University of Phoenix
The main reason behind this report from our firm is to improve the day to day operations of Kudler’s Fine Foods (KFF). Kudler Fine Foods began operations in 1998, by Kathy Kudler; her store has grown into a chain of three stores (including the original) in the metropolitan area of San Diego, California. Kudler Fine Foods has hired a firm again to help with their auditing process throughout each store. Our firm plans on suggesting types and techniques for auditing each process in accounts payable, accounts receivable, inventory, and payroll. The plan will include the following items; types of audits for each process, recommendations of an audit for each process, process of each audit works, and problems that may occur when auditing with the computer.
Our firm will begin by explaining the types of audits that would best fit KFF’s day to day processes. Since we suggested a new automotive retail accounting software to keep operations simple and efficient, we plan on staying with this theme in the auditing department for Kudler’s financial advisor. “There are four main types of IT audits: 1) attestation 2) findings and recommendations; 3) a SAS 70 audit; and 4) a SAS 94 audit” (Hunton, 2004). Attestation is the auditor helping to insure that the client is keeping the internal controls effective and running without any problems (Hunton, 2004). The next audit type of, findings and recommendations, an outside party is hired to review the company’s or businesses current system and suggests things for improvements. An SAS 70 audit is to help ensure the company’s internal controls are stable and effective when working with outside source by providing them with a service (Hunton, 2004). An SAS 94 audit is a complete overview of a company’s financial transactions electronically to help control all risks (Hunton, 2004). Our firm will recommend the audit types that will best work with KFF.
Recommendations on Audit Types
The first type of audit our firm suggests KFF should practice is findings and recommendations. This process will allow KFF to determine which auditing software best fits them and the time your accountant will need to obtain certification and learn the IT audit system. The accountant will need to take an examination given by the Information Systems Audit and Control Association (ISACA) to obtain the proper certification he or she will need to become an IT auditor. By keeping this type of work and role in-house this will save KFF a significant amount of money and time. The second type of audit our firm suggests is an SAS 94 that will be done by an outside source for an unbiased evaluation of the company’s finances along with its internal controls. Both of these audit types will help to ensure KFF will run efficiently and effectively, and now the explanation of how each of these audits will be conducted.
How to Conduct the Audit Types
For the first audit type of recommendations and findings we will assist KFF’s accountant and help him or her establish an automated system until they become IT audit certified. We will break down Kudler Food’s entire IT system, finances, inventory, financial statements, and rebuild them with a new plan and software. Our firm can also suggest the readings and items to the accountant he or she will need study before taking the examination administered by the ISACA. The software we recommend Kudler Food’s to use is generalized audit software (GAS) (Bagranoff, 2008). This type of software or program allows your accountant “to review computer files without continually rewriting processing programs” (Bagranoff, 2008). The SAS 94 audit should be done at the end of each fiscal year. This audit will be performed by an outside source and “may involve any or all of the following six steps, identified by Sayana (2002): 1) physical and environmental review; 2) systems administration review; 3) application software review; 4) network security review; 5) business continuity review; and 6) data integrity review” (Hunton, 2004). The next thing our firm wants to discuss our IT audit threats and prevention.
Threats and Prevention
The first thing an IT auditor takes into consideration is “what the critical support processes are for a given audit process” (Hunton, 2008). The next step is to determine what could go wrong in the support processes to set up the correct controls “safeguard the integrity of the process under audit” (Hunton, 2008). The reason for this process by the auditor is to ensure the IT system is running effectively and protected. The other reason is to see if there are corrections or errors in the system that need to be corrected in order to protect the system, as well as help it to run as efficiently as possible. This entire process and protection of the IT system should be safeguarded and only allow qualified personnel to this type of access to this part of the system. Our firm we will now conclude this paper and strongly recommend Kudler Food’s put our plan into action.
This will conclude our results and recommendations on KFF’s IT auditing system. Our firm believes the suggestions we made will improve the day to day operations of KFF. Once again in the beginning of setting up the new IT auditing program, we will be there for assistance and guidance every step of the way. If the restaurant needs any help with the results in this report feel free to contact our firm and we can set up a follow-up appointment. Our firm is grateful for KFF’s continued business and looks forward to future endeavors.
Bagranoff, N. A. (2008). Core Concepts Of Accounting Information Systems. https://ecampus.phoenix.edu/content/eBookLibrary2/content/eReader.aspx.