AUDIT ANALYTICS AUDIT

Recommendations

Info

ESSAY 6: MANAGING RISK AND THE AUDIT PROCESS profile. The authors also contend that CRMA should ideally be fully integrated within a structure that includes both Continuous Controls Monitoring (CCM) and Continuous Data Assurance (CDA) such that a robust system of continuous auditing is ultimately achieved (figure 6-1). Figure 6-1: Integrated Components in Continuous Auditing (Vasarhelyi, Teeter, Krahel 2010) In practice, there might be an initial tendency to implement one or more of the modules in a mutually exclusive manner. For instance, an organization might elect to adopt CRMA as part of a risk management initiative but not incorporate it with CCM or CDA at that point. While this will certainly be beneficial, eventual integration of all three components will produce synergistic effects. For example, as the CCM module identifies internal control failures and other issues, this information can be provided as input to the CRMA program, thus potentially impacting one or more of the risk measures being monitored, as well as offering evidence pertaining to whether revision of the risk profile and corresponding metrics (for example, key risk indicators) is advisable. Furthermore, as risk measures fluctuate in the CRMA system, this information can serve as input to the CCM module, allowing it to proactively address changes in business risk (Moon 2014a). While the CRMA architecture can add value by itself, it can be fully leveraged when combined with CCM and CDA to provide a complete system of continuous auditing and monitoring. 131
AUDIT ANALYTICS AND CONTINUOUS AUDIT:LOOKING TOWARD THE FUTURE CRMA—GENERAL PROCESS Vasarhelyi (2011) further describes the CRMA architecture by elaborating on and discussing its various components and functionalities (figure 6-2). Figure 6-2: Schemata of CRMA Process (Adapted from Vasarhelyi 2011) In the proposed CRMA framework, three general types of risks are identified and monitored. These include business process or operational risks, environmental risks, and black swans (Taleb 2010). Business process risks are largely inherent and attributable to the business itself as well as its industry. Environmental risks include other forces in the internal environment such as infrastructure and information security issues, and risks in the macro-environment including those residing in the political, competitor, and economic arenas (Kuenkaikaew and Vasarhelyi 2013; Hill 2008). A black swan is a risk that has a very low probability of transpiring, but would likely carry substantial costs if materialized. A black swan is formally defined as "an event or occurrence that deviates beyond what is normally expected of a situation and that would be extremely difficult to predict." (Financial Times 2014). Furthermore, the emergence of a black swan can have catastrophic and unpredictable outcomes. Consequently, although this type of event is problematic to anticipate, it is vital that monitoring mechanisms are established to accumulate and maintain information about these 132
Page 1 and 2:
AUDIT ANALYTICS and CONTINUOUS AUDI
Page 3 and 4:
Notice to Readers Audit Analytics a
Page 6 and 7:
TABLE OF CONTENTS Preface Acknowled
Page 8 and 9:
CONTENTS 3 Evolution of Auditing: F
Page 10:
CONTENTS B Page Implementing Contin
Page 13 and 14:
AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 16 and 17:
AUTHOR BIOGRAPHIES Abdullah Alawadh
Page 18 and 19:
AUTHOR BIOGRAPHIES He is a passiona
Page 20 and 21:
AUTHOR BIOGRAPHIES AICPA Assurance
Page 22 and 23:
AUTHOR BIOGRAPHIES management. Prio
Page 24 and 25:
AUTHOR BIOGRAPHIES Trevor R. Stewar
Page 26:
PART I Essays 1
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106: AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 112 and 113: ESSAY 4 Reimagining Auditing in a W
Page 114 and 115: ESSAY 4: REIMAGINING AUDITING IN A
Page 128: ESSAY 4: REIMAGINING AUDITING IN A
Page 155: AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 170: PART II Case Studies 145
Page 182 and 183: CASE STUDY B Implementing Continuou
Page 184 and 185: CASE STUDY B: IMPLEMENTING CONTINUO
Page 192: CASE STUDY B: IMPLEMENTING CONTINUO
Page 200 and 201: CASE STUDY D Implementing Continuou
Page 202 and 203: CASE STUDY D: IMPLEMENTING CONTINUO
Page 204 and 205: CASE STUDY D: IMPLEMENTING CONTINUO
Page 206 and 207:
CASE STUDY D: IMPLEMENTING CONTINUO
Page 208 and 209:
CASE STUDY D: IMPLEMENTING CONTINUO
Page 210:
AICPA Assurance Services Executive
show all

AUDIT ANALYTICS AUDIT

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?