IDW PS 850

What is IDW PS 850?

IDW PS 850 is a renowned auditing standard issued by the Institute of Public Auditors in Germany (IDW). This standard focuses specifically on auditing in the context of the use of information technology. It places particular emphasis on how the project-related audit of IT-supported accounting should be assessed during its development and introduction. It is interesting to note that this audit can also be carried out independently of the audit of a company's financial statements. The main focus of the standard is on the decisions made by management with regard to the actual systems and their compliance with generally accepted accounting principles (GAAP).

Structure and content of IDW PS 850

IDW PS 850 is organised in a methodical and structured manner. The introduction clarifies the scope and objectives of the standard. A special section on responsibilities clearly defines the roles of auditors and company management. A further section provides detailed instructions for the audit procedures required to assess going concern. The assessment and conclusions are dealt with in a separate section, and finally there are clear reporting requirements in the audit report. There are often also appendices that provide additional explanations or examples.

Phases of the IDW PS 850 audit

The IDW PS 850 audit is divided into different phases to ensure that all aspects of the IT project are thoroughly reviewed:

• Definition phase: this is where the requirements specification is reviewed, in particular whether defined requirements have been taken into account, necessary controls have been provided, proper procedural documentation has been provided and legal requirements have been observed.

• Design phase: In this phase, the auditor must derive the documentation for the realisation phase from the results of the definition phase. This includes functional and technical specifications, capacity and performance requirements and, if necessary, specific security concepts.

• Realisation phase: The focus here is on checking compliance with programming guidelines and the effectiveness of the project's internal quality assurance measures.

• Analysis phase: The evaluation of the selection process checks whether the selection procedure, security and control standards, responsibilities and competences as well as reporting and documentation requirements have been observed.

• Design and customising phase: This phase checks whether a software certificate in accordance with IDW PS 880 n. F. (01.2022) is available and whether typical audit procedures such as company-specific posting rules and account determinations have been taken into account.

• Test phase: The assessment in this phase focuses on whether the test plan adequately covers all programme functions and whether the test results were documented in a comprehensible manner.

• Data migration phase: In this phase, the auditor must carry out a suitable functional test.

• Go-live phase: This phase checks whether the requirements for going live have been met and whether the necessary adjustments have been made to the IT control system.

Groups involved in the IT project

There are various groups that can be involved in the IT project:

• Internal audit: If these or similar organisational units are involved in the IT project, the audits they have carried out should be recorded. The auditor accompanying the project can take these results into account when planning his audit measures.

• Consultation of experts: Experts should be consulted in the event of unclear issues. However, their findings must not be accepted blindly, but must be critically evaluated.

Structure of the report in accordance with IDW PS 850

A report in accordance with IDW PS 850 should have the following structure:

• Engagement and performance of the engagement

• Client

• Subject of the audit

• Description of the IT project and delimitation of the subject matter of the audit

• Project-related IT infrastructure (test system)

• Technical basis of the audit

• Applicable legal regulations

• Type and scope of the audit procedures

• Obtaining a declaration of completeness

• Reference to the validity of the General Engagement Terms

• Summary of the audit results.

Advantages of the audit in accordance with IDW PS 850

• Early recognition of necessary adjustments as part of the migration project

• Proof of functioning change management during the project for tax audits

• Process documentation that complies with the GoBD during IT restructuring Future-proof risk management

• Legal certainty for new implementations

• Conformity with company interests

• Improved trust in the company

• Proof of necessary control requirements

• Time savings for future audits

• Strengthening of the company's own corporate values (data protection, no-failure strategy)

Our team of experts

BFMT's experts are highly qualified and have the necessary expertise to certify you in accordance with IDW PS 850. You can rest assured that your IT projects will be audited with the utmost professionalism and accuracy.