Analyzing IT Audit and Control in Satyam Computer Services Ltd
VerifiedAdded on 2021/06/17
|11
|2421
|462
Report
AI Summary
This report provides an in-depth analysis of IT audit and control mechanisms within Satyam Computer Services Ltd, an Indian IT service company. It examines various IT controls, their advantages, and associated organizational risks, particularly in light of past fraudulent activities. The report identifies managerial and organizational risks, describes audit methods including process and system audits, and reviews post-implementation auditing in regulatory scenarios. It appraises emerging industrial IT trends and their impact on business operations, emphasizing the importance of machine learning and AI for data assessment and decision-making. Furthermore, the report discusses primary IT controls, their effects on Satyam's operations, and the professional, ethical, and legal responsibilities of IT auditors, highlighting the need for maintaining professional skepticism and adhering to legal requirements. The conclusion emphasizes the effective allocation of audit resources and the establishment of a basis for managing IT functions within the organization.
Running head: IT AUDIT AND CONTROL
IT Audit and Control
(Satyam Computer Services Ltd.)
Name of the student:
Name of the university:
Author Note
IT Audit and Control
(Satyam Computer Services Ltd.)
Name of the student:
Name of the university:
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1IT AUDIT AND CONTROL
Executive summary
In the following report Satyam Computers Services, located in India is chosen to examine various IT
controls and deal with examination and evaluation of various IT policies, functions and
infrastructures. For these various, IT controls its advantages and organizational risks are discussed.
Lately, the study demonstrates various professional, legal and ethical roles of the organization’s IT
auditors.
Executive summary
In the following report Satyam Computers Services, located in India is chosen to examine various IT
controls and deal with examination and evaluation of various IT policies, functions and
infrastructures. For these various, IT controls its advantages and organizational risks are discussed.
Lately, the study demonstrates various professional, legal and ethical roles of the organization’s IT
auditors.
2IT AUDIT AND CONTROL
Table of Contents
1. Introduction:......................................................................................................................................3
2. Identification of managerial and organizational risks:......................................................................3
3. Describing audit methods and designing review auditing and various post implementations
auditing at regulatory scenarios:............................................................................................................4
3.1. Audit methods and designing auditing:......................................................................................4
3.2. Post implementations auditing at regulatory scenarios:.............................................................5
4. Appraising emerging industrial IT trends:.........................................................................................5
5. Primary IT controls and effects on business operations:...................................................................6
5. Professional, ethical and legal responsibilities of IT auditors:..........................................................7
6. Conclusion:........................................................................................................................................7
7. References:........................................................................................................................................9
Table of Contents
1. Introduction:......................................................................................................................................3
2. Identification of managerial and organizational risks:......................................................................3
3. Describing audit methods and designing review auditing and various post implementations
auditing at regulatory scenarios:............................................................................................................4
3.1. Audit methods and designing auditing:......................................................................................4
3.2. Post implementations auditing at regulatory scenarios:.............................................................5
4. Appraising emerging industrial IT trends:.........................................................................................5
5. Primary IT controls and effects on business operations:...................................................................6
5. Professional, ethical and legal responsibilities of IT auditors:..........................................................7
6. Conclusion:........................................................................................................................................7
7. References:........................................................................................................................................9
3IT AUDIT AND CONTROL
1. Introduction:
The “Satyam Computers Services Ltd”, is a popular IT service company of India. It has been
offering a wide range of services like engineering design services, system maintenance, and software
development and so on. However, the organization has been witnessing fraudulent activities. One of
such has been considered one of the biggest counting scams for India.
The study analyzes IT audit controls the deals with evaluation and examination of
information technology infrastructure, operations and policies. To understand various IT audit
controls for Satyam Computers the following discusses basic IT controls and advantages, audit
methodologies and managerial and organizational risks.
2. Identification of managerial and organizational risks:
From the perspective of internal audits, the insufficient identifications of primary risks for
Satyam Computers Services Ltd have been increasing the likelihood of various poor events. Here,
improper recognition has been resulting to the waste resource on various areas of low risks having
minute rewards. However, conversely, it can be said that it has left Satyam Computers more exposed
to various adverse events (Alzeban & Sawan, 2015). However, some of the top management has
identified the primary risks and Satyam Computers has needed assurance that the reactions on those
risks have been effective. Further, an effective reaction has been a vital part of ERM and this
indicated that means of attention to operate and design internal controls. Further, there has been a
natural reaction towards primary risks. These have been increasing vulnerabilities and strong
controls are needed to exist. Further, the work from ERM has been effective. Here lies the
responsibility of internal auditor. Moreover, risk has been perfectly fine at an acceptable level.
1. Introduction:
The “Satyam Computers Services Ltd”, is a popular IT service company of India. It has been
offering a wide range of services like engineering design services, system maintenance, and software
development and so on. However, the organization has been witnessing fraudulent activities. One of
such has been considered one of the biggest counting scams for India.
The study analyzes IT audit controls the deals with evaluation and examination of
information technology infrastructure, operations and policies. To understand various IT audit
controls for Satyam Computers the following discusses basic IT controls and advantages, audit
methodologies and managerial and organizational risks.
2. Identification of managerial and organizational risks:
From the perspective of internal audits, the insufficient identifications of primary risks for
Satyam Computers Services Ltd have been increasing the likelihood of various poor events. Here,
improper recognition has been resulting to the waste resource on various areas of low risks having
minute rewards. However, conversely, it can be said that it has left Satyam Computers more exposed
to various adverse events (Alzeban & Sawan, 2015). However, some of the top management has
identified the primary risks and Satyam Computers has needed assurance that the reactions on those
risks have been effective. Further, an effective reaction has been a vital part of ERM and this
indicated that means of attention to operate and design internal controls. Further, there has been a
natural reaction towards primary risks. These have been increasing vulnerabilities and strong
controls are needed to exist. Further, the work from ERM has been effective. Here lies the
responsibility of internal auditor. Moreover, risk has been perfectly fine at an acceptable level.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4IT AUDIT AND CONTROL
However, the management has needed to define the acceptable level in the interest to achieve the
goals of the company (Mesquida & Mas, 2015).
At the managerial level, the organizational needs are needed to be understood from various
risk management perspectives. Understanding that has been making decisions and taking risks has
been critical for Satyam Computers to know how risk gets managed. The managers have needed to
determine whether they have been decentralized and centralized or whether the people have needed
lots of decision-making and autonomy for the consensus has been required. Then it has been
required to determine whether risks have been stable, volatile or dynamic (Brasel et al., 2016). Next,
the dangers of effective risk management have been needed to be established along with necessities
to go right for them regarding reasonable assurances at proper levels of proper risks are required to
be considered. Then the controls in place are needed to address those risks. Further, it has been
required to determine whether the design has been sufficient and reasonable assurance are necessary
to be found out regarding what risks are needed to be controlled at desired levels. Next, the controls
testing are required to be performed for obtaining assurance that efficiently operating has been
designed (Jha & Chen, 2014).
3. Describing audit methods and designing review auditing and various post
implementations auditing at regulatory scenarios:
3.1. Audit methods and designing auditing:
The process audits have worked under for Satyam Computers established limits. This has
evaluated the methods and operations against various predetermined standards and instructions for
measuring conformance for having standards and effectiveness of instructions. For Satyam
Computers, these kinds of audits have included checking conformances for defining requirements
However, the management has needed to define the acceptable level in the interest to achieve the
goals of the company (Mesquida & Mas, 2015).
At the managerial level, the organizational needs are needed to be understood from various
risk management perspectives. Understanding that has been making decisions and taking risks has
been critical for Satyam Computers to know how risk gets managed. The managers have needed to
determine whether they have been decentralized and centralized or whether the people have needed
lots of decision-making and autonomy for the consensus has been required. Then it has been
required to determine whether risks have been stable, volatile or dynamic (Brasel et al., 2016). Next,
the dangers of effective risk management have been needed to be established along with necessities
to go right for them regarding reasonable assurances at proper levels of proper risks are required to
be considered. Then the controls in place are needed to address those risks. Further, it has been
required to determine whether the design has been sufficient and reasonable assurance are necessary
to be found out regarding what risks are needed to be controlled at desired levels. Next, the controls
testing are required to be performed for obtaining assurance that efficiently operating has been
designed (Jha & Chen, 2014).
3. Describing audit methods and designing review auditing and various post
implementations auditing at regulatory scenarios:
3.1. Audit methods and designing auditing:
The process audits have worked under for Satyam Computers established limits. This has
evaluated the methods and operations against various predetermined standards and instructions for
measuring conformance for having standards and effectiveness of instructions. For Satyam
Computers, these kinds of audits have included checking conformances for defining requirements
5IT AUDIT AND CONTROL
like component mixtures, amperages, responsiveness, compositions, pressures, temperatures,
accuracy and times (Bills, Swanquist & Whited, 2016). Next, the resources like people, materials,
and equipment are applied for transforming inputs to outputs, the environments, method followed
and measures to collect for finding the process performances. The effectiveness and adequacy of the
process controls that are established by process specifications, training, flowcharts, work instructions
and procedures are needed to be checked.
Then system audit must be performed on management systems. This is helpful for Satyam
Computers to document activities undertaken for verifying through evaluation and examining the
objective evidence. Here, those applicable elements of the system have been active and proper and
are developed, documented and deployed according to and in conjunction with particular
requirements (Boyson, 2014).
3.2. Post implementations auditing at regulatory scenarios:
Here, the primary constraints on projects have been customer specifications, costs and times.
This also included resource availabilities and various qualities. Satyam computers have been
developing project management methodologies and needed to use those projects for assessing how
effectively the methodology has been working. Here, the success criteria have been on the basis on
which the business case for the project has been created and the main reason has been why the
project got approved (Bradford, Earp & Grabski, 2014).
4. Appraising emerging industrial IT trends:
The worldwide digitization of the industries has generated huge data lakes of resource data.
Here, most of the organizations have been lacking tools to parse those huge asset datasets regarding
actionable insights. They can be further used to drive smarter decision makings. Here, the machine
like component mixtures, amperages, responsiveness, compositions, pressures, temperatures,
accuracy and times (Bills, Swanquist & Whited, 2016). Next, the resources like people, materials,
and equipment are applied for transforming inputs to outputs, the environments, method followed
and measures to collect for finding the process performances. The effectiveness and adequacy of the
process controls that are established by process specifications, training, flowcharts, work instructions
and procedures are needed to be checked.
Then system audit must be performed on management systems. This is helpful for Satyam
Computers to document activities undertaken for verifying through evaluation and examining the
objective evidence. Here, those applicable elements of the system have been active and proper and
are developed, documented and deployed according to and in conjunction with particular
requirements (Boyson, 2014).
3.2. Post implementations auditing at regulatory scenarios:
Here, the primary constraints on projects have been customer specifications, costs and times.
This also included resource availabilities and various qualities. Satyam computers have been
developing project management methodologies and needed to use those projects for assessing how
effectively the methodology has been working. Here, the success criteria have been on the basis on
which the business case for the project has been created and the main reason has been why the
project got approved (Bradford, Earp & Grabski, 2014).
4. Appraising emerging industrial IT trends:
The worldwide digitization of the industries has generated huge data lakes of resource data.
Here, most of the organizations have been lacking tools to parse those huge asset datasets regarding
actionable insights. They can be further used to drive smarter decision makings. Here, the machine
6IT AUDIT AND CONTROL
learning and artificial intelligence have been helping to standardize data flow from various disparate
locations. Streamlining various procedures of industrial data assessments has been helpful. It has
been helpful for operators of Satyam Computers to go deep into the insights of resource
performances. It has also laid the ground stone regarding automation of daily decision-making
(Sultana et al., 2015).
As per as business operations of Satyam Computers has been considered, the decision
process audit has been the first step to refer to opportunities for redesigning decision processes. This
has included new decision aids and various decision support systems under their business processes
(Ettredge, Xu & Yi, 2014). At some cases, the audit has suggested changes under decision
technologies that be developed through reducing costs and improving performances. For Satyam
Computers, this audit for decision making has been same as the quality audit. The audits must
analyze the ways in the processes can be implemented successfully. The effectiveness to achieve
various defined target levels has been needed to be judged (Donohoe & Robert Knechel, 2014).
They must also provide evidence regarding elimination and reduction of various problem areas.
Then there are various management tools to achieve constant development at Satyam Computers that
are needed to be determined. Then as per as completion of audits are concerned, the core questions
are how to perform processes and tasks effectively. Then they must find out what changes they must
include as the highest priority.
5. Primary IT controls and effects on business operations:
Most of the accounting, IT professional and auditing societies have come to the belief that
developments in education and research are helpful to provide IT auditors with effective empirical
and theoretical knowledge by IT audit function. The primary controls and their impact on the Satyam
Computer’s operations are discussed hereafter. The first one is an application of risk-oriented
learning and artificial intelligence have been helping to standardize data flow from various disparate
locations. Streamlining various procedures of industrial data assessments has been helpful. It has
been helpful for operators of Satyam Computers to go deep into the insights of resource
performances. It has also laid the ground stone regarding automation of daily decision-making
(Sultana et al., 2015).
As per as business operations of Satyam Computers has been considered, the decision
process audit has been the first step to refer to opportunities for redesigning decision processes. This
has included new decision aids and various decision support systems under their business processes
(Ettredge, Xu & Yi, 2014). At some cases, the audit has suggested changes under decision
technologies that be developed through reducing costs and improving performances. For Satyam
Computers, this audit for decision making has been same as the quality audit. The audits must
analyze the ways in the processes can be implemented successfully. The effectiveness to achieve
various defined target levels has been needed to be judged (Donohoe & Robert Knechel, 2014).
They must also provide evidence regarding elimination and reduction of various problem areas.
Then there are various management tools to achieve constant development at Satyam Computers that
are needed to be determined. Then as per as completion of audits are concerned, the core questions
are how to perform processes and tasks effectively. Then they must find out what changes they must
include as the highest priority.
5. Primary IT controls and effects on business operations:
Most of the accounting, IT professional and auditing societies have come to the belief that
developments in education and research are helpful to provide IT auditors with effective empirical
and theoretical knowledge by IT audit function. The primary controls and their impact on the Satyam
Computer’s operations are discussed hereafter. The first one is an application of risk-oriented
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IT AUDIT AND CONTROL
approaches of audits. Next, business expectations and roles must be understood for the auditing
systems that have been under development, regarding purchasing software packaging and project
management (Khlif & Samaha, 2014). Next, the privacy and information security issues can be
analyzed that can put Satyam Computers at risk. Next verification and examining of their
compliance with various IT related legal problems are to be identified that have been putting the
Satyam Computers at risks. Next, the complex system development life cycles like SDLC can be
evaluated and new development methods like application developments, rapid systems, end-user
computing and prototyping can be used. Lastly, there must be performing and managing of follow-
up review ensuring various actions to be considered at work.
6. Professional, ethical and legal responsibilities of IT auditors:
As per professional roles of IT, auditors have been considered, the external auditors have
been liable to get reasonable assurances that financial statements free from material misstatements
are considered. These are generally caused by error or fraud. This, the external auditors have been
responsible for considering the risk of various material misstatements because of that fraud. For
achieving that the auditors are required to maintain professional skepticism (DeFond, Erkens &
Zhang, 2016). Again for ethical roles, team leaders of Satyam Computers IT team needs to comply
with customs, regulations and rule completely. Regarding legal responsibilities, auditors are liable to
assure every line item over financial statements that are presented fairly. Auditors are needed by law
to report their opinion fairly on the client companies. As it is not done, they can be subjected to
various lawsuits and various other implications of legal audits.
approaches of audits. Next, business expectations and roles must be understood for the auditing
systems that have been under development, regarding purchasing software packaging and project
management (Khlif & Samaha, 2014). Next, the privacy and information security issues can be
analyzed that can put Satyam Computers at risk. Next verification and examining of their
compliance with various IT related legal problems are to be identified that have been putting the
Satyam Computers at risks. Next, the complex system development life cycles like SDLC can be
evaluated and new development methods like application developments, rapid systems, end-user
computing and prototyping can be used. Lastly, there must be performing and managing of follow-
up review ensuring various actions to be considered at work.
6. Professional, ethical and legal responsibilities of IT auditors:
As per professional roles of IT, auditors have been considered, the external auditors have
been liable to get reasonable assurances that financial statements free from material misstatements
are considered. These are generally caused by error or fraud. This, the external auditors have been
responsible for considering the risk of various material misstatements because of that fraud. For
achieving that the auditors are required to maintain professional skepticism (DeFond, Erkens &
Zhang, 2016). Again for ethical roles, team leaders of Satyam Computers IT team needs to comply
with customs, regulations and rule completely. Regarding legal responsibilities, auditors are liable to
assure every line item over financial statements that are presented fairly. Auditors are needed by law
to report their opinion fairly on the client companies. As it is not done, they can be subjected to
various lawsuits and various other implications of legal audits.
8IT AUDIT AND CONTROL
7. Conclusion:
The above report helps in understanding the management of Satyam Computers Services Ltd
to allocate limited audit resources effectively. It ensures relevant information to obtain from every
level of control. Further, it establishes a basis to manage the IT functions and departments of Satyam
Computers. Moreover, the report analyzes how audit subject area has been related to entire
organization for the business plans. Thus a coherent and comprehensive knowledge is obtained on
the role of information requirements. There are creative and cognitive skills to exploit and identify
facilitated technology innovation in business and governments of the current era. At last, the various
legal aspects, professional practices and ethical standards are understood within the industry and
business environment. It helps in directing and developing processes for supporting adoption of
changes needed by project and its initiatives.
7. Conclusion:
The above report helps in understanding the management of Satyam Computers Services Ltd
to allocate limited audit resources effectively. It ensures relevant information to obtain from every
level of control. Further, it establishes a basis to manage the IT functions and departments of Satyam
Computers. Moreover, the report analyzes how audit subject area has been related to entire
organization for the business plans. Thus a coherent and comprehensive knowledge is obtained on
the role of information requirements. There are creative and cognitive skills to exploit and identify
facilitated technology innovation in business and governments of the current era. At last, the various
legal aspects, professional practices and ethical standards are understood within the industry and
business environment. It helps in directing and developing processes for supporting adoption of
changes needed by project and its initiatives.
9IT AUDIT AND CONTROL
8. References:
Alzeban, A., & Sawan, N. (2015). The impact of audit committee characteristics on the
implementation of internal audit recommendations. Journal of International Accounting,
Auditing and Taxation, 24, 61-71.
Bills, K. L., Swanquist, Q. T., & Whited, R. L. (2016). Growing pains: Audit quality and office
growth. Contemporary Accounting Research, 33(1), 288-313.
Boyson, S. (2014). Cyber supply chain risk management: Revolutionizing the strategic control of
critical IT systems. Technovation, 34(7), 342-353.
Bradford, M., Earp, J. B., & Grabski, S. (2014). Centralized end-to-end identity and access
management and ERP systems: A multi-case analysis using the Technology Organization
Environment framework. International Journal of Accounting Information Systems, 15(2),
149-165.
Brasel, K., Doxey, M. M., Grenier, J. H., & Reffett, A. (2016). Risk disclosure preceding negative
outcomes: The effects of reporting critical audit matters on judgments of auditor liability. The
Accounting Review, 91(5), 1345-1362.
DeFond, M., Erkens, D., & Zhang, J. (2016). Does PSM really eliminate the Big N audit quality
effect?.
Donohoe, M. P., & Robert Knechel, W. (2014). Does corporate tax aggressiveness influence audit
pricing?. Contemporary Accounting Research, 31(1), 284-308.
Ettredge, M. L., Xu, Y., & Yi, H. S. (2014). Fair value measurements and audit fees: Evidence from
the banking industry. Auditing: A Journal of Practice & Theory, 33(3), 33-58.
8. References:
Alzeban, A., & Sawan, N. (2015). The impact of audit committee characteristics on the
implementation of internal audit recommendations. Journal of International Accounting,
Auditing and Taxation, 24, 61-71.
Bills, K. L., Swanquist, Q. T., & Whited, R. L. (2016). Growing pains: Audit quality and office
growth. Contemporary Accounting Research, 33(1), 288-313.
Boyson, S. (2014). Cyber supply chain risk management: Revolutionizing the strategic control of
critical IT systems. Technovation, 34(7), 342-353.
Bradford, M., Earp, J. B., & Grabski, S. (2014). Centralized end-to-end identity and access
management and ERP systems: A multi-case analysis using the Technology Organization
Environment framework. International Journal of Accounting Information Systems, 15(2),
149-165.
Brasel, K., Doxey, M. M., Grenier, J. H., & Reffett, A. (2016). Risk disclosure preceding negative
outcomes: The effects of reporting critical audit matters on judgments of auditor liability. The
Accounting Review, 91(5), 1345-1362.
DeFond, M., Erkens, D., & Zhang, J. (2016). Does PSM really eliminate the Big N audit quality
effect?.
Donohoe, M. P., & Robert Knechel, W. (2014). Does corporate tax aggressiveness influence audit
pricing?. Contemporary Accounting Research, 31(1), 284-308.
Ettredge, M. L., Xu, Y., & Yi, H. S. (2014). Fair value measurements and audit fees: Evidence from
the banking industry. Auditing: A Journal of Practice & Theory, 33(3), 33-58.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10IT AUDIT AND CONTROL
Jha, A., & Chen, Y. (2014). Audit fees and social capital. The Accounting Review, 90(2), 611-639.
Khlif, H., & Samaha, K. (2014). Internal control quality, Egyptian standards on auditing and external
audit delays: Evidence from the Egyptian stock exchange. International Journal of
Auditing, 18(2), 139-154.
Mesquida, A. L., & Mas, A. (2015). Integrating IT service management requirements into the
organizational management system. Computer standards & interfaces, 37, 80-91.
Sultana, N., Singh, H., der Zahn, V., & Mitchell, J. L. (2015). Audit committee characteristics and
audit report lag. International Journal of Auditing, 19(2), 72-87.
Jha, A., & Chen, Y. (2014). Audit fees and social capital. The Accounting Review, 90(2), 611-639.
Khlif, H., & Samaha, K. (2014). Internal control quality, Egyptian standards on auditing and external
audit delays: Evidence from the Egyptian stock exchange. International Journal of
Auditing, 18(2), 139-154.
Mesquida, A. L., & Mas, A. (2015). Integrating IT service management requirements into the
organizational management system. Computer standards & interfaces, 37, 80-91.
Sultana, N., Singh, H., der Zahn, V., & Mitchell, J. L. (2015). Audit committee characteristics and
audit report lag. International Journal of Auditing, 19(2), 72-87.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.