Chapter 16

16.0 Purpose

The chapter aims to equip readers with:

  • Understanding the effects of information technology on the audit environment.

  • Application of technology in audit processes.

  • Knowledge of IT tools relevant to assurance services.

  • Familiarity with GRC software solutions.

  • Insight into frameworks for control evaluation in a computerized setting.

  • Recognition of risks in the e-business landscape.

  • Utilization of digital forensics in fraud investigations.

  • Insight into computer robotics in the audit process.

  • Awareness of the Nigerian Data Protection Regulation, 2019.

  • Understanding of the NITDA Act and NDPR.

16.1 Introduction

  • The rise of technology significantly influences audit and assurance services, particularly with advancements like cloud services and mobile applications.

  • Auditees and practitioners must adapt to these technological changes, developing new auditing techniques aligned with current practices.

  • Notably, the automation potential in accounting and auditing roles is growing, driven by digital transformation.

16.2 Impact of Information Technology on Audit Environment

Key technologies influencing audit services include:

  1. Cloud Computing: Offers remote auditing capabilities, reducing the need for physical servers and fostering teamwork.

  2. Big Data Analytics: Allows real-time financial transaction monitoring, providing actionable insights from vast datasets for decision-making.

  3. AI and Robotics: Streamlines data analysis and repetitive audit tasks, enhancing productivity and focusing on higher-value work.

  4. Blockchain Technology: Facilitates transparent and secure transaction recording, potentially altering auditor functions in checking transaction authenticity.

  5. Social Media: Enables auditors to enhance visibility, information sharing, and collaboration.

16.3 Application of Information Technology to Audit Process

Technological impacts include:

  • Audit Engagement Planning: Automation capabilities enhance planning efficiency.

  • Audit Risk Assessment: Software facilitates both qualitative and quantitative risk assessment.

  • Evaluation of Internal Controls: Computer-assisted audit tools (CAATs) are used to assess IT control effectiveness.

  • Substantive Testing: Automated solutions validate financial statements and assist in third-party confirmations.

  • Audit Reporting: Modern software includes reporting modules for easier result presentation.

16.4 Information Technology Tools Applicable in Assurance Services

16.4.1 Technology Tools for the Auditor

  • Gantt Chart Software: Utilized for project planning and tracking audit engagements

  • Risk Analysis Tool Pack: Tools facilitate the anticipation and management of audit-related risks, available in various software like ACL and CaseWare IDEA.

16.5 Software Solutions for Governance, Risk and Compliance (GRC) Process

  • Modern GRC software encompasses tools for effective decision-making and compliance management.

  • Key tools include SAP GRC, Enablon GRC, and Riskonnect GRC. Key considerations for GRC platforms involve ease of use, cost, and security features.

16.6 Application of Control Evaluation Frameworks in a Computerized Business Environment

  • COBIT Framework: Provides an authoritative resource for managing and governing IT resources effectively.

  • Highlights the distinction between governance and management activities critical for ensuring IT integrity.

16.7 Risks Inherent in E-Business Environment

Common risks include:

  • Online security vulnerabilities, service provider failures, credit card fraud, and intellectual property theft.

  • Recommendations for mitigating risks include robust IT policies and regular staff training.

16.8 Application of Digital Forensics in Fraud Investigation

  • Digital Forensics: Involves gathering and analyzing digital evidence admissible in court, essential for fraud and other corporate investigations.

  • The forensic process includes thorough planning, evidence collection, documentation, examination, reporting, and returning evidence.

16.9 Computer Robotics in the Audit Process

Technologies enhancing audit efficiency:

  • Robotic Process Automation (RPA): Automates repetitive tasks, allowing auditors to concentrate on complex issues.

  • Drones: Used for inventory counts and asset condition assessment, providing timely data.

16.10 Governing Principles of the Nigerian Data Protection Regulation, 2019

  • The regulation mandates the lawful processing of personal data, ensuring its adequacy, accuracy, and security.

  • Organizations must protect personal data and be accountable for their processing actions.

16.11 National Information Technology Development Agency (NITDA) Act and NDPR

16.11.1 Introduction

  • NDPR established data protection awareness and compliance measures in Nigeria.

  • The regulation imposes specific obligations on data collectors and processors, ensuring accountability.

16.11.2 Benefits of Compliance with NDPR

  • Compliance fosters trust between businesses and consumers while mitigating potential costs from breaches.

16.11.3 Data Protection Framework

  • Outlines necessary steps for organizations to comply with NDPR, including obtaining consent and conducting audits.

16.12 Chapter Review

This chapter covers:

  • The impact of IT on auditing, application in processes, technology tools, GRC software, controls evaluation frameworks, e-business risks, forensics, robotics, and the principles of Nigerian data protection regulations.