
study under review;
i. Is
there a significant relationship between computer assisted audit techniques (CAATS)
and audit practice in Nigeria?
ii. Does a
significant relationship exist between computer assisted audit techniques
(CAATS) and effective financial reporting in an organization?
1.4
Objectives of the Study
“When
a man does not know what harbor he is making for, no wind is the right wind”.
These words is attributed to first century Roman philosophers Lucius Anneals
Seneca, bear out a long recognized truth, for life (business) to have
direction. Goals are essential when the following objectives of the study came
to mind in the choice of the topic.
i.
To determine whether there is a
significant relationship between CAAT and audit practice.
ii.
To determine if there is a significant
relationship between CAATS and effective financial reporting in an
organization.
iii.
To determine how far company law in
Nigeria has ensured Information auditors.
iv.
To determine whether the audit
committees served to play ensure auditor’s C.A.A.T is effectively used in the
practice work.
1.5 Statement of Hypotheses
Hypothesis
One
HO: There is no significant
relationship between
computer Assist Audit techniques (CAATS) and audit practice in Nigeria.
HI: There is a significant relationship between
computer assist audit techniques (CAATS) and audit practice in Nigeria.
Hypothesis Two
HO:
There is no significance relationship
between computer assist audit techniques (CAATS) and effective financial
reporting in an organization.
HI: There is a significance relationship between
computer assist’ audit techniques (CAATS) and effective financial reporting in
an organization.
1.6
Significance of the Study
Interestingly,
there has been little or no formal research on the application of CAATS in
general and GAS in particular to the assurance process (Boritz 2002). This
study aims is to make a first step in filling this clear gap in the research
literature. The study seeks to evaluate the nature and extent of the
utilization of GAS in financial institutions. These economically significant
entities typically make intensive use of information systems for many business
processes. Many financial institutions are of a sufficient size to warrant
investment in GAS by internal or external auditors. Financial institutions also
are often subject to regulatory regimes that require monitoring of particular
risks and potential malfeasance in areas such as money laundering. In
particular, this study aims to establish how GAS assists internal auditors
within banks and their external auditors in the process of substantive testing
in the conduct of both financial statement audits as well as special audits.
Second, in the event that banks do not make use of GAS to obtain audit evidence
through substantive procedures, the second objective of this study is to
examine the reasons for such limited usage. In addition, this study also
attempts to examine the possibilities of how banks’ internal and external
auditors would be able to better exploit GAS if they were given an opportunity
to exploit their capabilities to the fullest.
1.7 Scope of the Study
This
work is not intended to serve itself, but the generality of auditing firms and
the public at large. The study is to appraise thoroughly the theoretical
formation on which is acquainted with basic fact about the significance of information system security auditing
in Nigeria business environment.
1.8 Limitations
of the Study
The
scope of this study is limited to the survey of some selected auditing firms in
Benin City. This study would have been more relevant if data could be gathered
from all existing auditing firms in Nigeria. However we are constrained by
limited resources in terms of finance and time. Other factor includes delay in
response to questionnaires to be administered.
1.9 Definition of Terms
Information
Technology Audit: An information technology audit or
information systems auditing is an examination of the management controls
within an information technology (IT) infrastructure. The evaluation of
obtained evidence determines if the information technology or system are
safeguarding assets, maintaining data integrity and operating effectively to
achieve the organization’s goals or objectives. These reviews may be performed
in conjunction with a financial statement audit, internal audit, or other form
of attestation engagement. (Gawde, 2004).
Audit
Personnel: According to Webster Dictionary, it is an annual
personnel administration inventory which is an analysis and measurement of a
company’s personnel policies and practices to determine their effectiveness.
Security
Risk: A measure of the extent to which an entity is
threatened by potential circumstance or event and typically a function of (1)
the adverse impact that would arise if the circumstance or event occurs, and
(2) the likelihood of occurrence. Note information system- related security
risk are those risk that arise from the loss of confidentiality, or
availability of information or information systems and reflect the potential
adverse impacts to organizational operations (including mission, functions,
image, or reputation) organizations assets individuals other organizations, and
the Nation (Larnpson, 2000).
Buyers has the right to create
dispute within seven (7) days of purchase for 100% refund request when
you experience issue with the file received.
Dispute can only be created when
you receive a corrupt file, a wrong file or irregularities in the table of
contents and content of the file you received.
ProjectShelve.com shall either
provide the appropriate file within 48hrs or
send refund excluding your bank transaction charges. Term and
Conditions are applied.
Buyers are expected to confirm
that the material you are paying for is available on our website
ProjectShelve.com and you have selected the right material, you have also gone
through the preliminary pages and it interests you before payment. DO NOT MAKE
BANK PAYMENT IF YOUR TOPIC IS NOT ON THE WEBSITE.
In case of payment for a
material not available on ProjectShelve.com, the management of
ProjectShelve.com has the right to keep your money until you send a topic that
is available on our website within 48 hours.
You cannot change topic after
receiving material of the topic you ordered and paid for.
Login To Comment