![who knew him well mourn in him the loss of a true
and noble friend, generous even to prodigality, highly
talented, a thorough gentleman, and an upright
judge.’
Mention of this event was made at the time in the
Journal Letter of Viscountess Canning,[6]
worth
quoting in addition to the above.
’ ... The story of Futteypore is a strange one. The whole country
round was gone, and there was a large Sepoy guard in the treasury,
and every reason to believe they would rise, so all the Europeans
took to boats, and went away to safe stations down the river, and I
think to Banda. Only Mr. Tucker, the magistrate, would not stir, and
remained with fifty Sepoys and the treasury. He was son to the late
Director, Sir George Tucker,[7] and was one of the four brothers
whose names we hear constantly, and he was as brave as a lion. He
had a deputy-magistrate—a Mohammedan—in a high position,
treated as a gentleman, and in as high a place as a native could
occupy, next to himself. To this man had been given a body of
mounted police, and he undertook to keep the country clear
between the great trunk road and the river for some distance. He
did it admirably, and took delight in it, and sent in detailed reports
up to the last. But when he heard of some more places being gone,
he suddenly returned to the treasury, to which his position gave him
access, dismissed the fifty Sepoys with a thousand rupees apiece,
and then attacked Mr. Tucker with all his police force. Mr. Tucker was
killed, after defending himself till he had killed with his own hand,
some say sixteen, some twenty men. I suppose he had a whole
battery of revolvers, and so kept his assailants at bay.’
Though Robert was gone, other brothers of
Charlotte Tucker were still in hourly danger; and the](https://image.slidesharecdn.com/6834-250419205327-93031826/85/Accounting-Information-Systems-Controls-Processes-3rd-Edition-Turner-Solutions-Manual-33-320.jpg)
![TO MRS. HAMILTON.
‘Dec. 3, 1862.
‘Dearest Laura,—We at last opened our piano, and your song has
been thoroughly examined. The result is that some parts are much
liked. Clara was so much pleased with the verse about the Rose, that
after singing it over for Mother’s benefit she sang it three times over
for her own. The words are not worthy of the music; it ought to be
sacred; and I intend to copy it out in my own little music-book as a
hymn, so that its interest will not die away with that of the bridal.[8]
The part next best liked is the Shamrock verse; and if I might
venture a suggestion, I think that the whole of the “We hail thee”
might be set to it; only the “glittering” accompaniment must be
confined to the Shamrock verse. I think people often like the
repetition of one air over and over, far better than a great variety.
The air is flowing and attractive, and there is no harm in its
brevity. The first part, “We hail thee,” has a transition, which we fear
that the rules of thorough-bass might not permit; and the Thistle is
hardly equal to either the Shamrock or the Rose,—of which, you see,
I would make a separate song and hymn. If you would write out the
song to the music of the former, I do not see why we should not try
to get it accepted by a publisher. I hope that you will excuse my thus
venturing to criticise your song and so unmercifully to cut it short.
‘I will give on the next page the words which I propose putting—
for my own use—to the hymn part. Very little alteration will make
them go very well to the air, for I have tried them; and the repetition
of the last words, which your sweet music requires, suits lines the
whole emphasis of which falls on the closing words; at least I fancy
so.’
The lines following are given here, not exactly as
they appeared in the letter, but in the corrected and](https://image.slidesharecdn.com/6834-250419205327-93031826/85/Accounting-Information-Systems-Controls-Processes-3rd-Edition-Turner-Solutions-Manual-48-320.jpg)
![improved form which afterwards appeared in print
with the music:—
‘The Lord He is my strength and stay,
When sorrow’s cup o’erflows the brim;
It sweetens all if we can say,
“This is from Him!”
All comfort, comfort, flows from Him.
‘When humbly labouring for my Lord,
Faint grows the heart and weak the limb,
What strength and joy are in the words,
“This is for Him!”
’Tis sweet to spend our strength for Him.
‘I hope for ever to abide
Where dwell the radiant Seraphim;
Delivered, pardoned, glorified;
But ’tis through Him!
All light and glory flow from Him.
‘Then welcome be the hour of death,
When Nature’s lamp burns low and dim,
If I can cry with dying breath,
“I go to Him!”
For Life Eternal flows from Him.’
TO MISS BELLA F. TUCKER.
‘Feb. 11, 1862.
‘I have read your touching account of your most sorely afflicted
friend with great interest. I visit the Imbecile Ward,[9] and I fear that
she must be in the Insane Ward; but I will be sure to make inquiries,
and perhaps I may find that I can follow her thither. I am not timid.](https://image.slidesharecdn.com/6834-250419205327-93031826/85/Accounting-Information-Systems-Controls-Processes-3rd-Edition-Turner-Solutions-Manual-49-320.jpg)
![throw off the cough. The rest of our party are well, as I trust that I
may find you and your dear circle.’
TO THE SAME.
‘Aug. 1, 1864.
‘Your and your dear husband’s sweet notes quite added to the
cheerfulness of our breakfast-table. Even Fanny did not appear
knocked down by your tender scolding. She, for the first time since
Tuesday, came to breakfast. She still needs great care, for the cold
was on her chest, and even speaking is liable to make her cough.
Mother highly approves of your plan of coming to town. She desires
me to say that she knows that her face is before you, as yours is
before her. Dear Fanny will probably not start for Brighton till
Wednesday week, so she will have the pleasure of welcoming you,
and I am sure that you will try not to let her be loquacious....
‘Many thanks for your kind present of the music. I am going to
have it printed by converted Jews, and the entire profits devoted to
the Society for the Conversion of Jews; so that it will be a little
offering from us both to one of the holiest of causes.... I take the
expense of the edition of 500 copies. They are to be sold for 1s.
apiece; so if all are sold there is a contribution of £25 clear to the
Society.... I am rather hopeful that the whole edition will go off
before Christmas; for one shilling is not a formidable sum, especially
when people can get a new song and help a good cause at the same
time.... I take great pleasure in this little piece of business. I have
been quite haunted by the music. I am ordering the plate to be
preserved, in case of a Second Edition being required. So Mrs.
Hamilton is going to come out as a Composer!’
TO MISS ‘LEILA’ HAMILTON.[10]
‘March 31, 1865.
‘My dear God-daughter,—I shall like to think of you particularly to-
morrow, because it is the Anniversary of the day when your dear](https://image.slidesharecdn.com/6834-250419205327-93031826/85/Accounting-Information-Systems-Controls-Processes-3rd-Edition-Turner-Solutions-Manual-52-320.jpg)
Accounting Information Systems Controls Processes 3rd Edition Turner Solutions Manual
- 1. Accounting Information Systems Controls Processes 3rd Edition Turner Solutions Manual pdf download https://testbankdeal.com/product/accounting-information-systems- controls-processes-3rd-edition-turner-solutions-manual/ Download more testbank from https://testbankdeal.com
- 2. Instant digital products (PDF, ePub, MOBI) available Download now and explore formats that suit you... Accounting Information Systems Controls Processes 3rd Edition Turner Test Bank https://testbankdeal.com/product/accounting-information-systems- controls-processes-3rd-edition-turner-test-bank/ testbankdeal.com Accounting Information Systems The Processes Controls 2nd Edition Turner Solutions Manual https://testbankdeal.com/product/accounting-information-systems-the- processes-controls-2nd-edition-turner-solutions-manual/ testbankdeal.com Accounting Information Systems The Processes and Controls 2nd Edition Turner Test Bank https://testbankdeal.com/product/accounting-information-systems-the- processes-and-controls-2nd-edition-turner-test-bank/ testbankdeal.com Anatomy and Physiology An Integrative Approach 1st Edition McKinley Test Bank https://testbankdeal.com/product/anatomy-and-physiology-an- integrative-approach-1st-edition-mckinley-test-bank/ testbankdeal.com
- 3. Research Experience Planning Conducting and Reporting Research 1st Edition Devlin Test Bank https://testbankdeal.com/product/research-experience-planning- conducting-and-reporting-research-1st-edition-devlin-test-bank/ testbankdeal.com Human Genetics 10th Edition Lewis Test Bank https://testbankdeal.com/product/human-genetics-10th-edition-lewis- test-bank/ testbankdeal.com Employment Law for Human Resource Practice 4th Edition Walsh Solutions Manual https://testbankdeal.com/product/employment-law-for-human-resource- practice-4th-edition-walsh-solutions-manual/ testbankdeal.com Personality Psychology Canadian 1st Edition Larsen Test Bank https://testbankdeal.com/product/personality-psychology-canadian-1st- edition-larsen-test-bank/ testbankdeal.com Business Communication Polishing Your Professional Presence 2nd Edition Shwom Solutions Manual https://testbankdeal.com/product/business-communication-polishing- your-professional-presence-2nd-edition-shwom-solutions-manual/ testbankdeal.com
- 4. Marketing Real People Real Choices 7th Edition Solomon Test Bank https://testbankdeal.com/product/marketing-real-people-real- choices-7th-edition-solomon-test-bank/ testbankdeal.com
- 5. Chapter 7- Auditing Information Technology-Based Processes Instructor’s Manual
- 6. 2 | P a g e CHATPER 7: AUDITING INFORMATION TECHNOLOGY-BASED PROCESS LEARNING OBJECTIVES:..........................................................................................................................................3 REAL WORLD: AURAFIN BRAND .............................................................................................................................3 INTRODUCTION TO AUDITING IT PROCESSES (STUDY OBJECTIVE 1) ........................................................4 TYPES OF AUDITS AND AUDITORS (STUDY OBJECTIVE 2) .......................................................................4 INFORMATION RISK AND IT-ENHANCED INTERNAL CONTROL(STUDY OBJECTIVE 3) ..........................6 AUTHORITATIVE LITERATURE USED IN AUDITING (STUDY OBJECTIVE 4) ...............................................6 MANAGEMENT ASSERTIONS AND AUDIT OBJECTIVES(STUDY OBJECTIVE 5)..............................................8 PHASES OF AN IT AUDIT (STUDY OBJECTIVE 6)...................................................................................................9 USE OF COMPUTERS IN AUDITS (STUDY OBJECTIVE 7) .........................................................................11 TESTS OF CONTROLS (STUDY OBJECTIVE 8) ..............................................................................................11 GENERAL CONTROLS ........................................................................................................................................11 APPLICATION CONTROLS..................................................................................................................................13 TESTS OF TRANSACTIONS AND TESTS OF BALANCES (STUDY OBJECTIVE 9) ...................................14 AUDIT COMPLETION/REPORTING (STUDY OBJECTIVE 10)..........................................................................15 OTHER AUDIT CONSIDERATIONS (STUDY OBJECTIVE 11 ) ......................................................................15 DIFFERENT ITENVIRONMENTS..........................................................................................................................15 CHANGES IN A CLIENT’S IT ENVIRONMENT ..................................................................................................17 SAMPLING VERSUS POPULATION TESTING......................................................................................................17 ETHICAL ISSUES RELATED TO AUDITING (STUDY OBJECTIVE 12) ..........................................................18 CHAPTER SUMMARY ............................................................................................................................................19
- 7. 3 | P a g e CHAPTER 7: AUDITING INFORMATION TECHNOLOGY-BASED PROCESS LEARNING OBJECTIVES: 1. An introduction to auditing IT processes 2. The various types of audits and auditors 3. Information risk and IT-enhanced internal control 4. Authoritative literature used in auditing 5. Management assertions used in the auditing process and the related audit objectives 6. The phases of an IT audit 7. The use of computers in audits 8. Tests of controls 9. Tests of transactions and tests of balances 10. Audit completion/reporting 11. Other audit considerations 12. Ethical issues related to auditing REAL WORLD: AURAFIN BRAND • The Aurafin brand is renowned in the jewelry industry as the fashion leader in fine gold. • Owned by Richline Group, Inc., a subsidiary of Berkshire Hathaway, Inc., the brand is sold by retail giants like JCPenney, Macy’s, and many online outlets. • Aurafin has overcome significant challenges in maintaining its customer relationships. Several years ago, Aurafin began experiencing such severe problems with transaction fulfillment and delivery that its customers were taking notice. • JCPenney had implemented a supplier scorecard system, a type of vendor audit whereby companies, which do business with JCPenney were evaluated on the basis of the quality of service provided. This system brought to light some significant violations in Aurafin’s business processes, including weaknesses in controls and inadequate computer systems. Aurafin took quick action, undergoing a thorough IT audit which identified the specific causes of its process failures. Aurafin acted swiftly upon the recommendations made by its auditors and implemented a more reliable technology platform that empowered it to apply a variety of new audit and control techniques and to get its systems in sync with its business goals. Aurafin credits the audit processes to its newfound success, including its subsequent recognition as JCPenney’s “Vendor of the Year.” This chapter focuses on various aspects of an IT audit, as well as the accountant’s techniques for evaluating information-technology processes, and their importance in business processes.
- 8. 4 | P a g e INTRODUCTION TO AUDITING IT PROCESSES (STUDY OBJECTIVE 1) Nearly all business organizations rely on computerized systems to assist in the accounting function. Technological advances have transformed the business world by providing new ways for companies to do business and maintain records. This boom in technological developments has increased the amount of information that is readily available. Business managers, investors, creditors, and government agencies often have a tremendous amount of data to use when making important business decisions. However, it is often a challenge to verify the accuracy and completeness of the information. Accountants have an important role in the business world because they are called upon to improve the quality of information provided to decision makers. Accounting services that improve the quality of information are called assurance services. Many types of services performed by accountants are considered assurance services because they lend credibility to the underlying financial information. An audit is the most common type of assurance service TYPES OF AUDITS AND AUDITORS (STUDY OBJECTIVE 2) The main purpose of the audit is to assure users of financial information about the accuracy and completeness of the information. To carry out an audit, accountants collect and evaluate proof of procedures, transactions, and/or account balances and compare the information with established criteria. The three primary types of audits include: • compliance audits, • operational audits, and • financial statement audits Compliance audits determine whether the company has complied with regulations and policies established by contractual agreements, governmental agencies, company management, or other high authority. Operational audits assess operating policies and procedures for efficiency and effectiveness Financial statement audits determine whether the company has prepared and presented its financial statements fairly, and in accordance with established financial accounting criteria. • financial statement audits are performed by certified public accountants who have extensive knowledge of generally accepted accounting principles (GAAP) in the United States and/or International Financial Reporting Standards (IFRS)
- 9. 5 | P a g e There are different types of audit specialization that exist in business practice today, including: • An internal auditor is an employee of the company that he or she audits. Most large companies have a staff of internal auditors who perform compliance, operational, and financial audit functions at the request of management. Some internal auditors achieve special certification as certified internal auditors (CIAs). • IT auditors specialize in information systems assurance, control, and security, and they may work for CPA firms, government agencies, or with the internal audit group for any type of business organization. Some IT auditors achieve special certification as certified information systems auditors (CISAs). • Government auditors conduct audits of government agencies or income tax returns. • CPA firms represent the interests of the public by performing independent audits of many types of business organizations. Only CPA firms can conduct financial statement audits of companies whose stock is sold in public markets such as the New York Stock Exchange. An important requirement for CPA firms is that they must be neutral with regard to the company being audited. The neutrality requirement allows CPA firms to provide an unbiased opinion on the information it audits, and it is the foundation of an external audit performed by CPAs. An external audit is performed by independent auditors who are objective and neutral with respect to the company and information being audited. To keep their neutrality, CPA firms and their individual CPAs are generally prohibited from having financial and managerial connections with client companies and from having personal ties to those working for client companies. A CPA’s objectivity could be impaired by having these types of relationships with a client company or with anyone having the ability to influence the client’s decisions and financial reporting activities. • Performing financial statement audits is a main service of CPA firms. • Because many audited companies use sophisticated IT systems to prepare financial statements, it is important for auditors to enhance the quality of their services in auditing those systems. • IT auditing is a part of the financial statement audit that evaluates a company’s computerized accounting information systems. • An auditor must gain a sufficient understanding of the characteristics of a company’s IT system. • Use of computers may significantly change the way a company processes and communicates information, and it may affect the underlying internal controls. Therefore, the IT environment plays a key role in how auditors conduct their work in the following areas: o Consideration of risk o Audit procedures used to obtain knowledge of the accounting and internal control systems o Design and performance of audit tests
- 10. 6 | P a g e INFORMATION RISK AND IT-ENHANCED INTERNAL CONTROL (STUDY OBJECTIVE 3) Information risk is the chance that information used by decision makers may be inaccurate. Following are some causes of information risk: • the remoteness of information • the volume and complexity of the underlying data • the motive of the preparer The most common way for decision makers to reduce information risk is to rely upon information that has been audited by an independent party. Various risks are created by the existence of IT-based business processes. For example, because the details of transactions are often entered directly into the computer system, there may be no paper documentation maintained to support the transactions. This is often referred to as the loss of audit trail visibility because there is a lack of physical evidence to visibly view. Advantages of using IT-based systems: • Internal controls can actually be enhanced if care is exercised in implementing these systems • Computer controls can compensate for the lack of manual controls • If programs are tested properly the risk of human error is virtually eliminated • Provide higher quality information to management AUTHORITATIVE LITERATURE USED IN AUDITING (STUDY OBJECTIVE 4) Generally accepted auditing standards (GAAS) are broad guidelines for an auditor’s professional responsibilities. These ten standards are divided into three categories that include general qualifications and conduct of an auditor (general standards), guidelines for performing the audit (standards of fieldwork), and requirements for the written report communicating the results of the audit (standards of reporting).
- 11. 7 | P a g e General Standards StandardsofFieldwork Standards ofReporting 1. The audit is to be performed by a person or persons having adequate technicaltraining and proficiency as anauditor. 2. Independence in mental attitude is to be maintained in all matters related to the audit engagement. 3. Due professional care is to be exercised in all phases of the audit process. 1. The audit is to be adequately planned and supervised. 2. An understanding of internalcontrol is to be obtained as part of the planning process for the purpose of determining the nature, timing, and extent of tests to beperformed. 3. Evidence is to be obtained through inspection, inquiries, observation, and confirmations in order to provide a reasonable basis for forming an overall opinion on the audit. 1. The written report must state whether the financial statements are presented in accordance with the establishedcriteria. 2. The written report identifies any circumstances in which established principles have not been consistently applied in the current period in relation to the priorperiod. 3. The financial statements are assumed to contain adequate informative disclo- sures unless otherwise indicated in the written report. 4. The written report expresses an opinion on the fairness of the financial statements as a whole, or an assertion to the effect that an opinion cannot be expressed (and the reasons therefor). The report also describes the character of the auditor’s work and the degree of responsibilityassumedbytheauditor.
- 12. 8 | P a g e The Public Company Accounting Oversight Board (PCAOB) was organized in 2003 for the purpose of establishing auditing standards for public companies in the United States • The PCAOB was established by the Sarbanes–Oxley Act, which was created in response to several major corporate accounting scandals, including those affecting Enron, WorldCom, and others • Prior to the PCAOB, standard-setting was the responsibility of the Auditing Standards Board (ASB) of the American Institute of CPAs (AICPA) • The International Auditing and Assurance Standards Board (IAASB) was established by the International Federation of Accountants (IFAC) to set International Standards on Auditing (ISAs) that contribute to the uniform application of auditing practices on a worldwide basis. ISAs are similar to SASs; however, ISAs tend to extend SASs because of their usefulness in audits of multinational companies. Although auditors have a primary responsibility to comply with standards issued within their own countries, ISAs are useful in expanding those requirements in order to meet different needs in other countries where the audited information may also be used. The Institute of Internal Auditors (IIA) established the Internal Auditing Standards Board (IASB) to issue standards that pertain to attributes of internal audit activities, performance criteria, and implementation guidance. The Information Systems Audit and Control Association (ISACA) issues Information Systems Auditing Standards (ISASs) that provide guidelines for conducting the IT audit. These standards address audit issues unique to a company’s information systems environment, including control and security issues. MANAGEMENT ASSERTIONS AND AUDIT OBJECTIVES (STUDY OBJECTIVE 5) Management assertions are claims regarding the condition of the business organization in terms of its operations, financial results, and compliance with laws and regulations. The role of the auditors is to analyze the underlying facts to decide whether information provided by management is fairly presented. Auditors design audit tests to analyze information in order to determine whether management’s assertions are valid. To accomplish this, audit tests are created to address general audit objectives. Each audit objective relates to one of management’s assertions. The following diagram illustrates management assertions and the corresponding audit objective:
- 13. 9 | P a g e Auditors must think about how the features of a company’s IT systems influence management’s assertions and the general audit objectives. These matters have a big impact on the choice of audit methodologies used. PHASES OF AN IT AUDIT (STUDY OBJECTIVE 6) There are four primary phases of the audit: • planning, • tests of controls, • substantive tests, and • audit completion/reporting Through each phase of an audit, evidence is accumulated as a basis for supporting the conclusions reached by the auditors. Audit evidence is proof of the fairness of financial information. The techniques used for gathering evidence include the following: • Physically examining or inspecting assets or supporting documentation • Obtaining written confirmation from an independent source • Reperforming tasks or recalculating information • Observing the underlying activities • Making inquiries of company personnel • Analyzing financial relationships and making comparisons to determine reasonableness
- 14. 10 | P a g e During the planning phase of an audit, the auditor must gain a thorough under- standing of the company’s business and financial reporting systems. In doing so, auditors review and assess the risks and controls related to the business, establish materiality guidelines, and develop relevant tests addressing the assertions and objectives • tasks of assessing materiality and audit risk are very subjective and are therefore typically performed by experienced auditors • Determining materiality, auditors estimate the monetary amounts that are large enough to make a difference in decision making • Materiality estimates are then assigned to account balances so that auditors can decide how much evidence is needed • Below materiality limits are often considered insignificant • Some accounts with immaterial balances may still be audited, though, especially if they are considered areas of high risk • Risk- refers to the likelihood that errors or fraud may occur • Risk can be inherit or it may be caused by weak internal controls A big part of the audit planning process is the gathering of evidence about the company’s internal controls • Auditors typically gain an understanding of internal controls by interviewing key members of management and the IT staff • They observe policies and procedures and review IT user manuals and system flowcharts • They often prepare narratives or memos to summarize the results of their findings • Company personnel generally complete a questionnaire about the company’s accounting systems, including its IT implementation and operations, the types of hardware and software used, and control of computer resources • The understanding of internal controls provides the basis for designing appropriate audit tests to be used in the remaining phases of the audit In recognition of the fact that accounting records and files often exist in both paper and electronic form, auditing standards address the importance of understanding both the automated and manual procedures that make up an organization’s internal controls. In addition, many large and medium-size businesses are capturing an abundance of data. The availability of Big Data sets in auditing may complicate an auditor’s judgment. Yet auditors must always consider how misstatements may occur, including the following: • How data is captured and used • How standard journal entries are initiated, recorded, and processed • How nonstandard journal entries and adjusting entries are initiated, recorded, and processed IT auditors may be called upon to consider the effects of computer processing on the audit or to assist in testing those automated procedures.
- 15. 11 | P a g e USE OF COMPUTERS IN AUDITS (STUDY OBJECTIVE 7) If the use of IT systems does not have a great impact on the conduct of the audit, since the auditor can perform audit testing in the same manner as would be done for a manual system the practice is referred to as auditing around the computer because it does not require evaluation of computer controls. • Auditing around the computer merely uses and tests output of the computer system in the same manner as the audit would be conducted if the information had been generated manually • Because this approach does not consider the effectiveness of computer controls, auditing around the computer has limited usefulness. Auditing through the computer involves directly testing the internal controls within the IT system, whereas auditing around the computer does not • sometimes referred to as “the white box approach,” because it requires auditors to understand the computer system logic • This approach requires auditors to evaluate IT controls and processing so that they can determine whether the information generated from the system is reliable • Auditing through the computer is necessary under the following conditions: o The auditor wants to test computer controls as a basis for evaluating risk and reducing the amount of substantive audit testing required. o The author is required to report on internal controls in connection with a financial statement audit of a public company. o Supporting documents are available only in electronic form. Auditors can use their own computer systems and audit software to help conduct the audit. This approach is known as auditing with the computer. • A variety of computer-assisted audit techniques (CAATs) are available for auditing with the computer • CAATs are useful audit tools because they make it possible for auditors to use computers to test more evidence in less time. TESTS OF CONTROLS (STUDY OBJECTIVE 8) The tests of controls involve audit procedures designed to evaluate both general controls and application controls. During audit planning, auditors must learn about the types of controls that exist within their client’s IT environment. Then they may test those controls to determine whether they are reliable as a means of reducing risk. Tests of controls are sometimes referred to as “compliance tests,” because they are designed to determine whether the controls are functioning in compliance with management’s intentions. GENERAL CONTROLS General controls MUST be tested before application controls. General controls are the automated controls that affect all computer applications. The reliability of application controls is considered only after general controls are deemed reliable.
- 16. 12 | P a g e The effectiveness of general controls is the foundation for the IT control environment. If general controls are not functioning as designed, auditors will not devote attention to the testing of application controls; rather, they will reevaluate the audit approach with reduced reliance on controls. There are two broad categories of general controls that relate to IT systems: • IT administration and the related operating systems development and maintenance processes • Security controls and related access issues IT Administration Related audit tests include review for the existence and communication of company policies regarding the following important aspects of administrative control: • Personal accountability and segregation of incompatible responsibilities • Job descriptions and clear lines of authority • Computer security and virus protection • IT systems documentation Security Controls Auditors are concerned about whether a company’s computer system has controls in place to prevent unauthorized access to or destruction of information within the accounting information systems. Unauthorized access may occur internally when employees retrieve information that they should not have, or externally when unauthorized users (or hackers) outside the company retrieve information that they should not have. Access risks tend to escalate as companies embrace newer technologies and allow sensitive data to be shared via smart devices, Web and mobile applications, and social networks. Destruction of information may occur as a result of natural disasters, accidents, and other environ- mental conditions. Controls that protect the company from these risks include: • various access controls, • physical controls, • environmental controls, and • business continuity policies In order to test internal access controls, auditors should determine that the company has properly segregated IT duties or compensated for a lack of segregation by improving supervisory reviews. The company’s authority table should be tested to find out whether access to programs and data files is limited to authorized employees. Auditors should perform authenticity tests for valid use of the company’s computer system, according to the authority tables. In order to test external access controls, auditors may perform the following procedures: • Authenticity tests • Penetration tests
- 17. 13 | P a g e • Vulnerability assessments • Review access logs to identify unauthorized users or failed access attempts Physical controls include: • locks, • security guards, • alarms, • cameras, and • card keys. Physical controls not only limit access to the company’s computers, but also are important for preventing damage to computer resources. In addition to assessing physical controls, auditors should evaluate the IT environment to determine that proper temperature control is maintained, fireproofing systems are installed, and an emergency power supply is in place. APPLICATION CONTROLS Application controls are computerized controls over application programs. Since any company may use many different computer programs in its day-to- day business, there may be many different types of application controls to con- sider in an audit. Input Controls Auditors perform tests to verify the correctness of information input to soft- ware programs. Auditors are concerned about whether errors are being pre- vented and detected during the input stage of data processing. Auditors observe controls that the company has in place and perform the comparisons on a limited basis to determine their effectiveness. These tests can be performed manually or by electronic methods. Processing Controls IT audit procedures typically include a combination of data accuracy tests, whereby the data processed by computer applications are reviewed for correct dollar amounts or other numerical values. For example, limit tests, described previously as an input control, can also be an effective processing control. Run-to-run totals involve the recalculation of amounts from one process to the next to determine whether data have been lost or altered during the process. Balancing tests involve a comparison of different items that are expected to have the same values, such as comparing two batches or comparing actual data against a predetermined control total. Mathematical accuracy tests verify whether system calculations are correct. Completeness tests and redundancy tests, introduced earlier, check for inclusion of the correct data. Benford’s Law, also known as the first-digit law, was named for a physicist, Frank Benford, who discovered a specific, but nonuniform pattern in the frequency of digits occur- ring as the first number in a list of numbers
- 18. 14 | P a g e The test data method is an audit and control technique often used to test the processing accuracy of software applications. Test data are fictitious information developed by auditors and entered in the company’s application system. Test data are processed under the company’s normal operating conditions. The results of the test are compared with predicted results to deter- mine whether the application is functioning properly A slight variation of the test data method involves the auditor testing fictitious data, using a copy of the company’s application. The test data may be processed through the application on a different (nonclient) computer. Under these conditions, an auditor can also use another test data method, program tracing, whereby bits of actual data are followed through the application in order to verify the accuracy of its processing. Program mapping, on the other hand, counts the number of times each program statement is executed, so it can identify whether program code has been bypassed. An integrated test facility (ITF) may be used to test application controls without disrupting the client’s operations. Parallel simulation- is an audit technique that processes company data through a controlled program designed to resemble the company’s application Embedded audit module- involves placing special audit testing programs within the company’s operating system Output Controls Regardless of whether the results are printed or retained electronically, auditors may perform the following procedures to test application outputs: • Reasonableness tests compare the reports and other results with test data or other criteria. • Audit trail tests trace transactions through the application to ensure that the reporting is a correct reflection of the processing and inputs. • Rounding errors tests determine whether significant errors exist due to the way amounts are rounded and summarized. Reconciliation- a detailed report assessing the correctness of an account balance or transaction record that is consistent with supporting documentation and the company’s policies and procedures. At the conclusion of the controls testing phase of the audit, an auditor must determine the overall reliability of the client’s internal controls. Auditors strive to rely on internal controls as a way to reduce the amount of evidence needed in the remaining phases of the audit. They can be reasonably sure that information is accurate when it comes from a system that is proven to have strong controls. Therefore, once the general and application controls are tested and found to be effective, the amount of additional evidence needed in the next phase of the audit can be minimized TESTS OF TRANSACTIONS AND TESTS OF BALANCES (STUDY OBJECTIVE 9) Audit tests of the accuracy of monetary amounts of transactions and account balances are known as substantive testing • Substantive tests verify whether information is correct, whereas control tests determine whether the information is managed under a system that promotes correctness • Some level of substantive testing is required regardless of the results of control testing.
- 19. 15 | P a g e • If weak internal controls exist or if important controls are missing, extensive substantive testing will be required. • If controls are found to be effective, the amount of substantive testing required is significantly lower, because there is less chance of error in the underlying records Most auditors use generalized audit software (GAS) or data analysis soft- ware (DAS) to perform audit tests on electronic data files taken from commonly used database systems. These computerized auditing tools make it possible for auditors to be much more efficient in performing routine audit tests such as the following: • Mathematical and statistical calculations • Data queries • Identification of missing items in a sequence • Stratification and comparison of data items • Selection of items of interest from the data files • Summarization of testing results into a useful format for decision making GAS and DAS are evolving to handle larger and more diverse data sets, which allow auditors to use more types of unstructured data evidence and to perform more creative analytical procedures and predictive analyses. AUDIT COMPLETION/REPORTING (STUDY OBJECTIVE 10) After the tests of controls and substantive audit tests have been completed, auditors evaluate all the evidence that has been accumulated and draw conclusions based on this evidence. This phase is the audit completion/reporting phase. The completion phase includes many tasks that are needed to wrap up the audit. For many types of audits, the most important task is obtaining a letter of representations from company management. The letter of representations is often considered the most significant single piece of audit evidence, because it is a signed acknowledgment of management’s responsibility for the reported information. In this letter, management must declare that it has provided complete and accurate information to its auditors during all phases of the audit. Four types of reports that are issued: 1. Unqualified opinion, which states that the auditors believe the financial statements are fairly and consistently presented in accordance with GAAP or IFRS 2. Qualified opinion, which identifies certain exceptions to an unqualified opinion 3. Adverse opinion, which notes that there are material misstatements presented 4. Disclaimer of opinion, which states that the auditors are unable to reach a conclusion. OTHER AUDIT CONSIDERATIONS (STUDY OBJECTIVE 11 ) DIFFERENT ITENVIRONMENTS Most companies use microcomputers or personal computers (PCs) in their accounting processes. General controls covering PCs are often less advanced than those covering the mainframe and client–server systems. Following are some audit techniques used to test controls specifically in the use of PCs:
- 20. 16 | P a g e • Make sure that PCs and removable hard drives are locked in place to ensure physical security. In addition, programs and data files should be pass- word protected to prevent online misuse by unauthorized persons. • Make sure that computer programmers do not have access to systems operations, so that there is no opportunity to alter source code and the related operational data. Software programs loaded on PCs should not permit the users to make program changes. Also ascertain that computer-generated reports are regularly reviewed by management. • Compare dates and data included on backup files with live operating pro- grams in order to determine the frequency of backup procedures. • Verify the use of antivirus software and the frequency of virus scans In addition to, or as an alternative to using PCs, companies’ IT environments may involve networks, database management systems, e-commerce systems, cloud computing, and/or other forms of IT outsourcing. All of the risks and audit procedures that apply to a PC environment may also exist in networks, but the potential for loss is much greater. Since network operations typically involve a large number of computers, many users, and a high volume of data transfers, any lack of network controls could cause widespread damage. Auditors must apply tests over the entire network. It is especially important to test the software that manages the network and controls access to the servers. Security risks always exist in companies that use e-commerce, because their computer systems are linked online with the systems of their business partners. As a result, the reliability of a company’s IT system depends upon the reliability of its customers’ and/or suppliers’ systems. The audit procedures used to assess controls in e-commerce environments were addressed earlier in this chapter in the discussion on external access controls. In addition, auditors often • Inspect message logs to identify the points of remote access, verify proper sequencing of transactions, and review for timely follow up on unsuccessful transmissions between business partners • Verify that the company has evaluated the computer systems of its business partners prior to doing business over the Internet • Reprocess transactions to see whether they are controlled properly Some companies may rely on external, independent computer service providers to handle all or part of their IT needs. This is known as IT outsourcing. IT outsourcing creates a challenge for auditors, who must gain an adequate under- standing of risks and controls that are located at an independent service center. It is important for a company and its auditors to carefully consider whether all relevant risks have been identified and controlled. Below are some sample questions for auditors to consider when evaluating a cloud computing environment: Security Risks: • What damage could result if an unauthorized user accessed the company’s data? • How and when are data encrypted? • How does the cloud service provider handle internal security?
- 21. 17 | P a g e Availability Risks: • What damage could result if the company’s data were unavailable during peak times or for an extended period? • How does the cloud service provider segregate information between clients? • What disaster recovery and business continuity plans are in place? Processing Risks: • How are response times and other aspects of operating performance monitored? • How does the service provider monitor its capacity for data storage and usage? • Is the service provider’s system flexible enough to accommodate the company’s anticipated growth? Compliance Risks: • What compliance standards does the cloud service provider meet? • What third-party assurance documentation is in place? • What additional documentation is available to help the company maintain compliance with applicable laws and regulations? CHANGES IN A CLIENT’S IT ENVIRONMENT When a company changes the type of hardware or software used or otherwise modifies its IT environment, its auditors must consider whether additional audit testing is needed. During its period of change, data may be taken from different systems at different times. As a result, auditors should consider applying tests of controls at multiple times throughout the period in order to determine the effectiveness of controls under each of the systems. Specific audit tests include verification of the following items: • An assessment of user needs • Proper authorization for new projects and program changes • An adequate feasibility study and cost–benefit analysis • Proper design documentation, including revisions for changes made via updates, replacements, or maintenance • Proper user instructions, including revisions for changes made via updated versions, replacements, or maintenance • Adequate testing before the system is put into use SAMPLING VERSUS POPULATION TESTING Auditors often rely on sampling, whereby they choose and test a limited number of items or transactions and then draw conclusions about the information as a whole on the basis of the results. Since many audit tests do not cover all items in the population, there is some risk that a sample, or subset, of the population may not represent the balance as a whole. Auditors try to use sampling so that a fair representation of the population is evaluated. As businesses evolve, they are more likely to possess Big Data sets, and auditors may transition from using sampling strategies toward population testing, where continuous auditing techniques are used to evaluate 100% of the population, often in real time.
- 22. 18 | P a g e ETHICAL ISSUES RELATED TO AUDITING (STUDY OBJECTIVE 12) All types of auditors must follow guidelines promoting ethical conduct. For financial statement auditors, the PCAOB/AICPA has established a Code of Professional Conduct, commonly called its code of ethics. This code of ethics is made up of two sections, the principles and the rules. Six Principles of the code: 1. Responsibilities 2. The Public Interest 3. Integrity 4. Objectivity and Independence 5. Due Care 6. Scope and Nature of Services The Sarbanes–Oxley Act: • placed restrictions on auditors by prohibiting certain types of services historically performed by auditors for their clients • increased management’s responsibilities regarding the fair presentation of the financial statements • requires public companies to have an audit committee as a subcommittee of the board of directors • requires top management to verify in writing that the financial statements are fairly stated and that the company has adequate internal controls over financial reporting In fulfilling their ethical responsibilities, auditors must practice professional skepticism during the audit. Professional skepticism means that the auditors should not automatically assume that their clients are honest, but must have a questioning mind and a persistent approach to evaluating evidence for possible misstatements. It is important for auditors to consider the conditions under which fraud could be committed, including the possible pressures, opportunities, and rationalization for committing dishonest acts. In the context of a client’s IT systems, audi- tors should also think about the possibility that computer programs could be altered to report information in a manner that is favorable for the company. Accountants are sometimes called upon to perform a specialized type of assurance service called forensic auditing. Forensic auditing is designed specifically for finding and preventing fraud and is used for companies where fraud is known or believed to exist. Some accountants who work on forensic audits become certified fraud examiners (CFEs) and are considered experts in the detection of fraud. Some CFEs specialize in computer forensics, which involves the detection of abuses within computer systems. IT auditors may play an instrumental role in gathering and analyzing data needed to perform or assist in a forensic audit.
- 23. 19 | P a g e CHAPTER SUMMARY ➢ Introduction to Auditing IT Processes. Most businesses rely upon computerized systems to assist in the accounting function. Advancements in technology have brought huge increases in the amount of information that is readily available for decision-makers. Accountants play an important role in the business world because they are called upon to improve the quality of information. Accountants provide assurance services, which help to verify the accuracy and completeness of financial information, thereby improving the quality and lending credibility to this information. An audit is the most common type of assurance service. ➢ Types of Audits and Auditors. The main purpose of an audit is to assure users of financial information about the accuracy and completeness of the information by evaluating evidence supporting the underlying procedures, transactions, and/or account balances. This evidence is compared to established criteria. There are three primary types of audits, including (1) compliance audits, (2) operational audits, and (3) financial statement audits. Although each type of audit involves an investigation of supporting evidence, each type has a different objective. ○ Compliance audits determine whether the client has complied with regulations and policies established by contractual agreements, governmental agencies, company management, or other high authority. ○ Operational audits assess operating policies and procedures for efficiency and effectiveness. ○ Financial statement audits determine whether the company has prepared and presented its financial statements fairly, and in accordance with generally-accepted accounting principles (GAAP) or some other financial accounting criteria. Internal auditors, IT auditors, and governmental auditors typically conduct compliance audits and operational audits. Certified public accountants (CPAs) may conduct any type of audit, but CPA firms tend to concentrate on financial statement audits and other financial assurance services. It is important that CPAs be independent, or objective and neutral, with respect to their audit clients and the financial information being audited. Because many companies use sophisticated IT accounting systems to support their financial statements, it is increasingly important for auditors to understand the impact of information technology on their clients’ accounting systems and internal controls. The IT environment plays a key role in how auditors conduct their work related to the consideration of risk in the audit, understanding the underlying systems, and the related design and performance of audit tests. ➢ Information Risk and IT-Enhanced Internal Control. Information risk is the chance that information used by decision-makers may be inaccurate. Information risk may be caused by: • The remoteness of information, or the extent to which the source of the information is removed from the decision-maker. • The volume and complexity of the underlying data. • The motive, goals, or viewpoint of the preparer of the information. The most common way to reduce information risk is to rely upon information that has been audited by an independent party. This is why a chapter on information-based processing and the related audit function is included in the study of accounting information systems. IT-based processes generally provide high quality information to management, which aids in effective decision- making. Information is high quality when it is provided in a timely manner and administered effectively. IT systems are also advantageous because they often include computerized controls to enhance the company’s internal controls, and they eliminate the risk of human errors such as mathematical or classification mistakes. On the other
- 24. 20 | P a g e hand, IT systems present various risks, including loss of audit trail visibility, lost/destroyed data, system failures, and unauthorized access. ➢ Authoritative Literature Used in Auditing. The work of an auditor must be conducted in accordance with several sources of authoritative literature, including: ○ Generally accepted auditing standards (GAAS), which are broad guidelines for an auditor’s professional responsibilities in the areas of general qualifications and conduct (general standards), performance of the audit (standards of fieldwork), and written communication of results (standards of reporting). Exhibit 7-1 presents the ten generally accepted auditing standards. ○ The Public Company Accounting Oversight Board (PCAOB) establishes auditing standards (AS) for public companies. Prior to the PCAOB, accounting standards were established by the Auditing Standards Board (ASB) of the American Institute of CPAs (AICPA) through the issuance of Statements on Auditing Standards (SASs). The ASB is still serves as the standard-setting body for non-public companies. ○ The International Auditing and Assurance Standards Board (IAASB) issues international standards on auditing (ISAs) and contributes to the uniform application of auditing practices on a worldwide basis. ○ The International Internal Auditing Standards Board (IASB) to issue standards that pertain to attributes of internal audit activities, performance criteria, and implementation guidance. ○ The Information Systems Audit and Control Association (ISACA) issues information systems auditing standards (ISASs) that address control and security issues and provide relevant guidelines for conducting and IT audit. Although SASs, ISAs, and ISASs each provide detailed guidance that supports GAAS, they still do not furnish auditors with detailed directions regarding the types of audit tests to use and the manner in which conclusions should be drawn. Industry guidelines and other resources such as CPA firm’s own policies and procedures are needed for such specific guidelines. ➢ Management Assertions and Audit Objectives. Management assertions are claims regarding the financial condition of the business organization and its results of in terms of its operations, financial results, and compliance with applicable laws and regulations. Management assertions relate to existence/occurrence, valuation and allocation, accuracy, classification, cutoff, completeness, rights and obligations, and presentation and disclosure. These assertions and related audit objectives are presented in Exhibit 7-2. Auditors recognize that management of the company is primarily responsible for the preparation and presentation of the financial statements. Accordingly, auditors analyze information supporting the financial statements in order to determine whether management’s assertions are valid. Audit tests should be documented in an audit program and should be uniquely developed for each audit client to address management’s assertions. ➢ Phases of an IT Audit. Exhibit 7-4 provides an overview of the four primary phases of the audit: planning, tests of controls, substantive tests, and audit completion/reporting. Through each phase of the audit, evidence is accumulated as a basis for supporting the conclusions reached by the auditors. Auditors use combinations of various techniques to collect evidence, including physically examining and inspecting assets or supporting documentation, obtaining written confirmation from an independent source, rechecking or recalculating information, observing activities, making inquiries of client personnel, and analyzing financial relationships and trends. o Audit Planning. Auditors must gain a thorough understanding of the company’s business and financial reporting systems during the planning phase of the audit. In doing so, auditors review and assess the risks and controls related to the business, establish materiality guidelines, and develop relevant tests addressing the objectives. Risk assessment involves careful consideration of the likelihood that errors or fraud may occur. Risk may be
- 25. 21 | P a g e inherent in the business or it may be caused by weak internal controls. Accordingly, a big part of the audit planning process involves gaining an understanding of internal controls. In determining materiality, auditors estimate the monetary amounts that are large enough to make a difference in decision making. Materiality estimates are then assigned to account balances so that auditors can decide how much evidence in needed in the testing phases of the audit. If the company has adopted IFRS or is in the process of convergence, changes in the audit approach should be anticipated. ➢ Use of Computers in Audits. The audit planning tasks of evaluating internal controls and designing meaningful audit tests is more complex for automated accounting systems than for manual systems. In recognition of the fact that accounting records and files often exists in both paper and electronic form, auditing standards address the importance of understanding both the automated and manual procedures that make up an organization’s internal control. Misstatements may occur through the data entry and processing functions of the system. Auditors must consider the effects of such computer processing on the audit. Three options may exist for the auditor in deciding upon a testing approach for a client’s automated process, including auditing around the computer, auditing through the computer, and auditing with the computer. • Auditing around the computer is commonly known as the “black box” approach because auditors are not required to gain detailed knowledge about the company’s computer system; rather, documents used to input data into the system can be compared with reports generated from the system. Computer controls are not considered. • Auditing through the computer is commonly known as the “white box” approach because it involves directly testing the internal controls within the IT system. It requires the auditors to understand the computer system logic and related IT controls. Auditing through the computer is necessary when the auditor wants to test computer controls as a basis for reducing the amount of substantive testing required, when the auditor is required to report on internal controls of a public company, and when supporting documents are available only in electronic form. • Auditing with the computer involves the auditors’ use of their own computer systems and audit software to perform audit testing. A variety of computer assisted audit techniques (CAATs) are available for auditing with the computer. ➢ Tests of Controls. After auditors have learned about the types of controls that exist within their client’s IT environment, they may then test those controls to determine whether they are reliable as a means of reducing risk. Test of controls are sometimes referred to as “compliance tests”, because they are designed to determine whether the controls are functioning in compliance with management’s intentions. Both general controls and application controls must be considered. General Controls. The effectiveness of general controls is the foundation of the IT control environment because general controls affect all computer applications. If general controls are not functioning as designed, auditors will not devote attention to the testing of application controls; rather, they will reevaluate the audit approach with reduced reliance on controls. There are two broad categories of general controls that relate to IT systems: IT administration and the related operating systems development and maintenance processes, and security controls and related access issues. • IT administration. IT departments should be organized so that an effective and efficient workplace is created and supported. The important aspects of administrative control include personal accountability and segregation of incompatible responsibilities, job descriptions and clear lines of authority, computer security
- 26. 22 | P a g e and virus protection, and thorough documentation about the internal logic of computer systems and surrounding controls. • Security controls. Auditors must be concerned about whether a company’s computer system has controls in place to prevent unauthorized access that may result in the destruction or alteration of information within the accounting information systems. Unauthorized access may be from an internal or external source, and can be controlled internally through the use of various access controls, including authenticity tests, passwords and security tokens, and other techniques that were described in Chapter 4. External access controls may include authenticity tests, penetration tests, vulnerability assessments, and monitoring of access logs and other security reports. Physical controls such as locks, security alarms, etc. are also used to protect and limit access to a company’s computer resources. In addition, a disaster recovery plan, backup procedures, virus protection, and adequate insurance coverage should all be in place in order to protect the company’s computer systems and data. Application Controls. Since companies tend to use many different computer programs in their day-to-day business, there may be different types of application controls to consider in an audit. However, application controls are considered only if general controls have already been tested and found to be operating effectively. It would not be worthwhile to test application controls if the auditor already knew that the underlying general controls were weak. The three main functions of computer applications include input, processing, and output. Each of these functions should be tested by the auditor. • Auditors are concerned about whether errors are being prevented or detected during the input of data into a computerized system. The most widely used tests of input controls include financial totals, hash totals, completeness or redundancy tests, limit tests, validation checks, and field checks. Companies may implement these tests as internal control measures, and auditors may perform the same type of test to determine their effectiveness. • Data accuracy tests are typically performed to evaluate the processing integrity of a company’s computer systems. Limit tests, balancing tests, run-to-run totals, mathematical accuracy tests, and completeness or redundancy tests can each be performed to test for the possibility of lost, altered, or unprocessed data. When evaluating financial information, auditors can often use Benford’s Law to help discover whether errors or fraud may exist in a data set. Benford’s Law applies to large data sets of naturally-occurring numbers, and is therefore useful to auditors in evaluating possible errors or fraud in sales and accounts receivable balances, accounts payable and disbursements balances, income tax data, and more. Audit procedures that apply Benford’s Law can be carried out using spreadsheet programs or special applications of audit software. Exhibit 7-8 presents a comparison of several CAATs for testing applications controls, including the test data method, program tracing, an integrated test facility, parallel simulation, and embedded audit modules. • Audit tests that evaluate general controls over access and backup procedures may also be used in the testing of specific computer application outputs. Regardless of whether the outputs are printed or retained electronically, auditors may perform reasonableness tests, audit trail tests, and/or rounding errors tests to verify the accuracy of system outputs. At the conclusion of the controls testing phase of the audit, auditors must determine the overall reliability of the company’s internal controls. Auditors may rely on internal controls as a way to reduce the amount of evidence needed in the remaining phases of the audit. They can be reasonably sure that financial information is accurate when it comes from a system that is proven to have strong controls.
- 27. 23 | P a g e ➢ Tests of Transactions and Tests of Balances. When auditors test the accuracy of monetary amounts of transactions and account balances, this is known as substantive testing. Substantive testing therefore determines whether financial information is accurate, whereas control tests determine whether the financial information is managed under a system that promotes accuracy. Some level of substantive testing is required on all financial statement audits, however, the results of the tests of controls will determine the extent of substantive testing. There is an inverse relationship between the two: the stronger the internal controls, the less substantive testing is required, and vice versa. Some testing strategies used to test controls can also be used to perform substantive testing. For instance, parallel simulations, the test data method, the embedded audit module, and the integrated test facility can be used for both controls and substantive testing. Recent trends such as advances in automated controls, new compliance requirements, integration of governance, risk management, and compliance (GRC) activities, and real-time financial reporting have created the need for continuous auditing. Continuous auditing, or continuous monitoring, is a process of constant evidence gathering and analysis to provide assurance on the information as soon as it occurs or shortly thereafter. Continuous monitoring of internal controls is important so that control deficiencies can be detected before they become significant. The SEC, PCAOB, and AICPA also approve of the use of continuous auditing. Continuous auditing helps auditors stay involved in their client’s business and perform audit testing in a more thorough manner. This requires that the auditors have online access to the company’s systems so that data can be obtained on an ongoing basis. Then the data are downloaded and tested by auditors within a very short timeframe. Most CPA firms used generalized audit software (GAS) or data analysis software (DAS) to perform audit tests on electronic files taken from commonly used database systems. These computerized audit tools assist auditors in the performance of mathematical and statistical computations, data queries, identification of missing information in a sequence, stratification and comparison of data items, selection of items of interest from the data files, and summarization of testing results into a useful format for decision-making. ➢ Audit Completion/Reporting. The final phase of the audit involves overall evidence accumulation and drawing final conclusions. The auditors must determine whether the financial statements are presented fairly and whether all of the evidence supports the financial information presented. The auditors must also consider whether the extent of testing has been adequate in light of the risks and controls identified during the planning phase versus the results of procedures performed in the testing phases. A letter of representation must be obtained during the final phase of the audit. This is often considered the single most important piece of audit evidence because it includes management’s acknowledgment of responsibility for the fair presentation of the financial statements. Auditors have four choices from which to select a report that communicates the final conclusions of the audit. The four types of reports include an unqualified opinion, which states that the financial statements are fairly stated; a qualified opinion, which sets forth limited exceptions; an adverse opinion, which warns that the financial statements are not fairly stated; or a disclaimer, which explains that an opinion cannot be formed. When reporting on the effectiveness of internal controls, auditors must choose between an unqualified, adverse, or disclaimer opinion. ➢ Other Audit Considerations. o Different IT Environments. Auditors are responsible for understanding how information is managed so that it is reliable. A company’s computer systems may include mainframe and client-server systems, microcomputers and
- 28. 24 | P a g e personal computers (PCs), networks, database management systems, and/or e-commerce systems. PCs may face a greater risk of loss and therefore require strong controls such as locked hard drives, password protection, separation of operating and programming functions, backup procedures, and virus protection. All of the risks and audit procedures that apply to PCs are also likely to exist in networks, but the potential for loss is much greater because of the larger number of computers, users, and information involved in network operations. For database operations, it is especially important that a database administrator monitors access to the company’s data on a regular basis. In addition, since many users and many applications will share information in the database, the data must be organized and controlled consistently. Finally, companies that use e-commerce depend upon the reliability of other companies’ systems; external access controls are critical in such systems. An increasing number of companies use IT outsourcing, which places reliance upon an external, independent computer service center to handle all or part of the IT needs. Auditors must still gain an understanding of the internal controls surrounding such computer applications, which can be accomplished by testing controls at the service center or by testing around the computer. When companies use cloud computing, their auditors need to thoroughly understand the underlying technologies and related risks and controls. In addition to merely identifying the threats inherent in a cloud computing environment, it is particularly difficult to estimate their potential costs and overall impact. Exhibit 7- 11 presents the general areas of risk assessment that should be addressed by auditors, and some sample questions for each area. Useful guidance in conducting audit procedures for cloud computing is available from ISACA’s IT Assurance Framework, the International Organization for Standardization (ISO) user guides, and the AICPA’s Service Organization Controls (SOC) Framework. Auditors can perform their own testing, or they can rely upon SOC reports from a service provider’s auditors. The SOC 1 report addresses internal controls over financial reporting. A SOC 1 Type I report contains management’s assessment and the auditor’s opinion on the operating design of internal controls over financial reporting. A SOC 1 Type II report is an extension of the Type I report in that it also evaluates the operating effectiveness of those internal controls. A SOC 2 report considers controls over compliance and operations, including the Trust Services Principles of security, availability, processing integrity, confidentiality, and privacy of a service provider’s systems. Similar to the SOC 1 reports, the SOC 2 reporting options also allow for a Type I or Type II conclusion depending upon whether the auditor considers suitability of design or operating effectiveness of those controls, respectively. Finally, a SOC 3 report is an unaudited report that is available to the general public containing a CPA firm’s conclusion on the elements of the Trust Services Principles. o Changes in a Client’s IT Environment. When a company changes the type of hardware or software used or otherwise modifies its IT environment, auditors should consider applying tests of controls at multiple times throughout the period in order to determine the effectiveness of controls under each of the systems. Auditors must evaluate a client’s procedures for developing, implementing, and maintaining new systems or changes in existing systems. o Sampling versus Population Testing. Auditors must rely on sampling to test a limited number of items and then use these limited tests to draw conclusions about the overall control effectiveness and accuracy of transactions and account balances. There is always some risk that a sample may not represent the population as a whole. The rise in Big Data and increased use of continuous auditing techniques has led to auditors increasingly testing 100% of a population.
- 29. 25 | P a g e ➢ Ethical Issues Related To Auditing. The AICPA has established a Code of Professional Conduct to provide the foundation for ethical behavior expected of CPAs. The six principles of the Code include: • Responsibilities • The Public Interest • Integrity • Objectivity and Independence • Due Care • Scope and Nature of Services It is most important that auditors maintain objectivity and independence with respect to their client companies. Accordingly, they should not become too friendly with their clients or develop any financial relationships with them that could create bias. Internal auditors and IT auditors must abide by ethical standards established by the IIA and ISACA, respectively. The IIA Code of Ethics is founded on the principles of integrity, objectivity, confidentiality, and competency. Similarly, ISACA’s Code of Professional Ethics recognizes due diligence, objectivity, competency, communication, maintaining privacy and confidentiality, and serving in the interests of stakeholders. The Sarbanes-Oxley Act places restrictions on auditors by limiting the types of services they can provide for their audit clients. This is intended to promote objectivity in the conduct of their work by prohibiting the types of services that involve accounting work that is subject to an audit and other services that put auditors in a role of managerial decision making. The Sarbanes-Oxley Act also increased public companies’ responsibilities regarding the fair presentation of financial statements by requiring the following: • reporting on the effectiveness of internal controls. • management’s written verification of the fair presentation of the financial statements. • establishment of an audit committee to promote independence of the audit function. In fulfilling their ethical responsibilities, auditors must practice professional skepticism, which means that they should maintain a questioning attitude and persistent approach to evaluating evidence. This is important in order to increase the chances of detecting fraud, which may be especially difficult to find if perpetrated by managers who can override internal controls. Forensic audit testing performed by certified fraud examiners (CFEs) may be used in cases where fraud is suspected or is known to exist. Also in practicing professional skepticism, auditors should be careful about balancing the mix of audit procedures between tests of controls and substantive tests. Emphasis on computer processes and internal controls may lead to an over-reliance on the accounting system, which could be circumvented by management. Therefore, it is important to also perform substantive procedures that focus on the actual transactions and account balances that make up the financial statements. Accountants are sometimes called upon to perform a specialized type of assurance service called forensic auditing. Forensic auditing involves audit testing specifically for finding and preventing fraud, and is used for companies where fraud is known or believed to exist.
- 30. Another Random Scribd Document with Unrelated Content
- 31. almost dying words of the English boy-officer, Arthur Cheek, the ‘Martyr of Allahabad.’ But with the spirit of a soldier, Robert Tucker, the intrepid Judge of Futteypore, remained at his post, the only European among countless Natives, bent still on doing his duty. The night preceding the tenth of June he passed at his Cutcherry or Office; and in the early morning news was brought that his own house had been set on fire. He then tried to collect some of the landholders, to protect the Natives in the town, and their houses; but not all his efforts could prevent the burning of the latter. His next step was to ride off to the Jail, in the hope of securing the prisoners; but he was too late, the prisoners having been already set at liberty. Mr. Tucker fearlessly reprimanded the Jail- Guard; whereupon the Guard, belonging to a bad Cawnpore regiment, opened fire. Though every shot missed, Mr. Tucker must then have seen that all was up. Everything was in confusion; the Native officers would not support him; and he stood absolutely alone. He rode to the Cutcherry, no man daring to intercept him, and took up his position on the top; and for hours he remained, fearless and calm, awaiting his death. The day was intensely hot,
- 32. causing him to suffer terribly from thirst; and one of his horsekeepers at length brought him some milk,— a deed of mercy, which shows that one man at least was not devoid of gratitude. ‘There he remained during that fearful day,’ wrote Charlotte Tucker. ‘There, as evening was closing in, he made his last lion-like stand, when the fanatic Musselmans, bearing a green flag, the emblem of their faith, came in a fierce crowd to attack him.’ How many he shot as they advanced is not certain; some say twenty, or even thirty; but at length one of his assailants shot him in the head, and the moment he fell, they took courage to rush up the stairs and to finish their work. For Robert Tucker himself, cut off though he was in the very prime of life, there could be no regrets, except on the score of all that he might have done, had he lived. No man could be more ready than he was to go. But the blow fell heavily on those who loved him; and though for nine years he had not seen his children, whereby the sorrow to them was softened, yet the loss to their future could not but be great. ‘So he fell,’ wrote one who had escaped; ‘and in his fall the constant and fervent prayer of his latter days was answered, for he fell at the post of duty. All
- 33. who knew him well mourn in him the loss of a true and noble friend, generous even to prodigality, highly talented, a thorough gentleman, and an upright judge.’ Mention of this event was made at the time in the Journal Letter of Viscountess Canning,[6] worth quoting in addition to the above. ’ ... The story of Futteypore is a strange one. The whole country round was gone, and there was a large Sepoy guard in the treasury, and every reason to believe they would rise, so all the Europeans took to boats, and went away to safe stations down the river, and I think to Banda. Only Mr. Tucker, the magistrate, would not stir, and remained with fifty Sepoys and the treasury. He was son to the late Director, Sir George Tucker,[7] and was one of the four brothers whose names we hear constantly, and he was as brave as a lion. He had a deputy-magistrate—a Mohammedan—in a high position, treated as a gentleman, and in as high a place as a native could occupy, next to himself. To this man had been given a body of mounted police, and he undertook to keep the country clear between the great trunk road and the river for some distance. He did it admirably, and took delight in it, and sent in detailed reports up to the last. But when he heard of some more places being gone, he suddenly returned to the treasury, to which his position gave him access, dismissed the fifty Sepoys with a thousand rupees apiece, and then attacked Mr. Tucker with all his police force. Mr. Tucker was killed, after defending himself till he had killed with his own hand, some say sixteen, some twenty men. I suppose he had a whole battery of revolvers, and so kept his assailants at bay.’ Though Robert was gone, other brothers of Charlotte Tucker were still in hourly danger; and the
- 34. pressure of anxiety went on for months, as shown by letters of the time. TO MISS B. F. TUCKER. ‘Sept. 9, 1857. ‘I need not say how I long for tidings from India. Most especially do I desire news of Havelock’s precious little army. Upon its success, humanly speaking, may hang the safety of all our beloved ones in India.’ TO MRS. HAMILTON. ‘Sept. 19, 1857. ‘We are longing for our letters, but I do not think we shall get them till Tuesday. Dearest Mother tries not to think more of India than she can help, and has, I am glad to say, given up reading the papers, so we only give her the good part of the news verbally. I could not endure to be kept in the dark myself. I go every day to fetch the papers. I half live on them, and would far rather go without a meal than not see them.... We heard from poor dear Mrs. Thornhill to-day. She hopes that Henry and his wife are in Lucknow. Such a hope is not worth much, one would think.’ TO MISS B. F. TUCKER. ‘Sept. 21, 1857. ‘God be with our brave and beloved ones! My heart feels very low —worse than before the letters arrived. We hide from dear Grandmamma that Mirzapore is threatened. She only knows that the troops are there; not why they have been sent. N—— W—— has sent his dear wife and children to Calcutta. He feels so desolate without them, but takes the separation as a lesson from his Merciful Father to set his affections more on things above.... Does not your heart sicken for Lucknow?’
- 35. All through England hearts were ‘sickening for Lucknow,’ at this time. But the Cawnpore-like catastrophe, dreaded for Lucknow, did not come. The rescuing party mercifully arrived in time. As months went by, the Mutiny was stamped out from end to end of India; and no second Tucker was added to the roll of England’s martyrs there. Just before the outbreak Mr. Henry Carre Tucker seems to have requested that some copies of his sister’s books might be sent out to him for distribution: and an interesting letter was written by her on the subject to Messrs. Gall and Inglis. ‘July 17, 1857. ‘Sir,—I am glad to hear that the box is likely soon to be on its way to my dear brother. We have been in great anxiety on account of him and his family, as Benares, the station of which he is the head, with a population of 180,000, is one of the most wicked places in India, a “holy city,” a stronghold of fanaticism. My brother has taken a bolder part in upholding Missions, and spreading religious literature, than almost any one else in the country; therefore, if Benares had followed the example of Delhi, the terrible event might have been attributed to his excess of zeal. ‘The Almighty, to whom my brother attributes the glory, has hitherto watched over Benares in so marked a manner, that it remained quiet in the midst of disturbances; and my young niece has bravely ridden through it by her father’s side, giving confidence to the timid by her fearlessness.... But a few lines in the telegraph, read aloud in Parliament, informs us that the troops in Benares had
- 36. risen at last, and been driven out of the city with great loss. I await the next mail with intense anxiety. I have five brothers in India.’ It is interesting to know that Mr. Henry Carre Tucker devoted himself a year later to the task of helping forward in every possible way Missionary work in India, as a species of ‘Christian revenge’ for the death of Robert and the sufferings of his countrymen. He took a leading part in starting the ‘Christian Literature Society for India,’ and was for a while himself its Honorary Secretary. CHAPTER IX a.d. 1857-1865 LIFE’S EARLY AFTERNOON One-half of the life of Charlotte Tucker was now over; a quiet and uneventful life thus far. If we like, we may mentally divide her story into four quarters, each about eighteen years in length, corresponding to Early Morning, Noontide, Afternoon, and Evening. The first eighteen years of her Early Morning had been, perhaps, as bright and cloudless as the existence of any girl could well be. In the succeeding Noontide hours she had known still much of brightness, though they included her first great
- 37. sorrow, and ended with her second. Also, in the course of that Noontide she had entered upon her career of authorship, with all its hopes and aims, its hard work and its delights. Probably none who have not experienced it for themselves can quite understand the fascinations of authorship. Now she had passed her Noontide, and was entering on the hours of early Afternoon. Eighteen years of that Afternoon still lay between the dark days of the Indian Mutiny and her own going out to India, for the Evening of her Life,—the fourth and last eighteen years, which were to be the fullest and the busiest of all her busy days. We have first to do with the earlier portion of the Third Period; a period including much work, many interests, and some deep griefs. Between 1857 and 1866, however, lay a quiet stretch of everyday life, distinguished by no rocks or rapids. The river flowed on peacefully for a while. Life at No. 3 continued much as it had been in years past. Many friends were in and out, and were always cordially welcomed. Mrs. Tucker, since her husband’s death, had made one difference, in that she no longer gave dinner-parties; but luncheons were in full swing, to any extent; and Charlotte’s
- 38. powers of entertaining were still in abundant requisition. No better place can well be found than this for part of a letter to A. L. O. E.’s nephew,—the Rev. W. F. T. Hamilton, son of her favourite sister,—from Sir Francis Outram, son of General Sir James Outram, of celebrated memory. ‘June 25, 1894. ‘My recollections of No. 3 Portland Place and of its typically kind inmates carry me back just half a century. But they are very clear, though, I regret to add, only of a general and intangible character. ‘Mr. Tucker I recall with grave respect, unmingled with awe, as evidently one of the wisest and most influential of my Parents’ proved friends. Mrs. Tucker retains an honoured place in memories of these and later days as the kindest and most liberal of “old aunts,”—so she desired me to designate her, and at once adopted me into her very large circle of favoured nephews and nieces,—the inexhaustible source of varied goodnesses, especially such as were of the most approved edible nature. ‘Their sons I cannot recall, except as the genial and trusty friends of later life. But the five daughters of the house none of us who enjoyed their unselfish kindness at all stages of our youth can ever forget. ‘Of the two who ere long became successively “Miss Tucker,” however, you would alone wish me to speak. They cannot be dissociated in the memory of the generations of young people, whose privilege it was to be entertained and gratified by their unwearied attention throughout many a long holiday afternoon and evening, while stuffed by Mrs. Tucker ad libitum with all the best things of the season.
- 39. ‘As we grew older, we not only more fully understood the exceptional boundlessness of old-fashioned hospitality and kindness which that house and household exemplified thoroughly, but we came to understand somewhat of the heart-source whence issued that truest manifestation, of “everyday religion,” which evidences itself in an absolutely unselfish consecration,—consistent, unreserved, and essentially practical,—for everyday wear, and not only under “stimulating environments.” Such was the life’s lesson which our association with these two now ageing sisters suggested to us. ‘Miss Charlotte had, as you know, much of the Romantic in her composition.... In person she was always slight, and somewhat fragile-looking. Indeed, both she and Miss Fanny gave one the impression of being too incessantly though quietly busy about everything that promoted the happiness of other people, to ever become stout, or to cultivate dress and appearances, beyond what was consistent with the aims and duties and requirements of a fully occupied home-life. ‘Mrs. Tucker could not quite keep pace with the new-fashioned unconventionalities of “young-lady work” in London; and one of the object-sermons, which most impressed me in my College days, was the beautiful self-restraint which these two sisters—no longer young —imposed upon themselves, in deference to their aged Mother’s wishes, in regard to that outside work which inclination, or one might say conviction, as well as opportunity and qualifications, impelled them to participate in. ‘Still the unbounded hospitality of the “open house” in Portland Place went on; and still they were content to devote their time, talents, and energies to successive generations of juveniles and elder guests, without a murmur.’ One can well believe that the self-restraint had to be severe in Charlotte’s case, with her abounding
- 40. energies, and her eager desires for usefulness. But she patiently abided her time; and she did not wait in vain. These were years of quiet preparation. In appearance at this time Charlotte was, as ever, tall and thin,—decidedly tall, her height being five feet six inches, or two inches over her Mother’s height, and only one inch short of her Father’s. She had still as of old a peculiarly elastic and springy mode of walking; and while possessing no pretensions to actual good looks, there was much charm of manner, together with great animation. Still, as ever, she threw herself energetically into the task of entertaining others, no matter whether those ‘others’ were young or old, attractive or uninteresting. This at present was a main duty of her life, and she never neglected or slurred it. Still, as ever, she was guided and restrained by her Mother’s wishes, yielding her own desires when the two wills, or the two judgments, happened to lie in opposite directions. Although not really fond of work, Charlotte was a beautiful knitter. She would make most elaborate antimacassars, of delicate lace-like patterns, invented by her own busy brain; and while working thus she was able to read Shakespeare aloud. Her Father had loved Shakespeare, and Charlotte had early caught the infection of this love, never afterwards to lose it.
- 41. Visiting in the Marylebone Workhouse went on steadily; she and Fanny usually going together, until Fanny’s health began to fail, which was probably not until after 1864. Fanny was par excellence the gentle sister; very sweet, very unselfish; always the one who would silently take the most uncomfortable chair in the room; always the one to put others forward, yet in so quiet and unobtrusive a fashion that the fact was often not remarked until afterwards. Of Charlotte it has been said by one who knew her intimately,—‘I wonder whether before the year 1850 any one has described her as “gentle.”’ The gentleness, which was with Fanny a natural characteristic, had to be a slow after-growth with the more vehement and resolute younger sister. Many a sharp blow upon the golden staff of her Will was needful for this result. As an instance of Fanny’s peculiar gentleness, it is told that one Sunday, when she saw a man trying to sell things, she went up and remonstrated with him, speaking very seriously, but in so mild and courteous a manner, so entirely as she would have spoken to one who was socially on her own level, that he was utterly unable to take offence. She was also very generous, giving liberally to the poor out of her limited dress-allowance, in earlier girlish days. This same generosity was a marked feature in the
- 42. character of Charlotte; perhaps especially in later years. Fanny was of middle height, and thin, with dark eyes; very neat and orderly in her ways, wherein she was the opposite of Charlotte, who was famed for untidiness in her arrangements. Charlotte was, however, methodical in plans of action, and in literary work; and later in life she seems to have struggled hard after habits of greater tidiness, as a matter of principle. But in middle life she could still speak of her drawers as—at least sometimes—supplying a succession of ‘surprises.’ Her ‘little Robins’ were now growing up, an ever- increasing care and interest to her loving heart; and the devotion which she felt for Letitia was of a most intense nature. The two boys were of course much away at school; but Letitia was always with her,— until the year 1865, when it was decided that she should go out to her uncle, Mr. St. George Tucker, in India. Moreover, many other little nieces and nephews had a warm place in the life of ‘Aunt Char,’ none more so than the children of her especial sister- friend, one of whom was her own god-child. Side by side with innumerable home-duties and home-pleasures went on the continual writing of little books for children; one or two at least appearing
- 43. every year. The amount of work in one such volume is not heavy; but A. L. O. E.’s other calls were many. And she was not writing for a livelihood, or even for the increased comforts, whether of herself or of others dependent upon her; therefore it could not be placed in the front rank of home-duties. The Tuckers were sufficiently well off; and Charlotte is believed to have devoted most or all of the proceeds of her pen to charitable purposes. To secure a certain amount of leisure for work, she accustomed herself to habits of early rising. Her Mother had always strongly objected to late hours, making the rule for her girls,—‘If you can, always hear eleven o’clock strike in bed.’ Charlotte is said to have made her a definite promise never to write books late at night; and through life this promise was most scrupulously adhered to. Since she was debarred from late hours, and since in those days she could never be sure of her time through the day, early morning was all that remained to her. Punctually, therefore, at six o’clock she got up,—like her hero, Fides, conquering Giant Sloth,— and thus made sure of at least an hour’s writing before breakfast. In winter months, when others had fires at night in their bedrooms, Charlotte denied herself the luxury, that she might have it in the morning instead for her work. The fire was laid over-
- 44. night, and she lighted it herself when she arose; long before the maid came to call her. Later in the day she wrote if she could and when she could. No doubt also she found many an opportunity for thinking over her stories, and planning what should come next. She usually had the tale clear in her mind before putting pen to paper; so that no time was lost when an hour for actual work could be secured. A sitting-room behind the dining-room of No. 3, called ‘the parlour,’ was by common consent known as her room. Here she would sit and compose her books; but she made of it no hermitage. Here she would be invaded by nieces, nephews, children, anybody who wanted a word with ‘Aunt Char.’ And she was ready always for such interruptions. Writing was with her, as we have seen, not the main business of life, but merely an adjunct,—an additional means of usefulness. Since she had secured the one early uninterrupted hour, other hours might take their chance, and anybody’s business might come before her own business. With all these breaks, and in spite of them, she yet managed in the course of years to accomplish a long list of children’s books.
- 45. One of the said nieces, Miss Annie Tucker, writes respecting certain visits that she paid to her grandmother, Mrs. Tucker, at Portland Place:— ‘In each of these visits it was always my beloved Aunt Charlotte who entertained me,—if I may use the word,—though I was a mere child; and she did it just as if I were a grown-up person. I could never see that she took less pains to interest me than she did to please the many grown-up people who called. She usually entertained us in her room behind the dining-room, so that my grandmother should not be wearied too much. ‘How often have I gone in and out of her room, with a freedom which now almost surprises me! but she never seemed interrupted by my entrance. I have seen her put down her pen, though she was evidently preparing MS. for the press, and attend to any little thing I wanted to say, without one exclamation of vexation or annoyance, or a resigned-resignation look, that some people put on on such occasions, at her literary work being put a stop to. And yet I am sure that was not because she did not mind being interrupted.’ It is not for a moment to be implied that all hard toilers in life are bound to follow precisely here the example of A. L. O. E. Circumstances differ in different cases. Often the work itself is of supreme importance; the interruptions are unnecessary and undeserving of attention. If everybody worked as Charlotte Tucker worked at that particular period, the amount accomplished would in some cases be very small, and in other cases, where undivided attention is essential, the result would be absolute failure. In her case the literary work was of a simple
- 46. description, and the home-calls appeared to be distinctly first in importance. But the spirit which she showed was well worthy of imitation. Many, whose favourite occupations are, to say the least, no whit more pressing than were her books, are exceedingly tenacious of their time, and exceedingly impatient of interruptions; and with too many the home-calls come second to all personal interests. It was far otherwise with Charlotte Tucker. Whatever had to be done, she was ready to do it,—not one iota more ready to write her books, or to visit in the Workhouse, than to teach the ‘Robins,’ to amuse visitors, old or young, to entertain guests at dinner or luncheon, to take her part in a family ‘glee,’ to join in merry games, to conduct friends on sight-seeing expeditions. No matter what it might be, she did it willingly, throwing her whole energy into the matter in hand, always at everybody’s service, never allowing herself to appear worried or bored. Despite her somewhat fragile appearance, and an appetite commonly small, there must have been a marvellous amount of underlying strength,—of the ‘wiriness’ which often belongs to delicate-looking people. If tired, she seldom confessed the fact, and never made a fuss about it. Her extraordinary vitality and mental vigour carried her through what would have entirely laid by many another in her place.
- 47. The following extracts are from letters ranging between 1861 and the beginning of 1866:— TO MRS. HAMILTON. ‘Nov. 6, 1861. ‘Will you kindly tell my Letitia that I have put up her paint-box, to be sent to Somerset House, as I dare say that your dear husband will kindly take charge of the little parcel.... ‘The weather here has not been very choice. We had candles at luncheon yesterday. We make ourselves very happy, however, by vigorous reading. In the evening we discourse with Queen Elizabeth, Leicester, Paul Buys, and Olden Barneveldt, etc.; in the morning we go out hunting with M. Chaillu, plunging amongst hippopotami and crocodiles, demolishing big black serpents, or perhaps capturing a baby-gorilla, more troublesome than dear Edgy himself. ‘We are all just now in a state of indignation about your pork! Don’t suppose that it is any fault in the pork; on the contrary, it is acknowledged to be the most “refined” pork ever known; and Mother says that if she shut her eyes, she would not know that she was not eating chicken!! We had a beautiful roast of it one day at luncheon; and Mother cut off a choice bit, to be reserved for our table, cold, while the servants were indulged with the rest of that joint. To-day Mother asked for our reserved bit. Would you believe it?—those dreadfully greedy servants had eaten our bit as well as their own, though they had legs of mutton on Friday and Saturday, and a 22 lb. joint of roastbeef on Sunday! Do you marvel at our indignation? Mother means to call some one to account. She puts all the pathos of the question upon me. Miss Charlotte to be disappointed of her reserved bit of pork! I can hardly keep my countenance, but of course must not disclaim my interest in the question. These greedy servants must be kept in order. It is not for nothing that we read of valiant encounters with alligators and hippopotami.’
- 48. TO MRS. HAMILTON. ‘Dec. 3, 1862. ‘Dearest Laura,—We at last opened our piano, and your song has been thoroughly examined. The result is that some parts are much liked. Clara was so much pleased with the verse about the Rose, that after singing it over for Mother’s benefit she sang it three times over for her own. The words are not worthy of the music; it ought to be sacred; and I intend to copy it out in my own little music-book as a hymn, so that its interest will not die away with that of the bridal.[8] The part next best liked is the Shamrock verse; and if I might venture a suggestion, I think that the whole of the “We hail thee” might be set to it; only the “glittering” accompaniment must be confined to the Shamrock verse. I think people often like the repetition of one air over and over, far better than a great variety. The air is flowing and attractive, and there is no harm in its brevity. The first part, “We hail thee,” has a transition, which we fear that the rules of thorough-bass might not permit; and the Thistle is hardly equal to either the Shamrock or the Rose,—of which, you see, I would make a separate song and hymn. If you would write out the song to the music of the former, I do not see why we should not try to get it accepted by a publisher. I hope that you will excuse my thus venturing to criticise your song and so unmercifully to cut it short. ‘I will give on the next page the words which I propose putting— for my own use—to the hymn part. Very little alteration will make them go very well to the air, for I have tried them; and the repetition of the last words, which your sweet music requires, suits lines the whole emphasis of which falls on the closing words; at least I fancy so.’ The lines following are given here, not exactly as they appeared in the letter, but in the corrected and
- 49. improved form which afterwards appeared in print with the music:— ‘The Lord He is my strength and stay, When sorrow’s cup o’erflows the brim; It sweetens all if we can say, “This is from Him!” All comfort, comfort, flows from Him. ‘When humbly labouring for my Lord, Faint grows the heart and weak the limb, What strength and joy are in the words, “This is for Him!” ’Tis sweet to spend our strength for Him. ‘I hope for ever to abide Where dwell the radiant Seraphim; Delivered, pardoned, glorified; But ’tis through Him! All light and glory flow from Him. ‘Then welcome be the hour of death, When Nature’s lamp burns low and dim, If I can cry with dying breath, “I go to Him!” For Life Eternal flows from Him.’ TO MISS BELLA F. TUCKER. ‘Feb. 11, 1862. ‘I have read your touching account of your most sorely afflicted friend with great interest. I visit the Imbecile Ward,[9] and I fear that she must be in the Insane Ward; but I will be sure to make inquiries, and perhaps I may find that I can follow her thither. I am not timid.
- 50. Very very glad should I be to impart any comfort in such a case of awful distress; but I fear that she may not understand even sympathy.’ TO THE SAME. ‘Feb. 26, 1862. ‘I went to our afflicted friend.... I talked to her as comfortingly as I could, and told her that I thought this sad trial might be sent that she might be like Christiana, walking on a Heavenward path, with all her children with her. I was glad to draw forth one or two tears, for tearless anguish is the most terrible. She said that she prayed the Lord to take her. I did not think that a good prayer, but suggested that she should ask the Lord to come to her, as to the disciples in the storm. She has promised to repeat the two very little prayers, “Lord, come to me”; and “Lord, make my children Thine, for Jesus’ sake.” It was touching to hear her repeating softly, again and again, —“Make me Thine! make me Thine!”’ TO THE SAME. ‘March 25, 1862. ‘Though still very low to-day, Mrs. —— did not seem to me to be inaccessible to religious comfort. I fancied that there was a little lightening of the darkness.... I do not know of anything that she wants. I have supplied her with working materials. Perhaps a little book with pictures in it is as good as anything, as amusing without fatiguing the mind.... I know the beautiful large texts that you allude to; but I do not know where they could well be fixed in the Insane Ward. They are more, I think, for the bedridden.’ TO MRS. HAMILTON. ‘Gresford, Sept. 13, 1863.
- 51. ‘I thought of you as I stood on the soft green slope down to the water, and looked on the bright little stream, with its white foam sparkling in the sunlight. How much of its beauty it owes to the pebbles that fret it; and how much of its rapidity to the fall in its course. But in our lives, how we—at least I—shrink from the pebbles! How we would fain have all glassy smooth,—though Nature itself teaches us that then it would become stagnant. The “sea of glass” is for another world.... ‘I sometimes think that consoling is one of the most delightful employments given to God’s servants. It is pleasanter than teaching; far far more so than reproving others, or struggling against evil, or examining our own hearts. You were a comfort to poor dear ——, and I dare say that the sense of being so lightened your own trial of parting. I would give a great deal to have your influence with ——; but the Almighty has not been pleased to grant me this. Perhaps He will some day.’ TO THE SAME. ‘July 29, 1864. ‘I want particularly to know whether, in case I see my way to gaining money by it for some religious or charitable purpose, you will make me a present of that little bit of your welcome to the Princess which I have turned into a hymn. Also whether you would mind Mrs. Hamilton’s name being published on it. The hymn has been ringing so in my ears, and with such a soothing effect when I did not feel particularly cheerful, that I should like others to have the same comfort. I have made inquiries as to the cost of printing and publishing it.... Being very short, I do not think that much could be asked; and this is perhaps the gem of your music. I do not want it to be done at your expense, but at my own, and to manage everything after my own fashion,—but I cannot plunder you either of your music or your name without your leave.... ‘Dear Fanny is better, though still prisoner to her room. She has had a sharp attack of fever; and I am afraid it will be difficult to
- 52. throw off the cough. The rest of our party are well, as I trust that I may find you and your dear circle.’ TO THE SAME. ‘Aug. 1, 1864. ‘Your and your dear husband’s sweet notes quite added to the cheerfulness of our breakfast-table. Even Fanny did not appear knocked down by your tender scolding. She, for the first time since Tuesday, came to breakfast. She still needs great care, for the cold was on her chest, and even speaking is liable to make her cough. Mother highly approves of your plan of coming to town. She desires me to say that she knows that her face is before you, as yours is before her. Dear Fanny will probably not start for Brighton till Wednesday week, so she will have the pleasure of welcoming you, and I am sure that you will try not to let her be loquacious.... ‘Many thanks for your kind present of the music. I am going to have it printed by converted Jews, and the entire profits devoted to the Society for the Conversion of Jews; so that it will be a little offering from us both to one of the holiest of causes.... I take the expense of the edition of 500 copies. They are to be sold for 1s. apiece; so if all are sold there is a contribution of £25 clear to the Society.... I am rather hopeful that the whole edition will go off before Christmas; for one shilling is not a formidable sum, especially when people can get a new song and help a good cause at the same time.... I take great pleasure in this little piece of business. I have been quite haunted by the music. I am ordering the plate to be preserved, in case of a Second Edition being required. So Mrs. Hamilton is going to come out as a Composer!’ TO MISS ‘LEILA’ HAMILTON.[10] ‘March 31, 1865. ‘My dear God-daughter,—I shall like to think of you particularly to- morrow, because it is the Anniversary of the day when your dear
- 53. parents in church solemnly presented their precious little first-born babe to God; and I stood there to answer for her. Dear Leila, may each return of that day find you drawing nearer and nearer to Him who said, “Suffer the little children to come unto Me.” If we could only feel in our hearts that He really does love us, and that He deigns to care whether we love Him, what a motive it would be for doing everything as in His sight! We are too apt to think of our Saviour as very far off, and with so many to care for that we are almost beneath His notice. But this is wrong. The Sun shines and sparkles on every dewdrop in a field, as much as if it were the only dewdrop in the world. He does not pass it over, because it is little; he makes it beautiful in his light, and then draws it up towards himself.... I wish that I could come and pay you a visit; but I do not see how I am to leave Grandmamma as long as dear Aunt Fanny is an invalid. I seem wanted at home.’ It may have been somewhere about this year, or not very long before it, that Charlotte wrote the following pretty and graceful lines:— ‘Each silver thread that glitters in the hair, Is like a wayside landmark,—planted there To show Earth’s pilgrims, as they onward wend, How nearly they approach their journey’s end!’ CHAPTER X a.d. 1864-1866 A HEAVY SHADOW
- 54. The afternoon shadows were again to darken around Charlotte Tucker; and one blow after another had to fall. Her mother was growing old, and in no long time would be called away. The health of her gentle sister, Fanny, had begun to fail, never to be entirely restored. But a yet sharper sorrow, because utterly unlooked for, was to come before the loss of either her mother or her sister, like a flash of lightning into the midst of clear sunshine. Of all the many whom she dearly loved, none perhaps lay closer to her heart than Letitia, the only daughter of her brother Robert,—the youngest of ‘the Robins.’ The two boys were now out in the world, one in India, one at sea; but Letitia hitherto had never left her, except for visits here or there among relatives and friends. One who knew them both well describes the contrast between aunt and niece at this period,—Charlotte Tucker, ‘so upright and animated, very thin, fair, with auburn hair, not very abundant, but which curled slightly, naturally,’— and Letitia, ‘grave, with beautiful dark eyes and hair, and rather dark complexion.’ Another speaks of Letitia as tall and handsome, with dark eyes, dark chestnut hair, regular features, and sweet smile. The gravity seems to have been a marked characteristic of this gifted young girl. From very babyhood she was earnestly religious, and of a
- 55. peculiarly serious temperament; though at the same time energetic and sometimes even lively. She had not her aunt’s spirit of fun; but the two were alike in generosity and in determination. Perhaps Charlotte Tucker’s training had especially developed these traits in her niece. A favourite proverb of Letitia’s was —‘Perseverance conquers difficulties’;—and it would have served equally well for A. L. O. E. Letitia was also very fond of little children, and she worked much among the poor. She was an exceedingly good and fearless rider; and at twenty years old there was already promise of a literary gift. Her passion for reading was so great that Hallam’s History was a recreation in her eyes. She had written at least one short story, which had found its way into print, and many pretty, simple verses, chiefly of a religious character. One of her hymns, composed at the age of eighteen, may be given here:—
- 56. ‘My soul was dark, for o’er its sight The shades of sorrow fell;— In Thee alone there still was light, Jesus, Immanuel! ‘And all around me and above There hung a gloomy spell;— I should have died without Thy love, Jesus, Immanuel! ‘For in my sinking heart there beat An ever-sounding knell;— But still I knew the “promise sweet,” Jesus, Immanuel! ‘I looked to Thee through all my fears, The pain and grief to quell;— Thy Hand hath wiped away my tears, Jesus, Immanuel! ‘I heard a low, “a still small voice,” Soft whisper, “It is well”;— And knew the Saviour of my choice, Jesus, Immanuel! ‘And still, o’er all life’s changing sea, In calm or stormy swell, I’ll look in faith straight up to Thee, Jesus, Immanuel!’ On November 28, 1864, Letitia left English shores, to join her uncle, Mr. St. George Tucker and his family, in India. Letters of Charlotte Tucker, referring
- 57. to the event, have not come to hand; but she must have felt the separation very keenly, whatever might have been the precise reasons which led to the move. Letitia had now been practically her child for eighteen years; and a close tie existed between the two. But no doubt Charlotte looked upon the parting as of a very temporary nature; as merely sending her child away for a longer visit than any preceding. The real anguish of separation came a year later, when suddenly the young girl was summoned to her true Home. The few following extracts lie between these two dates,—the going of Letitia to India, and the tidings of her death. TO MISS ‘LEILA’ HAMILTON. ‘Jan. 3, 1865. ‘Many thanks, my dear Leila, for your affectionate note.... There was another nice cheerful note from my Letitia to-day. She wrote it when on the Red Sea, which she evidently found very warm, for she described the ship as a “hothouse,” and said that she and her fellow- passengers would be “fine exotics” before they arrived. There had been two Services on board on Sunday, and Letitia had heard two excellent sermons. Mary Egerton had her harmonium on board, which had been brought up from the hold, so there was nice hymn- singing too. How sweet the music must have sounded on the water! I think that, steaming over the Red Sea, one would have liked to have raised the song of the Israelites—
- 58. “Sound the loud timbrel o’er Egypt’s dark sea, Jehovah hath triumphed, His people are free!” ‘My dear sailor is to leave us on the 17th or 18th for China. I believe that he is to travel part of the journey in the same vessel as the Cuthbert Thornhills, who were to have taken charge of Letitia had our first arrangements held good. They will have one Robin instead of the other. Poor dear Mrs. Thornhill, what a sad parting is before her! I had a loving note very lately from my Louis. He fears that he will not get leave to see his dear sister for a twelve-month. ‘The weather here has been chilly. None of the ladies have ventured out of the house since Saturday; but Charley has in vain longed for skating. Ice forms, then melts again. Dear Grandmamma keeps wonderfully free from cold; but then she remains in the house.’ TO MRS. HAMILTON. (Undated.) ‘My loved boy left us yesterday, quiet and firm, shedding no tear. We (Mamma) had a little note from him this morning,—such a simple one,—you might have fancied that he had only left us for a week. Dear boy! I trust that he is going into sunshine; above all I hope and pray that his Father’s God will ever be with him. It would not have been well for him to have remained much longer in London with nothing particular to do. Active life is most wholesome to a fine strong man like my Charley.... ‘Dear Mother keeps well. Sweet Fan I cannot give so good an account of. I have urged Mother to have further advice; and I believe that there will be a little consultation on Friday; but perhaps you had better not write about this, except to me.’ TO THE SAME. ‘Nov. 15, 1865.
- 59. ‘What a bright account you give of your dear busy young party! Tell dear Otho that I shall be charmed if he makes the discovery of a magenta-coloured caterpillar, or a mauve earwig; and that as it will be ten times as curious as the Spongmenta Padella, it ought to have a Latin name ten times as long. I don’t despair of the great sea- serpent Did I tell you that dear Mrs. Thornhill had, when a girl, conversed with a Mrs. Hodgeson, wife of one of the Governors of our West Indian possessions, who had watched the movements of two that were fighting in the waves for about ten minutes? “’Twere worth ten years of peaceful life, One glance at such a fray!—” I took down the particulars, as I thought them very curious.... ‘This is my sweet Letitia’s birthday; she is just twenty.... My Letitia is going to pay Louis a visit at Moultan.’ No foreboding whisper in her heart spoke of what that visit to Moultan, so lightly mentioned, would mean to them all. When the two next letters were penned, little as Charlotte dreamt of what was coming, the blow had already fallen, and Letitia had passed away. TO MRS. HAMILTON. ‘Jan. 2, 1866. ‘May the best blessings of the opening year rest upon my beloved Laura, and her dear circle. ‘I hope that dear Leila received my Rescued from Egypt in the Christmas box. I put it up for her, and to the best of my knowledge it went to Bournemouth; but as neither she nor you have mentioned
- 60. seeing it, I feel half afraid that in some way I cannot imagine it has missed its destination, and the dear girl has fancied that when sending little remembrances to her brothers I had forgotten her. ‘Such a delightful budget of letters I had from Letitia by last Southampton mail! She writes that she is “very very happy.”’ TO THE SAME. ‘Jan. 3, 1866. ‘I feel that I have not said half enough to your dear husband for his splendid book. I was in such a hurry to write and thank him, that I only gave myself time for a cursory glance.... Dear Fanny enjoyed looking at the pictures with me; and to-day I carried up my book to dear Mother, that she might have the pleasure also. She admires your dear husband’s gift greatly, and we agree that it is just the book to take to the Cottage. It seems to be quite a treasure of curious and interesting knowledge; a volume to keep for reference as well as for perusal. Do thank dear Mr. Hamilton again for me, and tell him that I consider Homes Without Hands as a family acquisition. ‘We are all much in statu quo. Our time is now passing swiftly and pleasantly. Mother looks so bright and bonny and young! We were talking together to-day of your and your dear husband’s kindness to sweet Fanny. I am sure that it has not been lost.’ Then came the mournful news; and a hasty short scrawl conveyed the first intimation of it from Charlotte Tucker to her niece, ‘Leila’ Hamilton; a note without any formal beginning:— ‘Break to your sweet Mother and Aunt Mina that God has taken my darling Letitia. His Will be done,—Your sorrowing Aunt, ‘C. M. T.
- 61. ‘All was peace,—smiling!’ The illness had been short,—a severe attack of erysipelas, while Letitia was in her brother’s house at Moultan. Somewhat early in the illness she had said, —‘I am sure I shall die; but one ought not to mind, you know.’ While delirious she was heard to say distinctly,—‘Ta,’—her pet name in the past for her aunt Charlotte; but the message, if there were one, could not be distinguished. After much wandering, she regained sufficient consciousness to assure those around that she was suffering no pain; and five or six times she repeated to her brother,—‘I am very fond of you!’ This was on a Wednesday. The next day, Thursday, she was too weak for speech; though in the morning, recognising her brother, she gave him a sweet smile. Thenceforward the dying girl was entirely peaceful; as said by one of those present,—‘constantly smiling. Her whole face was lighted up as with extreme pleasure.’ All day this continued, as she slowly sank; the face remaining perfectly calm and untroubled; till at length, when she passed away, soon after eleven o’clock at night, ‘she ceased to breathe so gently that she seemed to have fallen into a deep sleep.’ But the placid smile was still there, unchanged, till the sweet young face was hidden away.
- 62. Charlotte Tucker, writing to her sister, Mrs. Hamilton, about these sad particulars, which yet were not all sad, observed:— ‘I am sure your heart has been aching, and your eyes have been weeping. Such a sudden—such an unexpected stroke! But God is Wisdom and Love.... ‘Darling—my own darling Letitia! Oh, when she looked so happy, did she not see the angels—or her beloved Father—or the Bedwells and old Rodman whom she had so tended,—perhaps all coming to welcome her,—or the loving Saviour Himself? I do not grudge her to Him; but oh, what a wealth of love I have (apparently) lost in that one young heart! Her last parcel of letters to me contained sweet commissions for her poor.... I dare say that I shall hear from you to- morrow; but it is a relief to me to write now to you, who were so kind and dear to her. I went out before breakfast this morning. A thrush was singing so sweetly. I saw the first crocus of the year. My flower,—my lovely one,—she may now be singing in joy, while we sit in sorrow.’ This letter was dated January 21; and three days later another went to Mrs. Hamilton, not from Charlotte, but from Fanny:— ‘My own dearest Laura,—Your dear letters have been very soothing to our Charlotte, and have helped to remind her of the mercies mingled with the bereavement. The sure sweet hope that her darling is safe, and for ever happy, has been her strong consolation; and God is mercifully supporting her, I am thankful to say. Last Sunday she went both to Church and to the Workhouse. ‘I am thankful to be near her, to minister to her,—but wish I were a better comforter, such as you would have been, dear.