CISA DOMAIN 1 - PowerPoint PPT Presentation

About This Presentation
Title:

CISA DOMAIN 1

Description:

This CISA Certification Training, CISA Exam Training, CISA Online Course is aligned to ISACA helps you to learn how to protect information systems & IS audit processes. Enroll now to become CISA Certified!" – PowerPoint PPT presentation

Number of Views:772

less

Transcript and Presenter's Notes

Title: CISA DOMAIN 1


1
www.infosectrain.com
Understanding the concepts of Compliance testing
and substantive testing
2
InfosecTrain
About Us
InfosecTrain is one of the finest Security and
Technology Training and Consulting organization,
focusing on a range of IT Security Trainings and
Information Security Services. InfosecTrain was
established in the year 2016 by a team of
experienced and enthusiastic professionals, who
have more than 15 years of industry experience.
We provide professional training, certification
consulting services related to all areas of
Information Technology and Cyber Security.
3
CISA DOMAIN 1
  • Understanding the concepts of Compliance testing
    and substantive testing
  • While performing the audit, the IS auditor
    initially performs compliance testing and then
    proceed with substantive testing. Now, let us
    understand the concepts of compliance testing and
    substantive testing in detail. After reading
    through this article, you will be able to
    understand the differences and the correlation
    between compliance testing and substantive
    testing.

4
(No Transcript)
5
  • 1. What does compliance testing mean?
  • It can also be called as conformity testing or
    assessment
  • Compliance testing deals with the test of
    controls
  • It refers to testing or other activities that
    determine whether a process, product, or service
    complies with the requirements of a  (Whether it
    is a complaint or not)
  • A compliance test determines whether controls are
    being applied in a manner that complies
    withmanagement policies and procedures
  • It is a non-functional testing mechanism to
    validate whether the system developed meets the
    organizations prescribed standards or not.
  • 2. When to perform Compliance testing?
  • Compliance testing is performed to test the
    existence and effectiveness of a defined process,
    which may include a trail of documentary and/or
    automated evidence for example, to provide
    assurance that only authorized modifications are
    made to production programs.

6
  • 3. What are the examples of compliance testing?
  • The examples of compliance testing include
    check/verification of the following
  • User Access rights
  • Program change control procedures
  • Documentation procedures
  • Program documentation
  • Follow-up of exceptions
  • Review of logs
  • Software license audits
  • 4. What does Substantive testing mean?
  • Substantive testing is an audit procedure that
    examines the financial statements and supporting
    documentation to see if they contain errors.
  • Substantive testing deals with the test of
    details of the transactions
  • It provides evidence of the validity and
    integrity of the balances in the financial
    statements and the transactions that support
    these balances
  • These tests are needed as evidence to support the
    assertion that the financial records of an entity
    are complete, valid, and accurate.

7
  • 5. When to perform Substantive testing?
  • Substantive testing is performed where it is
    required to evaluate the controls to determine
    the basis of reliance, the nature, scope, and
    timing of substantive tests.
  • The balances are verified through validation of
    balances and transactions and performing analytic
    review procedures.
  • Substantive testing is always performed after
    compliance testing. In cases where compliance
    testing indicates weaker controls, then
    substantive testing can be more rigorous. On the
    other hand, if the results of compliance testing
    indicate stronger internal control, then the
    substantive testing can be even waived off.
  • 6. What are the examples of Substantive testing?
  • The examples of substantive testing include
    check/verification of the following
  • Performance of a complex calculation (e.g.,
    interest) on a sample of accounts or a sample of
    transactions to vouch for supporting
    documentation, etc.
  • Confirmation on the validity of inventory
    valuation calculations
  • Confirmation of fixed asset balances with fixed
    asset records/register
  • Review of Minutes of Board of Directions in
    approving the dividend.
  • Obtaining Bank confirmation for confirming bank
    balances
  • Test of cut-off procedures
  • 7. Correlation between compliance testing and
    substantive testing
  • Now that we are clear on the concepts of
    compliance and substantive testing let us try to
    understand the correlation between compliance
    testing and substantive testing with an example.

8
At the initial stage, the IS auditor enquires
with the organization on the end-to-end process
on the purchasing system, the key controls in
place. Based on the observations and conversation
with the organization on the Purchasing system,
the IS auditor will conclude on whether the
internal control is strong or weak in the
organization. This indicates the test of control,
which is compliance testing. Based on the
conclusion obtained on compliance testing, the IS
auditor obtains evidence on the correctness and
accuracy of the balances, like verification of
purchase requisition, Purchase orders, Payments
made to the suppliers, carrying out analytical
procedures, etc. This indicates a test of
individual transactions, which is substantive
testing. InfosecTrain offers Certified
Information Systems Auditor(CISA) instructor-led
training. To know more about this course Click
Here
9
Why Infosec Train
  • ABOUT OUR COMPANY

Global Learning Partners
10
PRICING DETAILS
PRODUCT LIST
Lorem ipsum dolor sit amet, consectetur
adipiscing elit. Integer nec odio. Praesent
libero. Sed cursus ante dapibus diam. Sed nisi.
Nulla quis sem at nibh elementum imperdiet.
11
(No Transcript)
12
ABOUT OUR COMPANY
OUR CONTACT
InfosecTrain welcomes overseas customers to come
and attend training sessions in destination
cities across the globe and enjoy their learning
experience at the same time.
91-97736-67874
https//www.facebook.com/Infosectrain/
sales_at_infosectrain.com
https//www.linkedin.com/company/infosec-train/
www.infosectrain.com
https//www.youtube.com/c/InfosecTrain
Write a Comment
User Comments (0)
About PowerShow.com