IT Governance, Risk, and Compliance

Mar 9 2012   10:14PM GMT

Irregularities and Illegal Acts Agreed-Upon Procedures Assessments – Part I

Robert Davis Robert Davis Profile: Robert Davis

Governmental statues may require an entity’s management design, implement, and maintain a system of internal controls; however, internal controls verification usually is an auditor attestation responsibility. To adequately perform this professional responsibility, an IT auditor should have knowledge of the types, traits, techniques, and modus operandi normally associated with irregular and illegal acts. For instance, an IT auditor must understand, compared to other crimes or improprieties, a key distinguishing fraud feature is false representation or concealment of a material fact.

Irregularities and/or illegal acts agreed-upon procedures maybe included in the “terms of reference” of a standard IT assurance engagement. Alternatively, agreed-upon procedures can be documented within a separate engagement letter. IT financial statement fraud and computer forensics are examples of potential agreed-upon procedures that may be undertaken as separate engagements. Nonetheless, if agreed procedures are a separate engagement, the IT auditor should not express any assurance concerning the subject matter examined during the course of performing assignment procedures.

Post Note: Irregularities and Illegal Acts Agreed-Upon Procedures Assessments contains redacted excerpts from Assuring IT Legal Compliance (Assurance Services)

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: