Auditors are subject to a range of new requirements over the next 12 months and generally this means that processes and documentation change in the audit methodology without our clients noticing.
One of the changes this year however will affect the questions being asked of clients and therefore we wanted to raise awareness of this to allow you to prepare relevant documentation.
ASA 315 Identifying and Assessing the Risks of Material Misstatements requires an auditor to obtain a greater understanding of General IT Controls (GITC) at their clients and determine how these controls affect the nature, extent and timing of audit evidence obtained.
GITCs are controls over the entity’s IT processes that support the continued proper operation of the IT environment, including the continued effective functioning of information processing controls and the integrity of information in the entity’s information system.
We encourage our clients to consider the GITC controls they have in place to support the operation of information processing controls which are implemented at the application, database, operating system or network level and document these and consider including this as a discussion item with the Board.
Disclaimer: This information is general in nature and should not be relied on as advice. It does not take into account the objectives, financial situation or needs of any particular person. You need to consider your financial situation and needs and seek professional advice before making any decisions based on this information.