A Standardized Financial Statement Auditing Framework
For The CLOUD Ecosystem
TESTING: STRATEGY PROCEDURES CASES
BACKGROUND
Technology is ever changing and so have the principles, methods and tools for auditing financial statements in this 21st century CLOUD environment. The advent of CLOUD technologies have introduced new system architectures such as: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) and their derivative services such as Security-as-a-Service, Storage-as-a-Service, Anything-as-a-Service. Due to these new IT service models, businesses and government agencies that once operated their own data centers are now outsourcing their IT functions to IT service providers at various levels of the cloud ecosystem.
Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) computing platforms and their derivative services such as Security-as-a-Service, Storage-as-a-Service enable IT service providers to provide specialized data processing, networking, data security, data storage, and application hosting services to companies and government agencies on an a la carte basis.
Data in the CLOUD ecosystem is continually in motion between IaaS, PaaS and SaaS layers of the CLOUD architecture. Data remains in motion in the CLOUD until it reaches its final destination in the financial statements. Sometimes the resulting financial statements are further distributed electronically which adds another dimension to data security and data processing integrity that auditors should be aware of. Likewise, data in motion can cross international borders in violation of a country’s regulations.
Implementation of Application Programming Interfaces (APIs) further exacerbates the challenges financial statement auditors face when they are auditing financial data that is processed and stored in the CLOUD ecosystem. In the CLOUD ecosystem, financial data is constantly moving from one third-party provider servers to another and APIs technology play and key role in transporting data and datasets to their final resting place on the company’s server or government agency’s server and ultimately in the company’s financial statements. For example banking institutions transmit companies banking and investment data electronically to the companies’ accounting department and their auditors. Payroll service providers are responsible for processing companies payroll, making payments directly to state and federal tax authorities and transmitting the payroll and tax file electronically to designated servers that are accessibly by the companies’ accounting department and their auditors. Ultimately, data from these diverse sources end up in the company’s financial statements. Some APIs are also used to modify data while in motion in the CLOUD. API consists of complex algorithms that are constantly modifying and transporting data in the CLOUD. As CLOUD technologies continue to evolve, financial institutions, companies, government agencies and their auditors will have to adopt new ways of tracing, reconciling, verifying, validating, and testing financial data as various points in the CLOUD ecosystem.
Accountants and internal auditors who want to understand how their companies' employees benefits, payroll, e-commerce and banking data is being processed in the CLOUD will benefit immensely from taking this course. CPAs in public accounting practice who are providing SOX readiness and IT auditing services to their clients will be able to fulfill their due diligence responsibilities of examining and reporting on application controls and IT general controls in the CLOUD Ecosystem.
This 3-day course is designed to introduce participants to the underlying fundamentals of Information Technology (IT) and the principles, standards and rules for auditing financial statement production and operations in the CLOUD ecosystem.
Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) computing platforms and their derivative services such as Security-as-a-Service, Storage-as-a-Service enable IT service providers to provide specialized data processing, networking, data security, data storage, and application hosting services to companies and government agencies on an a la carte basis.
Data in the CLOUD ecosystem is continually in motion between IaaS, PaaS and SaaS layers of the CLOUD architecture. Data remains in motion in the CLOUD until it reaches its final destination in the financial statements. Sometimes the resulting financial statements are further distributed electronically which adds another dimension to data security and data processing integrity that auditors should be aware of. Likewise, data in motion can cross international borders in violation of a country’s regulations.
Implementation of Application Programming Interfaces (APIs) further exacerbates the challenges financial statement auditors face when they are auditing financial data that is processed and stored in the CLOUD ecosystem. In the CLOUD ecosystem, financial data is constantly moving from one third-party provider servers to another and APIs technology play and key role in transporting data and datasets to their final resting place on the company’s server or government agency’s server and ultimately in the company’s financial statements. For example banking institutions transmit companies banking and investment data electronically to the companies’ accounting department and their auditors. Payroll service providers are responsible for processing companies payroll, making payments directly to state and federal tax authorities and transmitting the payroll and tax file electronically to designated servers that are accessibly by the companies’ accounting department and their auditors. Ultimately, data from these diverse sources end up in the company’s financial statements. Some APIs are also used to modify data while in motion in the CLOUD. API consists of complex algorithms that are constantly modifying and transporting data in the CLOUD. As CLOUD technologies continue to evolve, financial institutions, companies, government agencies and their auditors will have to adopt new ways of tracing, reconciling, verifying, validating, and testing financial data as various points in the CLOUD ecosystem.
Accountants and internal auditors who want to understand how their companies' employees benefits, payroll, e-commerce and banking data is being processed in the CLOUD will benefit immensely from taking this course. CPAs in public accounting practice who are providing SOX readiness and IT auditing services to their clients will be able to fulfill their due diligence responsibilities of examining and reporting on application controls and IT general controls in the CLOUD Ecosystem.
This 3-day course is designed to introduce participants to the underlying fundamentals of Information Technology (IT) and the principles, standards and rules for auditing financial statement production and operations in the CLOUD ecosystem.
TOPICS COVERED
|
LEARNING OBJECTIVES
AGENDA
AGENDA
INSTRUCTOR BIO
Robert Llewellyn Kilby, CPA, CITP, CCSK
Robert is a former exam writer of the AICPA Certified Information Technology Professional (CITP) and CPA exams. He is one of the 16 writers of the first CITP exam. Robert is executive director of 247 Continuous Auditing, LLC (a PCAOB registered CPA firm). He is a graduate of the University of Maryland – College Park where he majored in Accounting, Information System Management and Telecommunications Management. Robert has more than 25 years of experience working with Fortune 100 companies including MCI Telecommunications Corporation, IBM, BellSouth, the Southern Company and Harbinger Corporation in management. In a management consulting role Robert was responsible for system development, software quality assurance, SOX readiness assessment, SAS 70®, SOC 1® and SOC 2® lead auditor and IT auditor. As senior partner of Independent Software Certification, Robert served in a lead audit role. His SAS 70 audit engagements include the State of West Virginia Powerball lottery and instant lottery systems, the State of Mississippi, Washington D.C., the State of Massachusetts, and the State of Georgia Medicaid Management Information System (MMIS) and Prescription Benefit Management (PBM) systems. He is Training Director of the American Institute of CLOUD Auditors (AiCA). Robert is co-author of the AiCA SKYBLUE Book Series. He is a Certified CLOUD Security Knowledge (CCSK) credential holder.
Robert is a former exam writer of the AICPA Certified Information Technology Professional (CITP) and CPA exams. He is one of the 16 writers of the first CITP exam. Robert is executive director of 247 Continuous Auditing, LLC (a PCAOB registered CPA firm). He is a graduate of the University of Maryland – College Park where he majored in Accounting, Information System Management and Telecommunications Management. Robert has more than 25 years of experience working with Fortune 100 companies including MCI Telecommunications Corporation, IBM, BellSouth, the Southern Company and Harbinger Corporation in management. In a management consulting role Robert was responsible for system development, software quality assurance, SOX readiness assessment, SAS 70®, SOC 1® and SOC 2® lead auditor and IT auditor. As senior partner of Independent Software Certification, Robert served in a lead audit role. His SAS 70 audit engagements include the State of West Virginia Powerball lottery and instant lottery systems, the State of Mississippi, Washington D.C., the State of Massachusetts, and the State of Georgia Medicaid Management Information System (MMIS) and Prescription Benefit Management (PBM) systems. He is Training Director of the American Institute of CLOUD Auditors (AiCA). Robert is co-author of the AiCA SKYBLUE Book Series. He is a Certified CLOUD Security Knowledge (CCSK) credential holder.
PRICING REGISTRATION GROUP & MEMBERSHIP DISCOUNTS
Visit the store to register and take advantage of our group and membership discounts. ENTER HERE....
In order to be awarded full credit hours for this course, you must be present for the entire time of the course duration.
You must sign in prior to the commencement of the session and sign out when the class is over. An attendance log will be available at the registration desk at the entrance of the conference room where the session will be held.
Participants will earn: 24 CPE credits
Field of Study: Auditing (Technical):
ADDITIONAL INFORMATION:
Prerequisites: Basic knowledge of auditing
Who Should Attend: CPAs and accounting professionals
Advanced Preparation: None
Program Level: Intermediate
Delivery Method: Group Live
You must sign in prior to the commencement of the session and sign out when the class is over. An attendance log will be available at the registration desk at the entrance of the conference room where the session will be held.
Participants will earn: 24 CPE credits
Field of Study: Auditing (Technical):
- Auditing and Reports - Subjects related to IT Auditing Standards and procedures
- Auditing – General
- Auditing Research
- ERISA Auditing
- Forensic Analysis and Evaluation
- Planning and Supervision
- Study, Evaluation, Implementation and Monitoring of Internal Controls
- Substantive Audit Procedures - Subjects related to activities performed by the auditor (during the substantive testing stage of the audit) that gather evidence as to the completeness, validity and/or accuracy of account balances and underlying classes of transactions
- Technical Computer Software and Applications – Subjects, especially CLOUD platforms that focus on the application of software in an auditing practice including understanding the issues in auditing Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS) and the derivative services (Security-as-a-Service, Storage-as-a-Service, etc.) of these three base-CLOUD platforms and applying IT auditing principles.
ADDITIONAL INFORMATION:
Prerequisites: Basic knowledge of auditing
Who Should Attend: CPAs and accounting professionals
Advanced Preparation: None
Program Level: Intermediate
Delivery Method: Group Live
REFUND & CANCELLATION POLICY
Requests for refunds must be received in writing before the course session begins and will be subject to a cancellation fee. No refunds will be granted after the course begins. For more information regarding refund, complaint, and/or program cancellation policies please email inquiries to [email protected]. Don’t forget to put “REFUND” in the subject line.
NATIONAL ASSOCIATION OF STATE BOARDS OF ACCOUNTANCY (NASBA) REGISTRATION REQUIREMENTS
American Institute of CLOUD Auditors is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.
|
TRAVEL & ACCOMMODATION
TBD