IT Audit :

14
Aplikasi Komputer : Computer Assisted Audit Techniques IT Audit Caats Method Caats Selection ACL Software Matrikulasi MM Perbankan Farida Hermana Audit Data IT Audit : 1. Arround The Computer 2. Through The Computer 3. With The Computer ……..vs Audit Conventional ? 1. Jejak Audit 2. Keseragaman Transaksi 3. Pemisahan tugas 4. Resiko 5. Manfaat Perbedaan: Persamaan: 1. Definisi Auditing 2. Auditor 3. Tujuan Audit 4. Opini Auditor 5. Norma Pemeriksaan Computer Assisted Audit Techniques (CAATs) Atau Teknik Audit Berbantuan Komputer (TABK) Catatan kronologis dari penggunaan sumber daya sistem Mencakup user login, akses file, berbagai aktifitas lain, dan apakah ada pelanggaran Paperless Paperbased

description

IT Audit :. ……..vs Audit Conventional ?. Persamaan:. Arround The Computer Through The Computer With The Computer. Definisi Auditing Auditor Tujuan Audit Opini Auditor Norma Pemeriksaan. Perbedaan:. Jejak Audit Keseragaman Transaksi Pemisahan tugas Resiko Manfaat. Paperbased. - PowerPoint PPT Presentation

Transcript of IT Audit :

Page 1: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

IT Audit :

1. Arround The Computer2. Through The Computer3. With The Computer

……..vs Audit Conventional ?

1. Jejak Audit2. Keseragaman Transaksi3. Pemisahan tugas4. Resiko5. Manfaat

Perbedaan:

Persamaan:1. Definisi Auditing2. Auditor3. Tujuan Audit4. Opini Auditor5. Norma Pemeriksaan

Computer Assisted Audit Techniques (CAATs)

AtauTeknik Audit

Berbantuan Komputer (TABK) • Catatan kronologis dari penggunaan

sumber daya sistem

• Mencakup user login, akses file, berbagai aktifitas lain, dan apakah ada pelanggaran

Paperless

Pap

erba

sed

Page 2: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Lembar Kerja Pemeriksaan Arround The Computer

• Apakah kebijaksanaan pengamanan penggunaan aplikasi telah memperhatikan prinsip-prinsip umum kontrol aplikasi yang meliputi :

• Pemisahaan tugas …….antara … pengguna, operasi, dan pengembangan Y/T

• Penggunaan … hanya …. yang berwenang Y/T

• Menjamin …. data … telah divalidasi Y/T

• Menjamin … data yang ditransfer benar dan lengkap Y/T

• Tersedianya jejak audit yang memadai serta penelaahan oleh pihak yang berwenang Y/T

• Tersedianya prosedur restart dan recovery Y/T

Contoh:

Page 3: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Through The Computer

Application Program

Operating System

Hardware

CommunicationControl Program

DatabaseManagement

System

Infrastructure(power, teleccomunication, etc)

User Profile

Target Pemeriksaan

Page 4: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Lembar Kerja Pemeriksaan Through The Computer

Transaction Worksheet

A. Input Control ?

B. Processing Control ?

C. Error Correction ?

D. Output Control ?

E. End Documentation ?

F. Authorization ?

G. Security ?

H. Separation of Duties ?

I. File Maintenance ?

System :Sub System :Transaction :

Page 5: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

CAATsCAATs akan berguna untuk diterapkan pada lingkungan (organisasi/bisnis) yang:

High volumes of transactions Complex processes Distributed operations Different applications and systems.

CAATs Methods• Test Data• Integrated Test Facility (Ift)• Parallel Simulation• Embedded Audit Model• Generalized Audit System (Gas)

Membandingkan data yang dicopykan dan diberikan client ke Auditor dengan data sumber yang ada di sistem

Fasilitas audit sudah ada di dalam sistem aplikasinya. Teknik ini memerlukan keterlibatan Auditor dalam perancangan dan pengembangan perangkat lunak

Auditor menggunakan program yang bisa mengulang pemrosesan data dengan menggunakan data yang sama

Auditor memasukkan (bisa dikeluarkan lagi) modul audit ke dalam sistem yang diperiksa. Modul bisa mengidentifikasi transaksi sesuai kriteria tertentu

Perangkat lunak paket yang bisa mengekstraksi data dan menganalisisnya secara terpisah

Paling banyak digunakan, diantaranya adalah ACL

Page 6: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Computer Assisted Audit Techniques (CAATs) Beberapa teknik audit atomatis seperti generalised audit software,utility software, test data, application software tracing and mapping, andaudit expert systems.

Generalised Audit Software Suatu atau serangkaian program komputer yang dirancang khusus untukMelaksanakan fungsi-fungsi pengolahan data tertentu yang berkaitan dengan audit yang mencakup membaca dokumen/file komputer, memilihInformasi yang diharapkan, melakukan perhitungan-perhitungan serta mencetak laporan-laporan dengan format sesuai dengan yang dikehendaki oleh auditor

Computer Assisted Audit Techniques (CAATs)

ACLACL IDEAIDEASQLSQL SASSAS

Page 7: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Karakteristik pemilihan CAATs tools adalah :

Ease of use Ease of data extraction The ability to access a wide variety of data files from

different platforms The ability to integrate data with different format The ability to define fields and select from standard

formats Menu-driven functionality for processing analysis

commands Simplified query building and adjustments Logging features

Page 8: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

What is data?

• Bits and Bytes• Characters• ASCII and EBCDIC Characters• Fields/Data Elements; Records; Files/Tables/Datasets• Fixed-Length Records vs. Variable-Length Records• Data is Information

Contoh data file extensions:

.fil, .txt, .dat, .csv, .wks, .xls, .doc, .wpd, .dbf, .mdb, datasets (mainframe), .db2 (mainframe)

Page 9: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

How to Access the DataMainframe: Use data extract utilities (i.e. JCL/SYNCSORT) to access the data and download it in an ASCII-compatible format for further analysis on your PC.

Oracle or other relational databases from “mid-range” computers: Run a query (SQL) to extract the relevant data and copy it down to an ASCII-compatible format. Or, some database applications, such as Oracle and PeopleSoft, have data extract or reporting utilities that you can run without the need to ask for assistance from your IS Department (as long as appropriate levels of access have been granted).

Data Warehouses/LANs/Microcomputers: Certain ASCII data files may already be readily available, or queries may be run to obtain the data.

FTP (File Transfer Protocol): A utility used for transferring data from a “source” system to your local system/environment.

Page 10: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Flat Sequential

Dbase

Text

Delimited

Print Files

ODBC

Tape

Misalnya : nama terdiri dari nama awal dan nama akhir. Alamat terdiri dari alamat1 dan alamat2

Tipe data yang diterima ACL adalah :

Dbase compatible seperti Foxpro, Visual Fox Pro, clipper

Data berupa angka atau huruf

Data berisi file yang tidak mempunyai posisi tetap dalam sebuah record

Text file dalam bentuk laporan, berisi non data seperti header. Sub header dan baris kosong

Access, Oracle

Page 11: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Audit Command Language (ACL)

Features ACL offers:Ease of useBuilt-in audit and data analysis functionalityInteractive interrogation capabilitiesUnlimited file size capabilityAbility to read multiple data typesHigh quality reporting features

Page 12: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

An ACL document contains batches, input file definitions, indexes, views, and workspaces and their specified formats. The computerized data and information that ACL analyzes is called a data file. The data files never change. The components shown in the document box below are the elements that you create and manipulate

The ACL Document

Page 13: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Menu Bar

Page 14: IT Audit :

Aplikasi Komputer : Computer Assisted Audit TechniquesIT Audit Caats Method Caats Selection ACL SoftwareMatrikulasi MM Perbankan

Farida Hermana

Audit Data

Button Bar

The button bar provides quick access to commonly used commands and menu options. Each icon is linked to an option on an ACL menu and represents a specific task you can perform.


IT Audit SOX

IT Audit SOX

IT Audit For Non-IT Auditors

IT Audit For Non-IT Auditors

IT Audit Checklist - 1

IT Audit Checklist - 1

It audit methodologies

It audit methodologies

INTOSAI IT Audit IT Methods Awareness. Outline Scope Overview It Methods Methods Description Methods Usage Audit Reporting.

INTOSAI IT Audit IT Methods Awareness. Outline Scope Overview It Methods Methods Description Methods Usage Audit Reporting.

Audit organisationnel IT

Audit organisationnel IT

IT Audit 01

IT Audit 01

IT Governance and Strategy - QAP Advice & Audit · IT AUDIT CHECKLIST: IT GOVERNANCE AND STRATEGY 2 Executive Overview What Is the IT Audit Checklist Series? The ITCi IT Audit Checklists

IT Governance and Strategy - QAP Advice & Audit · IT AUDIT CHECKLIST: IT GOVERNANCE AND STRATEGY 2 Executive Overview What Is the IT Audit Checklist Series? The ITCi IT Audit Checklists

IT Audit - Dell EMC · IT Audit EMC’s Journey ... space and energy efficiency, ... 2 For additional detail, see ESG Lab Audit Report, EMC IT ...

IT Audit - Dell EMC · IT Audit EMC’s Journey ... space and energy efficiency, ... 2 For additional detail, see ESG Lab Audit Report, EMC IT ...

IT Audit Basics

IT Audit Basics

IT Audit Checklist

IT Audit Checklist

Introduction to IT Audit - UNIKOMelib.unikom.ac.id/files/disk1/513/jbptunikompp-gdl-basukirahm... · 1 Introduction to IT audit ... Audit of Developing Systems Concurrent audit of

Introduction to IT Audit - UNIKOMelib.unikom.ac.id/files/disk1/513/jbptunikompp-gdl-basukirahm... · 1 Introduction to IT audit ... Audit of Developing Systems Concurrent audit of

Modul Praktikan Audit It

Modul Praktikan Audit It

IT audit - general control

IT audit - general control

IT Audit Methodologies IT Audit Methodoloies. IT Audit Methodologies CobiT BS 7799 - Code of Practice (CoP) BSI - IT Baseline Protection Manual ITSEC.

IT Audit Methodologies IT Audit Methodoloies. IT Audit Methodologies CobiT BS 7799 - Code of Practice (CoP) BSI - IT Baseline Protection Manual ITSEC.

IT Audit Methodologies. IT Audit Methodoloies IT Audit Methodologies CobiT BS 7799 - Code of Practice (CoP) BSI - IT Baseline Protection Manual ITSEC.

IT Audit Methodologies. IT Audit Methodoloies IT Audit Methodologies CobiT BS 7799 - Code of Practice (CoP) BSI - IT Baseline Protection Manual ITSEC.

IT-Audit Concept, Approach and Methodologies. Internal IT Audit Stakeholder in the Internal IT Audit Process Key Objectives & Requirements Methodological.

IT-Audit Concept, Approach and Methodologies. Internal IT Audit Stakeholder in the Internal IT Audit Process Key Objectives & Requirements Methodological.

IT Audit Manual - al.undp.org AUDIT MANUAL.pdf · IT audit is the examination and evaluation of an organization's information technology infrastructure, policies and operations. IT

IT Audit Manual - al.undp.org AUDIT MANUAL.pdf · IT audit is the examination and evaluation of an organization's information technology infrastructure, policies and operations. IT

IT Audit Process - community.mis.temple.educommunity.mis.temple.edu/.../files/2015/12/Week-5_-Audit-Planning.pdfIT Audit Process Prof. Liang Yao IT Audit Universe and Entities IT Audit

IT Audit Process - community.mis.temple.educommunity.mis.temple.edu/.../files/2015/12/Week-5_-Audit-Planning.pdfIT Audit Process Prof. Liang Yao IT Audit Universe and Entities IT Audit

IT Audit Training Series O IT Audit for Non-IT Auditor Masterclass O IT Audit Workshop for Non-IT Auditor Advanced Management Training Series O Advanced Intellectual Property Management

IT Audit Training Series O IT Audit for Non-IT Auditor Masterclass O IT Audit Workshop for Non-IT Auditor Advanced Management Training Series O Advanced Intellectual Property Management