During the implementation of a new system, an IS auditor must assess whether certain automated calculations comply with the regulatory requirements. Which of the following is the BEST way to obtain this assurance?
A.
Re-perform the calculation with audit software.
B.
Review the source code related to the calculation.
Is B : By reviewing the source code, the auditor can gain an understanding of how the calculation is performed, and can verify that the calculation logic and formula comply with the relevant regulatory requirements. This approach also enables the auditor to identify any potential issues or errors in the calculation logic or formula and to recommend appropriate corrective actions.
Re-performing the calculation with audit software may also provide assurance, but it may not necessarily verify compliance with regulatory requirements. Audit software typically verifies data accuracy, completeness, and consistency. It may not necessarily be designed to verify compliance with regulatory requirements.
By re-running calculations with audit software, you can see the actual results and directly verify that the system is functioning correctly. This provides objective evidence of compliance with regulatory requirements.
While reviewing source code is important, correct code does not guarantee that the actual calculations are accurate.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
007Georgeo
Highly Voted 1 year, 7 months agoBA27
Highly Voted 1 year, 4 months ago1Naa
Most Recent 3 days, 12 hours ago85e8e0b
1 month, 1 week agoPurpleParrot
4 months, 1 week agoSwallows
5 months, 1 week agoRachy
11 months, 1 week ago3008
1 year ago