A STUDY INTO THE ISSUES, PROBLEMS AND PROSPECTS OF COMPUTERIZED AUDIT SYSTEMS
Auditing through the computer can be described as accessing, analyzing and reporting the electronic data file in its electronic state with the objective of ensuring that it conforms to operational control requirement according to Joshua Onukagha
The culmination of the effort of the environment, hardware, software security etc according to Nancy Joy (1977) is the electronic data file and it is this data file that answers important questions (like how is the business faring)?
Ability to manipulate the data file will obviously mean having the ability to manipulate the gains or losses of the business. Therefore, it is important that the Auditor should get very conversant with auditing through the computer.
Early computer were the gigantic and complex mainframes, which require programs being vigorously written to interrogate the data files on those mainframe which were only required to prepare the computer use. This proved enough frustration for the Auditor and so the trend was to contact the service of a computer professional to ease the process. This problem continued even in the time of mini-computers,
When the micro-computers were developed, there was hope for an automated computer audit took because of the simple features of the micro-computers. This equally met with a lot of frustrations. The major reason for this was the difference in data platforms. There were many programming languages (COBOL, FORTRAN, PASCAL, BASIC etc) used in creating data files and each programming languages has its own data platform. To audit the data files made in any of these languages required writing the interrogation tool (i.e. software) in the programming language of the data files. So there were compilation and so it seem as if the Auditor should become a computer professional in order to do the job.
These were problems facing the Auditor while facing the hassles of understanding file creation and access format which is necessary for reading and analyzing any data file even with a matching tool. Also affecting traditional audit requirement like ensuring competences and verifying the integrity of the data file which are essential for accepting the data file for audit placing between choices of audit samples and reaching out for a wide number of automated and it functions like stratification histogram, etc.
These problems have been tackled by developing some tools for auditing through the computer.
There are four main sources of the computer aided auditing techniques and tools (CAATS) that have been developed for the auditors. They are:
1. Applications (computer program) that creates the data file
2. Utility programs
3. Auditor â€“ development program
4. Dedicated CAATS
Some application come with audit related functions, such functions usually indicate the number of record in the file, summaries the files population distribution and other audit base functions. The main problem here is that most applications rarely include these functions since they were not designed with auditing in mind where the auditing is considered it is mainly focused on putting in controls that will ensure efficient data capture processing recording and reporting of the data. Therefore, they are so reliable as tools to auditing. If the Auditor requested for relevant audit function to be incorporated at the design and development stage, it could provide considerable audit function.
However, no matter how many of these functions may be, they will not be sufficient enough to meet all the requirement of the Auditor at different times of the audit.
Applications like package program (1-2-3, D- base fox prog.) contain function and command that allows the EDP Auditor to access files created in them (or even other platforms) and carry out some analysis and report from the. These systems could have been very helpful if applied to the data files for exhaustive audit but in reality, this is hardly the case (Goshual Anukagha 1993).
Utility are programs that are usually short and dedicated (meant) to a set of tasks often required by almost everyone using the computer. They usually address tasks that the operator perform most of the time on the computer.