NAA2523. Understanding and Assessing Risks and Controls within the IT Environment

Guidance on addressing the SAS 145 requirement for evaluating IT within the system of internal controls. We will focus on identifying risks arising from the use of IT and discuss how IT risks and controls impact the 5 components of the system of internal controls. We will walk through examples on how to assess the risks and controls in entities with complex applications, systems interfaces, data warehouses and SOC reports as well as entities with high volumes of transactions and complex financial reporting.