Home / Courses / ACC675
Southern New Hampshire University

ACC675: Control/Audit of Accounting Info System

A complete guide to SNHU's ACC-675 Control/Audit of Accounting Info System, covering the technical training auditors need to understand information technology's role in internal control over financial information, and how to comply with Sarbanes-Oxley Section 404.

GraduateSNHUIT Auditing & SOX ComplianceAPA 7th Edition

New auditing and quality control standards adopted by the PCAOB and AICPA require auditors to have adequate technical training and understand the role information technologies play in maintaining effective internal control of financial information. ACC-675 gives auditors the knowledge to comply with Sarbanes-Oxley Section 404 by testing the process, not just the product, of the financial information system.

Testing the process, not just the product

ACC-675's central idea is that a reliable financial information system depends on the process producing the numbers being sound, not just the final reported figures looking correct — which is exactly what SOX Section 404 requires auditors to attest to regarding internal control.

Applying ISACA and PCAOB standards

The course covers transcribing financial processes into narrative and flowcharts to identify gaps that could produce material weaknesses, summarizing the advantages and disadvantages of different EDP (electronic data processing) systems, performing substantive testing, and interpreting standards from ISACA and the Public Company Accounting Oversight Board.

Key topics in ACC675

Working on your ACC-675 assignments?

Our accounting experts help with ACC-675 IT auditing and SOX compliance assignments and process flowchart projects.

Get Expert Help

Worked example: process flowcharting revealing a material weakness

  • Formalized process on paper: States that two people must approve every large disbursement
  • Flowcharting the actual system: Reveals the accounting software doesn't technically enforce this — a single user could bypass it
  • Material weakness identified: The stated control and the actual system don't match
  • Lesson: ACC-675 teaches that testing the process itself, via flowcharting and substantive testing, catches gaps that simply reviewing final reported numbers never would

Get Help With ACC675

SNHU ACC-675 IT auditing and SOX Section 404 compliance assignments.

Place Your OrderView All Services

Related courses

Frequently asked questions

Why does Sarbanes-Oxley Section 404 specifically require auditors to test the process behind financial information, not just the resulting numbers?

SOX Section 404 requires management and auditors to attest to the effectiveness of internal control over financial reporting, and a set of financial statements can appear correct in a given period purely by chance or through undetected manual intervention even if the underlying process generating them is genuinely unreliable. ACC-675 teaches process-focused testing — transcribing processes into flowcharts, performing substantive testing of the system itself — specifically because SOX 404 compliance depends on auditors verifying the process is sound and repeatable, not just confirming that this particular period's output happened to look right.

Why does ACC-675 require auditors to understand information technology specifically, beyond traditional accounting and auditing knowledge?

Modern financial information overwhelmingly flows through electronic data processing systems, and internal controls over that information — access restrictions, automated approval workflows, system-enforced segregation of duties — are implemented in the technology itself, meaning an auditor who doesn't understand how the underlying IT system actually works can't meaningfully evaluate whether its controls are genuinely effective. ACC-675 covers this because the PCAOB and AICPA standards it's built around specifically require this technical IT competency as part of adequate auditor training in a technology-driven financial reporting environment.