Computer Audit Case 2 Essay

547 words - 3 pages

As an IT auditor in AlphaCo’s SOX Section 404 audit, my overall assessment would be that AlphaCo passes the compliance audit. The company has done a good job of developing an effective IT system, and it has competently identified and reduced IT risks related to security flaws which were present at the time of the hacking incident. Specifically our IT audit suggest that there are effective internal controls which have been further upgraded to keep up with the security vulnerabilities discovered after the intrusion. The tone at the top of the organization is also adequate.
Due to the size of the organization and the materiality (financial and reputation) of multiple hacking incidents to this IT reliant company, the CIO has proposed further increase in IT related budget. The CEO and the CFO are understandably reluctant to increase cost, but they are open to ...view middle of the document...

All critical servers are now required to be updated within 72 hours of patch release. Furthermore, database connections are now encrypted; virus scanners are upgraded; and, all software are required to be justified on critical servers.
New monitoring activities have been put into place. All new customer accounts are reconciled monthly for appropriate credit check approval and Security logs are reviewed each week for anomalies. Firewalls and account administration policies were also updated with emphasis on maximum security. Firewall configurations are maximized and open ports require justification. All non-business accounts are also removed from the critical servers leading to more transparent security logs. We believe that these control and monitoring activities are a huge step forward and helps the company effectively comply with control requirements of SOX 404.
Materiality wise the identified hacking incident cost the company $20 million. However, such incident have a potential cost of $200 million per year. Yet, under current control regime, such incident are very unlikely and still is only about 0.4% of the company’s $42 billion revenue.
Additionally, the company may not have had strong preventative control before the hacking incident, but they did have relatively effective compensative controls like their Accounts Receivable Aging Review process. This enabled the company to detect such issues before the external auditors did, and hence created an opportunity to improve IT security controls before the external audit.
In conclusion, I believe the current state of internal controls developed by AlphaCo’s management gives us enough evidence to believe that the company complies with Section 404 of SOX which “requires the CEO and CFO to annually state their responsibility for establishing and maintaining an adequate internal control structure and procedures for financial reporting, conduct and provide an assessment of the effectiveness of the enterprise’s internal controls.”

Other Essays Like Computer Audit Case 2

Smackey Dog Food Essay

1475 words - 6 pages client’s business and industry. So far, members of the Audit team, the audit manager Pete and two audit staffers Ben and Maureen, have to understand the client’s business and industry. 2. Assess client business risk. The business risk is the risk that Smackey will fail to achieve its objectives. The audit team assesses the risk of material misstatements arising from Smackey’s business risk. 3. Perform preliminary analytical procedures. The

Audit Delay Essay

5111 words - 21 pages Reaction to Earnings Announcements in an Emerging Capital Market: The Case of China”, Journal of International Financial Management and Accounting, 11:2 2000, pp. 108-131. Warrack, K. (2000), “Chapter 17,18 and 19”, Statistics for Management and Economics, California: Duxbury Thomson Learning, 5th Edition, pp. 625-775. Whittred, G.P. (1980), “Audit Qualification and the Timeliness of Corporate Annual Reports”, The Accounting Review, Vol. 55

Auditing 2

953 words - 4 pages 4.47: A. In this case Auditor 2’s argument is more persuasive. Risk management is a process that aims to help organizations understand, evaluate, and take action on all their risks. Business risk, financial reporting risk, engagement risk, and audit risk are the four critical components of risk that are relevant to conduct an audit. Risk is a pervasive concept. Organizations are at risk everyday they operate. Old fashioned audit was only

Pinnacle Case Study 2

970 words - 4 pages Pinnacle Case Project: Part 2 1. a. Likelihood of financial difficulties: The two articles mentioned bring up concerns over whether Pinnacle can rely on sales of solar powered engines. These articles imply that Pinnacle may not have the capabilities needed to perform well in that industry. Also, if EPA regulations are postponed, Pinnacle’s customers will not have as much reason to switch to solar powered engines. b. Acceptable Audit Risk

Accounting Chapter 2

3107 words - 13 pages Chapter 2 The CPA Profession ← Review Questions 2-1 The four major services that CPAs provide are: 1. Audit and assurance services Assurance services are independent professional services that improve the quality of information for decision makers. Assurance services include attestation services, which are any services in which the CPA firm issues a report that expresses a conclusion about the reliability of an assertion

Audit Evidence

3451 words - 14 pages origin to their ultimate disposition in the accounting journals and ledgers. Thus, the auditor can examine an accounting transaction from the time it is initiated by the entity until its final recording in the financial statement accounts. 4-2 The financial statements contain management's assertions about the various financial statement components. The auditor tests management’s assertions by conducting audit procedures that provide evidence on

System Integrity and Validation

1269 words - 6 pages System Integrity and Validation and Summary of Recommendations Jessica Noble ACC 542 March 23, 2015  Milan Havel System Integrity and Validation Since the proposal of the new software at Kudler Fine Foods, the system integrity and the use of computer assisted auditing techniques (CAATs) will need to be discussed. This brief will follow three topics (1) how CAATs is used to validate data and system integrity, (2

Knapp, Doughtie Food

2175 words - 9 pages . Nashwinter claimed that the Goodman & Company auditor had overlooked the three count sheets. After briefly reviewing these count sheets, Wilson and Pollard added the items on them to Gravins’ inventory. Following the division’s 1981 physical inventory, the audit senior on the Doughtie’s engagement could not reconcile the quantities for numerous items listed on the inventory count sheets with the quantities shown on the computer printout that

Smackey Dog Foods Inc

2281 words - 10 pages case are very high. Q10: Discuss if Keller CPAs or its auditors are breaching any Professional Rules of Conduct and why or why not? Solution: Yes, members assigned to the audit are breaching Professional Rules of Conduct. Rule 101 of the Professional Code of Conduct appears to be in violation due to the friendship Pete has with Kim’s ex-husband. Rule 301, Confidential Client Information, has also been breached because Pete ahs shared

Quality Management System -Toyota

3127 words - 13 pages : Product Quality A person who is actually involved in production process, can understand product deficiencies , so if an organization want to improve its product quality then it needs to delegate the responsibility to worker to find out the product’s flaw, and if there are any, to get them correct from relevant person. In case, if problem is not solved, then employee can either stop production with a card that is called JIDOKA. Upholding

Auo 1 Study

2528 words - 11 pages ) mnemonic codes, (2) sequence codes, (3) block codes, and (4) group codes. 5. How do accounting information software packages differ? Owners will have to consider what tasks they'll want their system to accomplish, identify what software package or packages can perform these tasks, and perhaps evaluate several different computer hardware configurations that might support these packages. 6. What are the roles of accounting information systems in

Related Papers

Komputer Auditing Essay

1577 words - 7 pages -kekurangan-masing2-software-audit/ 2. Perbedaan antara Audit Around the Computer dengan Audit Through the Computer. AUDIT AROUND THE COMPUTER Audit around the computer masuk ke dalam kategori audit sistem informasi dan lebih tepatnya masuk ke dalam metode audit. Audit around the computer dapat dikatakan hanya memeriksa dari sisi user saja pada masukkan dan keluaranya tanpa memeriksa lebih mendalam terhadap program atau sistemnya, bisa juga

Audit Proposal Essay

1163 words - 5 pages controls. Audits allow an organization to identify any problems that are present in the systems they use. These problems can be corrected once identified. An organization must make sure to choose the appropriate audit that will meet their needs and review the steps that need to be taken for that particular audit. Audits through a computer should always be reviewed in case of an event that would cause the information to become unreliable. Organizations

Kudler's Recommendations Essay

1243 words - 5 pages corrections and preventing fraudulent transactions from occurring. Kudler Fine Foods System Integrity and Validation With the recent implementation of automated software at Kudler Fine Foods, there is the need to address system integrity and the use of computer assisted auditing techniques (CAATs). This brief examines the following topics (1) how CAATs will be used to validate data and system integrity, (2) explain the functions of audit

Arens Auditing Essay

3936 words - 16 pages conformity with generally accepted accounting principles. An example of an attestation service is a report on the effectiveness of an entity’s internal control over financial reporting. There are many possible forms of assurance services, including services related to business performance measurement, health care performance, and information system reliability. 1-2 An independent audit is a means of satisfying the need for reliable information on