15.7 Audit approaches – audit around, with and through the computer and circumstances when each is applied

Audit approaches can vary depending on the level of reliance on computerized systems and the extent to which auditors utilize computer-assisted audit techniques (CAATs). Here are three commonly used audit approaches in relation to computerized systems:

1. Audit Around the Computer: This approach involves conducting audit procedures manually and independently of the computerized system. Auditors rely on traditional audit techniques, such as sampling and manual calculations, to obtain audit evidence. This approach is typically used when the computerized system is not considered reliable or when auditors lack the necessary expertise or resources to perform extensive testing within the system. It may also be applied when the risks associated with the computerized system are deemed low.
2. Audit With the Computer: This approach involves utilizing CAATs to assist in performing audit procedures directly within the computerized system. Auditors use specialized audit software and tools to extract, analyze, and test data within the system. This approach allows for a more efficient and effective examination of large volumes of data, identification of anomalies or patterns, and assessment of system controls. It is often used when the computerized system is considered reliable and auditors have the necessary IT skills and resources to perform automated testing.
3. Audit Through the Computer: This approach involves relying extensively on the computerized system and its controls to gather audit evidence. Auditors assess the effectiveness of system controls, including general and application controls, to provide assurance over the reliability of the data processed by the system. They perform limited manual testing but primarily rely on the system’s automated controls and transaction processing. This approach is used when the computerized system has strong controls, reliable data, and a low risk of material misstatements.