Dates and location
Pricing
Hours
Dates and location
Pricing
Hours
Description
This course will raise awareness of the impact of the IT environment and related controls on an Entity’s financial statements. Participants will be able to identify the components of the IT environment related to specific IT applications that are relevant to the flow of transactions and the processing of information on the financial statements. This understanding will support the identification of risks of material misstatement, significant deficiencies, and general IT controls arising from the use of information technology in audit engagements.
The current IT landscape, along with its exceptional advancements, subjects its users to potential risks arising from its use. CAS 315 was revised to address this additional layer of risk where an auditor is now required to consider potential IT risks and how they may have an impact on the Entity’s operations. This course will address the various controls management may put in place to minimize such impact and how management ensures implementation of such controls and the responsibility of the auditor when those controls are either absent or non-functional. After this course, participants should be able to plan an audit approach based on CAS 315 and the specific characteristics of the IT environment.
An additional topic that will be addressed through this course is the reliance on reports generated by an Entity’s IT system. This will include discussions on the level of reliance that can be placed by an auditor and the additional procedures required to be performed to achieve such reliance.
Key Takeaways
Participants attending the course will learn about:
- How to plan an audit approach based on auditing standards and the characteristics of a simple IT environment.
- Address risks arising from the use of IT and their audit implications.
- Develop design and implementation tests related to GITC controls relevant to the audit.
- Test access IT controls, IT change management controls and IT operations controls, considering the risks they may have to impact the integrity of financial information.
- Use system generated reports as reliable audit evidence.
- Identify additional audit procedures following the discovery of discrepancies in testing and deficiencies in controls.
- Adequately document the planning, execution, and results of the procedures in the audit file.
Who Will Benefit
The course is mainly designed for all CPAs and more importantly for those who are involved in external audit engagements. This course will also assist key management individuals understand the various IT risks their business could be exposed to and to design and implement such controls that can mitigate these risks to an acceptable level.
How to Access the Course
This course is a live webinar. You must attend the live course to receive verifiable CPD hours. We recommend you join five minutes prior to the scheduled starting time. To get the full experience of this interactive course, use a computer that has video and microphone capabilities.
If available, course materials can be accessed 2 business days prior to the course and should be downloaded in advance.
Registration, cancellation, withdrawal and all other CPA Ontario PD policies can be found here.
Speaker(s)
Asif Mohammed (Partner), MBA, C.Dir., CISA, CRISC, CDPSE, PCIPA, is an independent board director and Partner in Risk, Performance & Technology Advisory at Richter LLP, with more than 20 years of experience in audit, compliance, and technology risk governance. He has extensive experience overseeing IT General Controls and SOC 2 programs, supporting organizations of varying size and regulatory complexity with assurance, control frameworks, and third party risk oversight. Asif works closely with boards and audit committees to strengthen accountability, transparency, and trust in technology enabled operations.
Muhammad Tuaha (Senior Manager), CPA, CFA, FCCA, BSc, is a member of the Professional Practice Group (PPG) at Richter. He supports audit teams on complex accounting and assurance matters and brings extensive experience applying IFRS, ASPE, US GAAP, and Canadian Auditing/Assurance Standards. His work includes helping practitioners translate CAS 315 requirements into a risk assessment and audit approach that considers the entity’s IT environment, including the identification, design, and implementation of relevant technology controls and related testing considerations.