250 Words each. 1 - Talks about the use of sampling in auditing. Why the risks...

Audit sampling is the use of an audit procedure on a selection of the items within an account balance or class of transactions. The sampling method used should yield an equal probability that each unit in the sample could be selected. The intent behind doing so is to evaluate some aspect of the information. Audit sampling is needed when population sizes are large, since examining the entire population would be highly inefficient.

Sampling risk is the possibility that the items selected in a sample are not truly representative of the population being tested. This is a major issue, since an auditor does not have the time to examine an entire population and so must rely upon a sample. One error that can arise from sampling risk is that the auditor erroneously concludes that there are fewer problems with the population than expected, which can lead to an incorrect audit opinion. Or, the auditor erroneously concludes that there are more problems than expected, and so expands the sample size to see if this is really the case, which is not a good use of his time.

Due to time limittion its not possible for Auditor to go through each and every document that,s he uses various techniques ofaudit

2) IT auditing (formerly called electronic data processing (EDP), computer information systems (CIS), and IS auditing) evolved as an extension of traditional auditing. At that time, the need for an IT audit function came from several directions

• Auditors realized that computers had impacted their ability to perform the attestation function.
• Corporate and information processing management recognized that computers were key resources for competing in the business environment and similar to other valuable business resource within the organization, and therefore, the need for control and auditability is critical.
• Professional associations and organizations, and government entities recognized the need for IT control and auditability.
• T auditing is an integral part of the audit function because it supports the auditor's judgment on the quality of the information processed by computer systems. Initially, auditors with IT audit skills are viewed as the technological resource for the audit staff. The audit staff often looked to them for technical assistance. there are many types of audit needs within IT auditing, such as organizational IT audits (management control over IT), technical IT audits (infrastructure, data centers, data communication), application IT audit (business/financial/operational), development/implementation IT audits (specification/ requirements, design, development, and post-implementation phases), and compliance IT audits involving national or international standards. The IT auditor's role has evolved to provide assurance that adequate and appropriate controls are in place. Of course, the responsibility for ensuring that adequate internal controls are in place rests with the management. The audit's primary role, except in areas of management advisory services, is to provide a statement of assurance as to whether adequate and reliable internal controls are in place and are operating in an efficient and effective manner.