Para 3.22.3 — MSO (Audit)
Original Rule Text
3.22.3 Use of computer facilities has brought about radically different methods of processing, recording and controlling information and has resulted in many previously separated functions being combined. Consequently, the potential for material systems errors has greatly increased at a considerable cost to the organisation; for instance, the highly repetitive nature of many computer applications implies that even small errors remaining undetected may lead to large losses. An error in the calculation of income tax to be deducted from employees’ remuneration will not recur in each case in a manual system, but once this error is introduced in a computerised system, it will affect each case. A bank may suffer huge losses on account of an error in rounding off to the next rupee instead of to the nearest rupee. The financial implications of such recurring or repetitive errors could, in the final analysis, be very substantial. This makes it imperative for the auditor to test the invisible processes, and to identify the vulnerabilities in a computer information system.
# Controls in a Computer System
What This Means
Computerisation has combined many previously separate functions, greatly increasing the potential for material system errors at considerable cost. Unlike manual systems where an error affects one case, a computerised error repeats across all cases — for example, a wrong income tax formula affects every employee, or a bank's rounding error multiplies across millions of transactions. This makes it essential for auditors to test invisible computer processes and identify system vulnerabilities.
This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.
Key Points
- 1Computerisation combines previously separate functions, increasing error potential
- 2Errors in computerised systems are repetitive — they affect all cases, not just one
- 3Small errors can lead to huge cumulative financial losses
- 4Manual errors are isolated; computer errors are systemic
- 5Auditors must test invisible processes inside computer systems
- 6Identifying vulnerabilities in computer information systems is essential
Practical Example
A bank's computerised interest calculation system has a rounding error — it rounds up to the next rupee instead of to the nearest rupee on savings account interest. With 10 lakh savings accounts, this seemingly trivial error results in an excess payout of approximately Rs 50 lakh per year. In a manual system, a clerk might make such an error on one account; in the computerised system, it affects every single account simultaneously.
This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.
Frequently Asked Questions
Why are computer errors more dangerous than manual errors?▼
What are 'invisible processes' that auditors must test?▼
This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.