AUDIT ANALYTICS AUDIT

More documents

Recommendations

Info

ESSAY 1: CONTINUOUS AUDITING—A NEW VIEW to monitoring operations. Investors may primarily be interested in data assurance though, depending on the industry, compliance and risk monitoring may be equally as important. CA is well suited for historic analyses, particularly given the speed with which CA provides information on attributes such as accuracy. Auditors that provide assurance on historic information will likely be primarily interested in the ability of CA to be used for such purpose. Access to sophisticated ERPs and complex data sets create an opportunity for CA to be used for diagnostic purposes. Where an error or anomaly has been identified, CA may perform a retrospective diagnostic of the situation—providing insight and analyses to management. Diagnostically, CA could also be tied to effectively assessing operational and structural strengths and weaknesses of an organization—enabling strategic decisions to be made in a timely manner and with sufficient context. Automation is an essential element to CA, though manual involvement remains important particularly in situations where extensive judgment is required and where anomalies, exceptions, and outliers are identified. Continuous Data Audit CDA Vasarhelyi and Halper called the process of monitoring and constantly assuring AT&T’s RCAM system continuous audit. The architecture of the system described in figure 1-1 shows data being (1) extracted from pre-existing reports, (2) sent to the business units through the remote job entry network, (3) transferred to an email system, and (4) extracted through individual text mining programs. This technique, analogous to what is called today "screen scrapping," was chosen to avoid interference in the long and complex system process development protocol. All information was collected from existing reports and placed in a relational database. This database drove hypertext graphs that were given to auditors to interact with the system. The several layers of the RCAM system were represented as flowcharts respecting the internal auditors’ documentation practices and experience in data analysis. Many of the analytics impounded into the system were drawn from knowledge engineering (Halper, Snively, and Vasarhelyi, 1989) internal auditors and capturing the calculations they made with paper reports. The formalization of these processes allowed for their repetition at repeated frequency, and often reliance on these tests up to the moment that alerts were generated. Although internal auditors started relying on these exception reports, they also requested that the source reports be retained mainly for their traditional audit reports. 7
AUDIT ANALYTICS AND CONTINUOUS AUDIT:LOOKING TOWARD THE FUTURE Figure 1-1: CPAS as Continuous Data Audit (from Vasarhelyi & Halper, 1991) Although the idea of a continuous audit was conceptualized initially as a data monitoring and exception system (Vasarhelyi, 1996), its concept was expanded in an implementation at Siemens (Alles et al, 2006) as a reaction to Sarbanes Oxley and the need to issue opinions on the adequacy of internal controls. This expansion was entitled continuous control monitoring (CCM). Continuous Control Monitoring (CCM) Siemens had over 150 instances of SAP that were reviewed by technical experts using that narrow guidance of a standardized set of audit action sheets. These were a formalization of the audit plan to review controls and features of a particular SAP implementation and were adapted to each audit instance. Alles et al. (2006) developed a proof of concept tool where a baseline of control settings would be compared with the actual configurable control setting every night and auditors would be alerted of variations. Teeter (2014) extended the original work examining the potential for automation of not only the deterministic settings of SAP but a wider set of controls and parameters in the SAP system. The...essay...investigates the implementation of a comprehensive continuous controls monitoring (CCM) platform for evaluating 8
Page 1 and 2: AUDIT ANALYTICS and CONTINUOUS AUDI
Page 3 and 4: Notice to Readers Audit Analytics a
Page 6 and 7: TABLE OF CONTENTS Preface Acknowled
Page 8 and 9: CONTENTS 3 Evolution of Auditing: F
Page 10: CONTENTS B Page Implementing Contin
Page 13 and 14: AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 16 and 17: AUTHOR BIOGRAPHIES Abdullah Alawadh
Page 18 and 19: AUTHOR BIOGRAPHIES He is a passiona
Page 20 and 21: AUTHOR BIOGRAPHIES AICPA Assurance
Page 22 and 23: AUTHOR BIOGRAPHIES management. Prio
Page 24 and 25: AUTHOR BIOGRAPHIES Trevor R. Stewar
Page 26: PART I Essays 1
Page 31: AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 83 and 84:
AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 112 and 113:
ESSAY 4 Reimagining Auditing in a W
Page 114 and 115:
ESSAY 4: REIMAGINING AUDITING IN A
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 170:
PART II Case Studies 145
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 182 and 183:
CASE STUDY B Implementing Continuou
Page 184 and 185:
CASE STUDY B: IMPLEMENTING CONTINUO
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192:
Page 195 and 196:
Page 197 and 198:
Page 200 and 201:
CASE STUDY D Implementing Continuou
Page 202 and 203:
CASE STUDY D: IMPLEMENTING CONTINUO
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210:
AICPA Assurance Services Executive
show all

AUDIT ANALYTICS AUDIT

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?