Internal Audit Controls
Discuss about the Audit Committee Characteristics On Implementation.
The “Satyam Computers Services Ltd”, is a popular IT service company of India. It has been offering a wide range of services like engineering design services, system maintenance, and software development and so on. However, the organization has been witnessing fraudulent activities. One of such has been considered one of the biggest counting scams for India.
The study analyzes IT audit controls the deals with evaluation and examination of information technology infrastructure, operations and policies. To understand various IT audit controls for Satyam Computers the following discusses basic IT controls and advantages, audit methodologies and managerial and organizational risks.
From the perspective of internal audits, the insufficient identifications of primary risks for Satyam Computers Services Ltd have been increasing the likelihood of various poor events. Here, improper recognition has been resulting to the waste resource on various areas of low risks having minute rewards. However, conversely, it can be said that it has left Satyam Computers more exposed to various adverse events (Alzeban & Sawan, 2015). However, some of the top management has identified the primary risks and Satyam Computers has needed assurance that the reactions on those risks have been effective. Further, an effective reaction has been a vital part of ERM and this indicated that means of attention to operate and design internal controls. Further, there has been a natural reaction towards primary risks. These have been increasing vulnerabilities and strong controls are needed to exist. Further, the work from ERM has been effective. Here lies the responsibility of internal auditor. Moreover, risk has been perfectly fine at an acceptable level. However, the management has needed to define the acceptable level in the interest to achieve the goals of the company (Mesquida & Mas, 2015).
At the managerial level, the organizational needs are needed to be understood from various risk management perspectives. Understanding that has been making decisions and taking risks has been critical for Satyam Computers to know how risk gets managed. The managers have needed to determine whether they have been decentralized and centralized or whether the people have needed lots of decision-making and autonomy for the consensus has been required. Then it has been required to determine whether risks have been stable, volatile or dynamic (Brasel et al., 2016). Next, the dangers of effective risk management have been needed to be established along with necessities to go right for them regarding reasonable assurances at proper levels of proper risks are required to be considered. Then the controls in place are needed to address those risks. Further, it has been required to determine whether the design has been sufficient and reasonable assurance are necessary to be found out regarding what risks are needed to be controlled at desired levels. Next, the controls testing are required to be performed for obtaining assurance that efficiently operating has been designed (Jha & Chen, 2014).
Managerial and Organizational Risks
The process audits have worked under for Satyam Computers established limits. This has evaluated the methods and operations against various predetermined standards and instructions for measuring conformance for having standards and effectiveness of instructions. For Satyam Computers, these kinds of audits have included checking conformances for defining requirements like component mixtures, amperages, responsiveness, compositions, pressures, temperatures, accuracy and times (Bills, Swanquist & Whited, 2016). Next, the resources like people, materials, and equipment are applied for transforming inputs to outputs, the environments, method followed and measures to collect for finding the process performances. The effectiveness and adequacy of the process controls that are established by process specifications, training, flowcharts, work instructions and procedures are needed to be checked.
Then system audit must be performed on management systems. This is helpful for Satyam Computers to document activities undertaken for verifying through evaluation and examining the objective evidence. Here, those applicable elements of the system have been active and proper and are developed, documented and deployed according to and in conjunction with particular requirements (Boyson, 2014).
Here, the primary constraints on projects have been customer specifications, costs and times. This also included resource availabilities and various qualities. Satyam computers have been developing project management methodologies and needed to use those projects for assessing how effectively the methodology has been working. Here, the success criteria have been on the basis on which the business case for the project has been created and the main reason has been why the project got approved (Bradford, Earp & Grabski, 2014).
The worldwide digitization of the industries has generated huge data lakes of resource data. Here, most of the organizations have been lacking tools to parse those huge asset datasets regarding actionable insights. They can be further used to drive smarter decision makings. Here, the machine learning and artificial intelligence have been helping to standardize data flow from various disparate locations. Streamlining various procedures of industrial data assessments has been helpful. It has been helpful for operators of Satyam Computers to go deep into the insights of resource performances. It has also laid the ground stone regarding automation of daily decision-making (Sultana et al., 2015).
As per as business operations of Satyam Computers has been considered, the decision process audit has been the first step to refer to opportunities for redesigning decision processes. This has included new decision aids and various decision support systems under their business processes (Ettredge, Xu & Yi, 2014). At some cases, the audit has suggested changes under decision technologies that be developed through reducing costs and improving performances. For Satyam Computers, this audit for decision making has been same as the quality audit. The audits must analyze the ways in the processes can be implemented successfully. The effectiveness to achieve various defined target levels has been needed to be judged (Donohoe & Robert Knechel, 2014). They must also provide evidence regarding elimination and reduction of various problem areas. Then there are various management tools to achieve constant development at Satyam Computers that are needed to be determined. Then as per as completion of audits are concerned, the core questions are how to perform processes and tasks effectively. Then they must find out what changes they must include as the highest priority.
Process Audit
Most of the accounting, IT professional and auditing societies have come to the belief that developments in education and research are helpful to provide IT auditors with effective empirical and theoretical knowledge by IT audit function. The primary controls and their impact on the Satyam Computer’s operations are discussed hereafter. The first one is an application of risk-oriented approaches of audits. Next, business expectations and roles must be understood for the auditing systems that have been under development, regarding purchasing software packaging and project management (Khlif & Samaha, 2014). Next, the privacy and information security issues can be analyzed that can put Satyam Computers at risk. Next verification and examining of their compliance with various IT related legal problems are to be identified that have been putting the Satyam Computers at risks. Next, the complex system development life cycles like SDLC can be evaluated and new development methods like application developments, rapid systems, end-user computing and prototyping can be used. Lastly, there must be performing and managing of follow-up review ensuring various actions to be considered at work.
As per professional roles of IT, auditors have been considered, the external auditors have been liable to get reasonable assurances that financial statements free from material misstatements are considered. These are generally caused by error or fraud. This, the external auditors have been responsible for considering the risk of various material misstatements because of that fraud. For achieving that the auditors are required to maintain professional skepticism (DeFond, Erkens & Zhang, 2016). Again for ethical roles, team leaders of Satyam Computers IT team needs to comply with customs, regulations and rule completely. Regarding legal responsibilities, auditors are liable to assure every line item over financial statements that are presented fairly. Auditors are needed by law to report their opinion fairly on the client companies. As it is not done, they can be subjected to various lawsuits and various other implications of legal audits.
Conclusion:
The above report helps in understanding the management of Satyam Computers Services Ltd to allocate limited audit resources effectively. It ensures relevant information to obtain from every level of control. Further, it establishes a basis to manage the IT functions and departments of Satyam Computers. Moreover, the report analyzes how audit subject area has been related to entire organization for the business plans. Thus a coherent and comprehensive knowledge is obtained on the role of information requirements. There are creative and cognitive skills to exploit and identify facilitated technology innovation in business and governments of the current era. At last, the various legal aspects, professional practices and ethical standards are understood within the industry and business environment. It helps in directing and developing processes for supporting adoption of changes needed by project and its initiatives.
References:
Alzeban, A., & Sawan, N. (2015). The impact of audit committee characteristics on the implementation of internal audit recommendations. Journal of International Accounting, Auditing and Taxation, 24, 61-71.
Bills, K. L., Swanquist, Q. T., & Whited, R. L. (2016). Growing pains: Audit quality and office growth. Contemporary Accounting Research, 33(1), 288-313.
Boyson, S. (2014). Cyber supply chain risk management: Revolutionizing the strategic control of critical IT systems. Technovation, 34(7), 342-353.
Bradford, M., Earp, J. B., & Grabski, S. (2014). Centralized end-to-end identity and access management and ERP systems: A multi-case analysis using the Technology Organization Environment framework. International Journal of Accounting Information Systems, 15(2), 149-165.
Brasel, K., Doxey, M. M., Grenier, J. H., & Reffett, A. (2016). Risk disclosure preceding negative outcomes: The effects of reporting critical audit matters on judgments of auditor liability. The Accounting Review, 91(5), 1345-1362.
DeFond, M., Erkens, D., & Zhang, J. (2016). Does PSM really eliminate the Big N audit quality effect?.
Donohoe, M. P., & Robert Knechel, W. (2014). Does corporate tax aggressiveness influence audit pricing?. Contemporary Accounting Research, 31(1), 284-308.
Ettredge, M. L., Xu, Y., & Yi, H. S. (2014). Fair value measurements and audit fees: Evidence from the banking industry. Auditing: A Journal of Practice & Theory, 33(3), 33-58.
Jha, A., & Chen, Y. (2014). Audit fees and social capital. The Accounting Review, 90(2), 611-639.
Khlif, H., & Samaha, K. (2014). Internal control quality, Egyptian standards on auditing and external audit delays: Evidence from the Egyptian stock exchange. International Journal of Auditing, 18(2), 139-154.
Mesquida, A. L., & Mas, A. (2015). Integrating IT service management requirements into the organizational management system. Computer standards & interfaces, 37, 80-91.
Sultana, N., Singh, H., der Zahn, V., & Mitchell, J. L. (2015). Audit committee characteristics and audit report lag. International Journal of Auditing, 19(2), 72-87.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
