Skip To Main Content
Businessman working on his laptop, with a virtual wall of various technology between the computer and the user

Implementation tool for auditors: Information Technology: Why should auditors care?

Learn about the implications of IT for audit when applying certain requirements of CAS 330, The Auditor’s Responses to Assessed Risks, as it relates to designing and performing tests of relevant controls.

Implementation Tool for Auditors: IT – Why should auditors care? discusses specific requirements of Canadian Auditing Standard (CAS) 330 regarding relevant controls of the entity's information technology (IT) systems and designing and performing tests of their operating effectiveness.

Part I focuses on determining whether the relevant controls to be tested are:

  • controls that depend upon other controls, such as general information technology controls (GITCs) (also called indirect controls)
  • controls that rely on information produced by the entity

Part II helps auditors determine whether it's necessary to obtain audit evidence supporting the effective operation of GITCs.