Ron Weber an EDP Audit expert define an EDP audit as a process on collecting evidences to determine whether computer system can secure all of the asset of the organization, keep the fact and data, and reach organizational goal effectively and efficiently by using the recent asset. By this definition EDP audit can be said as a tools to make the process of the audit easier. Using the EDP Audit an auditor can reach the system and internal control in computerized system.
EDP as a tool can be described in this analogy; EDP is a method to do an audit using a computer as a media. Computer is a tool to a human so that EDP audit is also a tool to ease the other audit.
In regular financial audit computer have a very significant role in determining and processing data of transaction. System and data distribution moves very fast alongside with the system. A regular audit is impossible to track a data flow in this speed so that we use an EDP audit so that the goal of auditing process can be reach effective and efficiently. In this example we can see that there is no opposition between regular financial audit and EDP or computer auditing, even without EDP auditing, in computerization system, regular financial audit cannot reach their goal and impossible to create a reliable opinion.
Let’s take another case, for example an investigation audit is held in an organization with computerized system and internal control. In an investigation audit every single transaction, data, and evidence of an activity is a relevant evidence to determine the result of the audit, so that the process of collecting evidence is an important part. In computerized system an evidence of even a fraud is can be held by manipulating system in the computer for example: manipulating invoice, manipulating work order and etc., so that without the computer and data processing audit we can’t determine whether the computer output is reliable or not. In evaluating the internal control the EDP audit is also needed to determine whether the system can produce reliable information and secure the asset or not.
For those two examples is already known that an EDP audit is becoming a tools to the other types of audit. Next problem is a question “do we need to collaborate the EDP and the other audit become a single unity?”. What I mean here with the single unity is there no more EDP audit as a separate tool, but it is belong to the every single type of audit. Every standard should accommodate and require the process of EDP audit.
In my personal opinion to answer those questions above we need to think comprehensively about the condition and origin of the economic entity these days. Most business today is using computer system to service and doing their transaction. But some of the business entity still uses the manual or paper and the pen system so that if the auditing standard is change and always require and accommodate the EDP inside then it will fail to reach the goal in manual system. Other reason is when an EDP audit is do realize in auditing standard.
Tidak ada komentar:
Posting Komentar