Definition of Computer Information Environment
- The environment where computer systems and related technologies are integral to processing and maintaining financial and operational data.
- Includes networks, databases, software applications, and electronic data processing systems relevant to the audit.
Auditing Procedures in Computer-based Systems
- Emphasizes understanding the internal control systems surrounding computer operations.
- Requires assessment of risks unique to computerized environments, such as data integrity and security.
- Establishes procedures for evaluating IT controls, including access controls, processing controls, and program changes.
Evidence Gathering and Evaluation
- Stipulates that auditors must obtain sufficient and appropriate evidential matter through tests of controls and substantive procedures suited to the computer environment.
- Encourages the use of computer-assisted audit techniques (CAATs) to enhance audit effectiveness.
Documentation
- Mandates thorough documentation of audit procedures related to the computer system environment and findings.
Compliance and Professional Responsibility
- Auditors must comply with the Philippine Standards on Auditing and applicable ethical requirements.
- Highlights the responsibility of auditors to maintain professional skepticism and due care in computer audits.
Implementation and Authority
- The standard is adopted and mandated by the Professional Regulatory Board of Accountancy.
- The resolution is signed and approved by relevant authorities including the Chairperson and Commissioners of PRC.
Effectivity
- The adoption date is October 28, 2002, from which auditing practices in computer environments must align with this standard.