5 - introduction is audit
DESCRIPTION
auditingTRANSCRIPT
![Page 1: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/1.jpg)
Information Systems (IS) Audit
By Sony Devano
![Page 2: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/2.jpg)
Definition
The process of collecting and evaluating evidence to determine whether a Computer Systems (Information Systems) safeguards assets, maintains data integrity, allows organizational goals to be achieved effectively, and uses resources efficiently.
![Page 3: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/3.jpg)
IS Audit ProfessionComputer auditIT AuditEDP AuditInformation Systems Audit
![Page 4: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/4.jpg)
Objectives1. To safeguard IS assets
• For instances: hardware, software, people (knowledge), data files, system documentation, and supplies.
2. To maintain data integrity
• Completeness, accuracy and soundness. This is to minimize uncertainty factors on using the information produced from IS systems.
3. To increase the effectiveness and the efficiency of the information systems
![Page 5: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/5.jpg)
Standard Professional Akuntan Publik
PSA No 60 [SA Seksi 314]
“Penentuan Risiko dan Pengendalian Intern - Pertimbangan dan Karakteristik Sistem Informasi Komputer (SIK = penggunaan komputer dalam pengolahan informasi keuangan suatu entitas yang signifikan bagi audit, terlepas apakah komputer tersebut dioperasikan oleh entitas tersebut atau oleh pihak ketiga )”
![Page 6: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/6.jpg)
Types of Audits Financial Statement Audits
– An audit to determine whether the overall financial statements are stated in accordance with specified criteria
Operational Audits– A review of any part of an organization’s operating
procedures and methods for the purpose of evaluating efficiency and effectiveness
Compliance Audits– An audit to determine whether the auditee is following
specific procedures, rules, regulations set down by some higher authority
![Page 7: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/7.jpg)
Types of Auditors CPA Firms General Accounting Office (GAO) Auditors Internal Revenue Agents (IRS) Internal Auditors
![Page 8: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/8.jpg)
MATTERS INFORMATION SYSTEMS AUDITOR FINANCIAL/ INTERNAL AUDITOR
Qualification CISA CPA/CIA
Professional Organization
ISACA AICPA/IIA
Auditee: IT Division Mostly Finance & Accounting Department/ All functions of Organization
Career objectives:Chief Information Officer, Consultants: Auditor/Advisor for Information Systems/Technology Control
Standards Generally Accepted IT Controls Principle (CoBIT)
GAAP/SAS 78: Internal Controls
Chief Financial Officer, Head of Internal Audit Division
Differences between the IT Auditor and the Financial Auditor
![Page 9: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/9.jpg)
Relation with Financial Audit
To support financial audit because:At present computers are used extensively to process data and to provide information for decision making, so that, a traditional/manual audit engagement is not adequate to cover the sophisticated information technology
![Page 10: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/10.jpg)
Type of Audit Risks Inherent Risk
Reflects the likelihood that a material loss or account misstatement exists in some segment of the audit before the reliability of internal control considered
Control RiskReflects the likelihood that internal controls in some segment will not prevent, detect or correct material loss or account misstatement
Detection RiskReflects the audit procedures used in some segments of the audit will fail to detect material loss or account misstatement
![Page 11: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/11.jpg)
Classification of Controls Preventive control
– Prevent an error, omission or malicious act from occurring– Deter problem before they arise– Attempt to predict potential problem before they occurred and make
adjustments (feed-forward controls)
Detective controlDetect an error, omission or malicious act has occurred and report the occurrence
Corrective Control– Identify the cause of the problem– Correct errors arising from a problem– Remedy problems discovered by detective controls– Modify the processing system to minimize future occurrences of the
problem– Minimize the impact of a threat
![Page 12: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/12.jpg)
Flowchart of major steps in an Audit
Flowchart of major steps in an Audit
START
Preliminary AuditWork
Obtain understanding of control structure
Assess Control Risk
Rely on Control ?
StillRely on Control ?
Increase reliance
on control ?
Limited Substantive Testing
Form audit opinion and issue report
Extended Substantive Testing
STOP
No
No
No
Yes
Yes
Test of Controls
Re-assess Control Risk
When does IT audit involved?When does IT audit involved?
![Page 13: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/13.jpg)
Type of works in financial audit GCR (General Computer Controls Review)
ACR (Application Controls Review)
![Page 14: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/14.jpg)
General Computer Controls Review
Definition– Risk assessment of the risks related to the IT
organization, security, acquisition, development and maintenance, computer operations.
Objectives – To provide a comprehensive framework of
internal controls for IT activities and to provide a certain level of assurance that the overall internal control objectives can be achieved.
![Page 15: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/15.jpg)
General Control ElementsAccording to PSA No. 60 / SA Seksi 314
Organizational and Managerial System Development and Maintenance Operating System Software Data Entry and Program Backup and Recovery
![Page 16: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/16.jpg)
Organizational and Managerial Control
Untuk memberikan keyakinan bahwa struktur organisasi dan manajemen telah diciptakan untuk memiliki internal kontrol yang memadai, diantaranya dengan memiliki:– Kebijakan dan prosedur yang berkaitan dengan
fungsi pengendalian.– Pemisahan semestinya fungsi yang tidak sejalan
(seperti penyiapan transaksi masukan, pemograman dan operasi komputer).
![Page 17: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/17.jpg)
System Development and Maintenance Control
Untuk memberikan keyakinan bahwa pengembangan dan pemeliharaan sistem telah dilakukan dengan cara yang efisien dan melalui proses otorisasi yang semestinya, termasuk kedalamnya adalah:
– Pengujian, perubahan, implementasi dan dokumentasi sistem baru atau sistem yang direvisi.
– Perubahan terhadap sistem aplikasi.
– Akses terhadap dokumentasi sistem.
– Pemerolehan sistem aplikasi dan listing program dari pihak ketiga.
![Page 18: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/18.jpg)
Operating System Control
Telah adanya pengendalian terhadap operasi sistem untuk memberikan keyakinan bahwa:– Sistem digunakan hanya untuk tujuan yang telah
diotorisasi– Akses ke operasi komputer dibatasi hanya bagi
karyawan yang telah mendapat otorisasi– Hanya program yang telah diotorisasi yang
digunakan.– Kekeliruan pengolahan dapat dideteksi dan
dikoreksi
![Page 19: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/19.jpg)
Software Control Telah adanya pengendalian terhadap
perangkat lunak aplikasi telah didesain, diperoleh dan dikembangkan dengan cara yang efisien dan melalui proses otorisasi semestinya:– Otorisasi, pengesahan, pengujian, implementasi
dan dokumentasi perangkat lunak sistem baru dan modifikasi perangkat lunak sistem
– Pembatasan akses terhadap perangkat lunak dan dokumentasi sistem hanya bagi karyawan yang telah mendapatkan otorisasi
![Page 20: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/20.jpg)
Backup and Recovery Procedure Telah adanya jaminan terhadap kelangsungan
proses pengolahan sistem informasi dan ketersediaan informasi. Meliputi:– Pembuatan cadangan data program komputer di
lokasi yang berbeda dengan lokasi utama pengolahan data.
– Prosedur pemulihan untuk digunakan jika terjadi pencurian, kerugian atau penghancuran data baik yang disengaja maupun yang tidak disengaja
– Penyediaan pengolahan di lokasi di luar perusahaan dalam hal terjadi bencana.
![Page 21: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/21.jpg)
Data Entry and Program Control Telah adanya pengendalian terhadap
proses data entry dan kontrol program untuk memberikan keyakinan bahwa:– Struktur otorisasi telah diterapkan atas
transaksi yang dimasukan ke dalam sistem.
– Akses ke data dan program dibatasi hanya bagi karywan yang telah mendapatkan otorisasi
![Page 22: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/22.jpg)
How we secure our assets?
Assets
Assets
Logical
Personnel
Hardware
Facilities
Documentation
Supplies
Mainframe, minis & micros
Peripherals: online/offline
System
Data / Information
Software
Application
Storage Media
![Page 23: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/23.jpg)
Examples of physical threats
Fire and smoke; Water; Power supply fluctuations and failures; Structural Damage; Pollution; Misuse; Theft.
![Page 24: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/24.jpg)
SERVER RACK
FIREEXTINGUISHER
WATER SPRINKLERSMOKE and FIRE
DETECTOR
Picture example of Physical Security
Picture example of Physical Security
![Page 25: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/25.jpg)
AIR CONDITIONAIRE
POWER REGULATOR & GENSET
![Page 26: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/26.jpg)
Identification
Authentication
Authorization
User Profiles
Access control
files
DatabaseSoftwareLibrary
Auditlog
Reportwriter
Securityreports
Authentication ProcessAuthentication Process
![Page 27: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/27.jpg)
WINDOWS 2000 LOGON
Example of Logical Access SecurityExample of Logical Access Security
![Page 28: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/28.jpg)
Application controls
Application controls are controls exist within the application to safeguard assets, maintain data integrity, and achieve their objectives efficiently and effectively.
![Page 29: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/29.jpg)
Input
Processing
Output
Application controls Classification
![Page 30: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/30.jpg)
Process controls– Run-to-run totals (network of checksums)– Audit trail
![Page 31: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/31.jpg)
Access control reviewInput Control - Authorization
Access control reviewInput Control - Authorization
Module
UserA B C D
Manager P P P P
Supervisor A A A A
Clerk1 E E x x
Clerk2 x x E E
E: EntryA: ApproveP: Posting
Verified to User Authorization Forms
![Page 32: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/32.jpg)
Process Control - Run to run totalsProcess Control - Run to run totals
POS
CalulateDiscountand PPN
SALES APPLICATION
RecordSales
CreatingSub General
LedgerPosting
ACCOUNTING / GL APPLICATION
Summarizing
SalesReport
ConsolidatedSales Report
Sub LedgerJournal
GeneralLedgerAccount
FinancialStatementAccount
POS 1Sales Net 305Discount (5)PPN 30+Total POS 1 330
POS 2 300POS 3 350POS 4 330POS 5 250+Total Sales 1540
Total Transaction 4500
Sales Net 1700Discount (300)PPN 140+Total Sales 1540
Total Transaction 4500Total POS 5
Kas 1540Discount 300 PPN 140 Sales 1700
Sales 1700 Sales Product 1 1000 Sales Product 2 700
Total Transaction 4500Total POS 5
100 Kas 1540201 Deferred PPN (140)
500 Sales (1700)503 Discount 300
100 Kas 1500201Deferred PPN (140)
300 InventoryBegining 1000Add 1000Substract 1700Ending (300)
![Page 33: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/33.jpg)
Process Control -Audit trailProcess Control -Audit trail
No. UserID Name Function
1. 1002 Darma Cashier
2. 1005 Rudy Cashier
3. 1050 Hamdi Assistant Mgr
No. UserID Input AmountAccount
No.Source DocID
1. 1002 12:03-09-11-01 1,000,000 103 31.232.212-5
2. 1005 13:15-09-10-01 454,000 500 31.232.211-7
3. 1050 09:40-09-11-01 (50,000) 506 12.342.423-4
User Master File
Audit Trail
![Page 34: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/34.jpg)
Output Control - DistributionOutput Control - Distribution
Module
User
A B C D
Manager A A A A
Supervisor P P P P
Clerk1 V V V -
Clerk2 - V V V A: AllV: ViewP: Print
Verified to User Authorization Form
![Page 35: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/35.jpg)
Old vs. New: The Big PictureOld vs. New: The Big Picture
Status quo: Future state vision:
Application Controls
IT General Controls
IT Environ-ment
IT General Controls
IT Environment
ApplicationControls
![Page 36: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/36.jpg)
What is Application Software?
A software that is designed and created to
perform specific personal, business or
scientific processing task, such as word
processing, interactive game, business
application, etc.
![Page 37: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/37.jpg)
Categories of software
In-house developed application
Integrated application (e.g. ERP systems:
SAP, JDE, PeopleSoft, Oracle, etc)
Package application (e.g. ACCPAC,
Picador, etc)
![Page 38: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/38.jpg)
What is Data Analysis
• Manipulating, cleansing and processing the data, without changing it to be analyzed for a certain purpose, such as decision making, audit purpose, forecasting, etc.
![Page 39: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/39.jpg)
Tools of Data Analysis• ACL
• Idea
• MS Excell
• Access
• etc
![Page 40: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/40.jpg)
PHASE 5:Final reporting, presentation of results
PHASE 4: Document findings and discuss with auditee
PHASE 3:Evaluate controls and gather evidence
Audit Methodology
PHASE 2:Identify risks and controls
PHASE 1:Planning the Audit
An overview of the full audit planning
![Page 41: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/41.jpg)
P H A S E 1
PLANNING THE AUDIT
STEP 5:IdentifyRisk
STEP 4:UnderstandingClient’sBackground
STEP 3:EngagementLetter
STEP 2:Teaming
STEP 1:Acceptingthe Audit Engagement
Phase 5Phase 4Phase 3Phase 2Phase 1
![Page 42: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/42.jpg)
Phase 2: Identify risks and Controls
Phase 5Phase 4Phase 3Phase 2Phase 1
Activities:• Document relevant process• Identify risks in the process• Identify the controls that are currently in place
Result:• Process and risk documentation (matrix or narrative)
![Page 43: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/43.jpg)
Phase 3: Evaluate controls and gather evidence
Phase 5Phase 4Phase 3Phase 2Phase 1
Activities:• Assess the effectiveness of controls• Gather evidence of effective controls• Identify risks that have not been mitigated
Result:• Risk and control documentation
![Page 44: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/44.jpg)
Phase 4: Document findings and discuss with auditee
Phase 5Phase 4Phase 3Phase 2Phase 1
Activities:• Prepare draft report• Discuss findings with auditee (the one who is
being audited)• Revise draft to final version
Result:• Final agreed upon report
![Page 45: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/45.jpg)
Phase 5: Final reporting and presenting of results
Phase 5Phase 4Phase 3Phase 2Phase 1
Activities:• Send final report• Present findings to management• Prepare plan for improvement
Result:• Happy client
![Page 46: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/46.jpg)
P H A S E 1
PLANNING THE AUDIT
STEP 5:Prepare audit plan
STEP 4:UnderstandingClient’sBackground
STEP 3:EngagementLetter
STEP 2:Teaming
STEP 1:Acceptingthe Audit Engagement
Phase 5Phase 4Phase 3Phase 2Phase 1
![Page 47: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/47.jpg)
Step 1: Accepting the audit engagement
STEP 5STEP 4STEP 3STEP 2STEP 1
• Investigating new or continuing clientAudit ObjectiveIdentify the purpose of the audit
Audit SubjectIdentify the area to be auditedAudit ScopeIdentify the specific systems and entity of the organization to be included in the review
• Accept the audit engagementPreparing engagement letter
![Page 48: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/48.jpg)
STEP 5STEP 4STEP 3STEP 2
Step 2: Teaming
STEP 1
Steps• Identify technical skills of the team• Identify resources needed to perform the audit• Identify the sources of the information for test or review• Identify the location and facilities to be audited
Constraint: • Limitation of staff availability• Inadequate facility to perform the audit• Lack of technical skills
![Page 49: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/49.jpg)
STEP 5STEP 4STEP 3STEP 2
Step 3: Engagement Letter
STEP 1
• Clearly states management’s objectives for, and delegation of authority to IS Audit.
• Minimize misunderstanding between client and auditor
• Outline the overall authority, scope and responsibilities of the audit function.
• The highest level of management should approve this document.
• Has a legal responsibility
![Page 50: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/50.jpg)
STEP 5STEP 4
Step 4: Understanding client’s background
STEP 3STEP 2STEP 1
• Gather organizations’ standards, policies and guidelines
• IS Auditor should familiar with the regulatory environment in which the business operates. Example: Banking, Insurance
• Prepare list of persons to be interviewed
• Identify and select audit approach to verify and test the controls
• Develop audit tools and methodology
![Page 51: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/51.jpg)
STEP 5STEP 4
Step 5: Prepare audit plan
STEP 3STEP 2STEP 1
Combining previous activities and communicate to team and client.
![Page 52: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/52.jpg)
IS Audit Methods
• Auditing Around The Computer
• Auditing Through The Computer
• Auditing With The Computer
![Page 53: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/53.jpg)
Auditing Around The Computer
Transaksi
Pemrosesan
Output
Analisa
auditor
OPERASI SISTEM KOMPUTERPENGUJIAN AUDITOR ATAS INPUT/OUTPUT
Database
Pemilihan
transaksi
Pemilihan output
yg terkait dgn
transaksi pilihan
Kesimpulan
auditor
![Page 54: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/54.jpg)
Auditing Through The Computer
– Testing the computer application program. Example:
• Test data
• Integrated Test Facility
• Parallel Simulation
– Data Verification. Example:• Embedded Audit Data Collection / System Control
Audit Review File
![Page 55: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/55.jpg)
Auditing With The Computer
FilePemrosesan
Pemasukan
data
Output
Obyek
analisa
Analisa
auditor
Kesimpulan
auditor
![Page 56: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/56.jpg)
Question And AnswerQuestion And Answer
• •
![Page 57: 5 - Introduction is Audit](https://reader035.vdocument.in/reader035/viewer/2022062423/55cf8ede550346703b96754a/html5/thumbnails/57.jpg)
Thank YouThank You
• •