Question

When the client uses a computer but the auditor chooses to use only the non-IT segment of internal control to assess control risk, it is referred to as auditing around the computer. Which one of the following conditions need not be present to audit around the computer?

1) The client's computer system is not reliable
2) The auditor is not familiar with computer systems
3) The auditor believes that the non-IT segment of internal control is sufficient
4) The auditor does not have access to the client's computer system

Answer 1

Auditing around the computer occurs when an auditor focuses only on non-IT controls. The condition that need not be present is the unreliability of the client's computer system, as long as the non-IT segment is sufficient for the auditor's purposes.

Step-by-step explanation:

When assessing control risk in an audit where the auditor chooses to focus solely on the non-IT segment of internal control, commonly referred to as auditing around the computer, certain conditions are typically considered. However, the condition that need not be present for an auditor to perform this kind of audit is 'The client's computer system is not reliable'. In such cases, the auditor believes that the non-IT controls alone provide sufficient evidence of the effectiveness of internal controls over financial reporting. Additionally, an auditor may lack familiarity with computer systems or may not have access to the client's system, yet still choose to audit around the computer. It is essential, though, for the auditor to believe that the non-IT controls are adequately designed and operating effectively to justify this approach.