Beruflich Dokumente
Kultur Dokumente
Commerce on Auditing
Practices: An Auditing
Process Model for
Evidence Collection and
Validation
'' Chien-Chih Yu*, Hung-Chao Yu and
Chi-Chun Chou ' ,.
National ChengChi University, Taiwan. ROC
ABSTRACT The main puq^oses of this paper are twofold. First, the paper identifles and
discusses the potential impacts of eleclronic commerce on auditing practices in
the emerging paperless on-line transaction environment. Second, it provides
\ two auditing process models that incorporate modem network security tech-
- ' '' niques and show how an audit can be conducted in an EC environment. A
periodical auditing process modet (PAPM) is proposed to demonstrate how
secure electronic technologies can be used to facilitate the auditor's evidence
collection and validation process for annual and semi-annual audits. We also
present a cotttittuous auditing process model (CAPM) which extends the func-
tions of PAPM for continuous auditing. In CAPM, a real-time transaction
monitoring system is used to link lo firms' accounting information systems for
assisting the auditor to detect abnormal activities and generate exception reports
on a continuous basis. The CAPM approach intends not only to ensure integrity
and effectiveness of the entire accounting system, but also to guarantee the
correctness and usefulness of the constantly generated financial statements for
public dissemination. Tlie main contribution of this paper is that it illustrates
I a conceptual framework which shows the feasibility of continuously auditing
electronic transactions in the EC environment. Copyright 2000 John Wiley &
Sons, Ltd.
'Correspondence tot Chien-Chih Yu, Department of 'Some well-known EC examples include the Ama-
Management Information Systems, National Cheng zon BookStore, TravelWeb, FlowerShop, E*Trade,
Chi University, Taipei, Taiwan, ROC. Internet Shopping Network (ISN), Security First Net-
E-mail: ccyu@mis.nccu.edu.tw -^ . work Bank (SFNB), CUC International, Time
Received 10 September 1998
Revised 29 July 1999
Copyright 2000 John Wiley & Sons, Ltd. Accepted 7 March 2000
Copyright 2000 John Wiley & Sons. Ltd. Inl J. Intell. Sys. Ace. Fin. Mgmt. 9, 195-216 (2000)
New Audit Risks in an EC Environment (1) Errors in network processing and communi-
cation systems may result in the trans-
When an EC-based system is adopted by a mission of incorrect transaction information
business entity, a number of new features affect and the reporting of inaccurate information
the audit risk and its three components (i.e, to management. If not detected in time,
inherent risk, control risk, and detection risk) inaccurate and incomplete information may
in the following five respects. result in Inappropriate decisions and poten-
tial business losses, leading to higher con-
Economic Interdependence trol risk.
One of the main objectives of EC is to facilitate (2) Since the success of EC relies on good
an entity's transactions and business decisions internal controls built into the system, the
through the Internet with a large number of auditor should be able to find effective and
trading partners and individual customers. This efficient internal control procedures that
increased closeness of trading relationship and may reduce the control risk associated with
virtual business integration (e.g. a supply chain) management's assertions.
may affect the inherent and control risks in an
audit because a potential corruption in one In light of the increasing importance of infor-
trading partner's EC system may adversely mation systems to the success of business enti-
affect other partners and customers. Therefore, ties, the AICPA and the CICA have recently
the auditor should at least consider the follow- issued a new guideline, the SysTrust Principles
ing items in assessing the audit risk: and Criteria for Systems Reliability, to provide
assurance that an entity's systems are designed
(1) The economic interdependence between the and operated to generate reliable information."^
audit client and its major vendors, cus- In fact, this new service is part of a broader
tomers or other related entities. future goal to supply real-time assurance on
(2) The extent to which the client's internal databases and information systems. Since in an
control policies and procedures interact
with those of other trading partners. "^ According to SifsTnist, a reliable system is one that
(3) The changes in the client's internal control is capable of operating without material error, fault,
policies and procedures due to new EC or failure during a specified period in a specified
trading activities. environment. Four principles are suggested to evalu-
ate the reliability of a system: ai>aHability (i.e. the
(4) The control risk associated with financial system is available for operation and use at times
statement assertions which may be affected set forth in service-level statements or agreements),
by economic interdependence. security (i.e. the system is protected against uiiauthor-
.ized physical and logical access), intcgrit}/ (i.e. system
processing is complete, accurate, timely, and
Total Systems Dependence authorized), and maintainabiliti/ (i.e. the system can
As a business entity relies heavily on EC (and be updated when required in a manner that con-
thus on the Web system and related tinues to provide for system availability, security,
technologies), the corruption of applications and integrity).
Copyright 2000 John Wiley & Sons. Ltd, Int J. Intell. Sys. Ace. Fin. Mgmt. 9. 195-216 (2000)
Copyright 2000 John Wiley & Sons. Ltd. Int J. Inteli Sys. Ace. F!n. Mgmt. 9, 195-216 (2000)
Copyright 2000 John Wiley & Sons. Ltd. /n?. J. Intell. Sys. Aca. Fin. Mgmt, 9. 195-216 (2000)
200 C.-C,
message re-transmission or recovery. Table 1 ing period (through the use of electronic
summarizes some commonly used security con- time stamps). Acknowledgments between
trol methods (Bhimani, 1996; Carroll, 1997; buyers and sellers can ensure that trans-
Cobb, 1996; Herringshaw, 1997). actions are recorded on a timely basis and
transactions messages are understood by
Controls to Maintain Transaction Traits both parties, are genuine, and have not
Since the transaction trails will change from been altered.
physical documents to electronic format, a busi- (2) Use batch control totals when transactions
ness entity should concentrate more on the are initiated or received and develop dual
separation of duties and authorization and recording or parallel monitoring system to
should develop computer applications to record ensure the completeness and accuracy of
and maintain these transaction trails for transaction trails.
supporting nonrepudiation and future cross-
checking. In general, effective procedures of
controlling and maintaining transaction trails Security Controls of Electronic Signatures
include the following: Being different from the password, which is
(1) Create and design transaction logs in appro- often used to prevent illegal access to private
priate format to record processed and failed information, an electronic signature serves not
transactions, buyer-seller acknowledg- only as a means of ensuring the validity of
ments, and time sequence of processing. transaction trails, but also as a proof of trans-
These log files provide evidence that trans- action between seller and buyer. Because of its
actions are recorded in the correct accoimt- importance to business transactions, public and
private keys for electronic signature should be
safeguarded in a way that is different from
Table 1 Commonly used security methods for that of general assets. More specifically, safe-
electronic transactions guarding of private keys should be part of
the overall approval and authentication process
Security Security Security methods
requirements threats
because private keys should only be used to
digitally sign a document or open a digital
Integrity Illegal Serial number envelope when a transaction has been approved
modification, control, time or authenticated. Therefore, based on the prin-
data missing, stamp, MAG ciple of separation of duties, the safeguarding
replacement. code, digital of private keys should be independent of the
deletion, signature
destruction recording and executing of transactions. In gen-
Authentication Transaction User ID, eral, the responsibilities of key management
spoofing password, digital can be divided in the following ways:
signature
Non-repudiation Denial of Digital signature
message (1) The managers in charge of transaction
spending or approvals should be responsible for safe-
transaction guarding private keys.
making (2) The managers in charge of transaction
Confidentiality Eavesdropping, Data-encryption
illegal monitoring , methods, digital
executions should be responsible for safe-
sniffing envelope guarding encryption and decryption algor-
Access control Illegal user Qualified ithms.
access, misuse systems and
of data software, user
ID, password.
It should be noted that the protection of
firewall, intrusion public keys and its registration profiles depends
detection system on the feasible hierarchical structure set by the
certificate authorities.
Copyright 2CX)0 John Wiley & Sons. Ltd. Int J. Intell. Sys. Ace. Fin. Mgmt. 9. 195-216 (2000)
The Sellers
autheniicaied Original
invoica Message
numbers and 1
PrivBle
expiry dale Key*i
I Message
Digilal
Signalure
Auditor
Digital Digits!
OriginsI Envelope i1
Signature Message
1*1
Digital
Envelope #2 ,, Buyer
Vendor
Digital
Signature OrigrnsI
1 Messaoe
2 Original
Message
Sailer's invoice
contenfa.
sulhenhc^atsd
invoice numbers Buyer's
and issuing hme
stamps Aquisition Cycle
(See Figure 2)
Digital
Signature
Digital
Signature
M2
MD5 = An encryption method that translates the initial message into message digest
RSA = A public key encryption algorithm invented by Rivest, Shamir, and Adieman.
Copyright 2000 John Wiley & Sons. Ltd. Int. J. Intell. Sys. Ace. Fin. Mgmt. 9. 195-216 {2000}
>
O
LU
c
CM
O
3
ra
il
Copyright 2000 John Wiley & Sons. Ltd. ini. J. Inteti. Sys. Ace. Fin. Mgmt. 9. 195-216 (2000)
Copyright 2000 Jotin Wiley & Sons, Ltd. Int. J. Intell. Sys. Ace. Fin. Mgmt. 9. 195-216 (2000)
FeedlMcks Continuous
Audit Sal
ndAudtt
Rvport
Corporate'i AIS
(Include ICS, records.
documantB, forma, (c.)
*IE
Data Analjfaia Layar
Snfm
Browse and
using the auditor's private key, and checks The Data-analysis Layer
the digital signatures using the client's pub- This layer consists of an audit database and an
lic key. The original messages in the envel- audit knowledge-based system for supporting
ope (including the financial reports and the verification and analysis of financial reports.
associated transaction log files) will then be Once the validity and authentication of the
stored in the audit database in the data- client's digital envelope in the data-capturing
analysis layer for examinations. Since the layer has been verified, specific fields of the
financial reports and their associated log financial reports and transaction log files are
files are the main inputs to the CAPS, the identified and automatically read into the audit
system's capturing mechanism has to database. Because these retrieved data will be
implement input controls to make sure that: examined and analyzed using the knowledge-
(a) the received data are from the right based system and exception repwrt and alarms
client, (b) the received data are not modified will be generated accordingly when abnormal
or illegally accessed during network trans- activities occur, the data-analysis layer should
mission, and (c) the client cannot repudiate adopt certain control procedures to ensure that
the data transmitted. The data collector col- (a) the transactions comprising the financial
lects relevant information and documents reports and transaction logs are complete, and
from outside parties when further examin- (b) no modification has been made to trans-
ation is needed. actions that have been previously audited. At
Copyright 2000 John Wiley & Sons. Ltd. Int. J. Intel!. Sys Ace. Fin. Mgmt. 9. 195-216 (2000)
Copyright 2000 John Wiley & Sons, Ltd, Int J. Inteil. Sys. Ace. Fin. Mgmt. 9, 195-216 (2000)