Para 3.22.71 — MSO (Audit)

MSO (Audit)mso-audit

3.22.71 Audit requirements have to be provided to ensure that the system can be audited in an effective and efficient manner. Audit trail has to be maintained to enable tracing of an item from the input stage through to its final destination and the break up of a result into its constituent parts. Auditors may have to use audit software or test data for the efficient execution of their audit. They have, therefore, to make reasonable requests for the access to copies of system data files, report generators and processing time.

What This Means

Audit requirements must be built into computer systems to ensure they can be audited effectively and efficiently. The system must maintain an audit trail that allows tracing any item from its initial input through all processing stages to its final destination, and conversely, breaking down any result into its component parts. Auditors may need to use audit software or test data for efficient examination, and they should have reasonable access to copies of system data files, report generators, and processing time.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Key Points

1Computer systems must be designed to allow effective and efficient auditing
2An audit trail must enable tracing items from input to final output and vice versa
3Auditors should be able to break down any result into its constituent parts
4Auditors may need access to audit software, test data, and report generators
5Reasonable access to system data file copies and processing time must be provided

Practical Example

An auditor examining a government department's computerised accounts wants to verify a specific expenditure entry in the annual accounts. Using the audit trail, they trace backwards: the annual accounts figure links to a monthly summary, which links to daily voucher totals, which links to individual vouchers with their original entry details including who entered them and when. The auditor also runs audit software (CAATs) on a copy of the database to identify all transactions above Rs. 5 lakhs, unusual patterns, or gaps in sequence numbers. The IT department provides a copy of the data file and scheduled processing time for these audit tests.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Frequently Asked Questions

What is an audit trail in a computer system?▼

An audit trail is a chronological record that provides documentary evidence of the sequence of activities — from input through processing to output. It allows auditors to trace any transaction from its origin to its final recorded form, or reconstruct how any final figure was derived.

What are Computer Assisted Audit Techniques (CAATs)?▼

CAATs are audit software tools that allow auditors to analyse large volumes of electronic data efficiently. They can test entire populations rather than samples, identify anomalies, perform complex calculations, and verify data integrity — tasks that would be impractical to do manually.

Why should auditors have access to data file copies rather than live files?▼

Working with copies prevents auditors from accidentally altering live production data. It also avoids performance impacts on the live system and ensures the audit does not interfere with ongoing operations.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Para 3.22.71 — MSO (Audit)

Original Rule Text

What This Means

Key Points

Practical Example

Frequently Asked Questions

Related Rules