The Statutory Audit ensures that the financial statements give a true and fair view and are free from any material misstatements. Nowadays, controls over business transactions are fully integrated with Information Technology (IT). Consequently, qualitative financial reporting implies information integrity and reliability, relying on adequate mitigation of IT risks. Qualified Advice Partners adds value to statutory audits by evaluating the information system controls which form an integral part of the financial and accounting assessment.
Business risk assessment techniques are used to identify critical key controls pertaining to the financial statement processes. These controls may include the Sarbanes Oxley (SOX) requirements. What are the major finance related processes, risks and controls?
The key controls in the business processes identified by the statutory audit during the Business risk & controls assessment depend on IT applications. Related IT risks are the so-called general IT controls and application controls.
The general IT controls cover various layers: application programs, databases, operating systems and network infrastructure, for their contribution to the IT application risks.
Application controls cover data edits, separation of business functions, balancing of processing totals, transaction loggings, and error reporting. The objective of applications controls is to ensure that input data is accurate, complete, authorised and correct, that data is processed as intended in an acceptable timeframe, that output is accurate and complete, that stored data is integer, and that tracking information is maintained.
The global audit opinion on the reliability of the financial statements is derived from the business risk assessment and the evaluation of the underlying IT risks pertaining to the general IT controls and the application controls.
Qualifed Advice Partners provides objective assurance that the information systems and related controls are suitable for ensuring true and fair financial statements. The IT controls audit complements the external statutory audit, assessing financial statements in medium and small enterprises. Our audit approach complies with professional best practice and uses the most up-to-date audit techniques. QAP has a wealth of experience in the private and public sector, primarily in the financial and service industry.