Stay Connected: Twitter Facebook Flickr RSS E-Mail
Skip navigation links
About the PCAOB
Rules of the Board
Registration & Reporting
Standards
Inspections
Enforcement
International
Research & Analysis
News & Events
Skip navigation links
Auditing
Ethics & Independence
Quality Control
Attestation
Superseded
Guidance
Current Activities
SAG

Click Plus Sign Icon to expand menu items
Click Minus Sign Icon to collapse menu items

[The following paragraph was effective for fiscal years ending on or after November 15, 2007. It was amended, effective for audits of fiscal years beginning on or after December 15, 2010. See PCAOB Release No. 2010-004.

Return to the current version.]

36.       The auditor also should understand how IT affects the company's flow of transactions. The auditor should apply paragraphs .16 through .20, .30 through .32, and .77 through .79, of AU sec. 319, Consideration of Internal Control in a Financial Statement Audit , which discuss the effect of information technology on internal control over financial reporting and the risks to assess.

Note: The identification of risks and controls within IT is not a separate evaluation. Instead, it is an integral part of the top-down approach used to identify significant accounts and disclosures and their relevant assertions, and the controls to test, as well as to assess risk and allocate audit effort as described by this standard.