AUDIT ANALYTICS AUDIT

Recommendations

Info

ESSAY 1: CONTINUOUS AUDITING—A NEW VIEW alleviate the multiple problems generated by the proliferation of audit-like organizations. 1.3 Guidance on Continuous Auditing The first guidance on continuous auditing was published jointly by the CICA and AICPA (1999) and is often called the Red Book. This current volume attempts to update the Red Book along several dimensions. Since the publication of the Red Book, the Institute of Internal Auditors published its GTAG 3 Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment (IIA, 2005) and ISACA its IT Audit and Assurance Guidelines, G42, Continuous Assurance, (2010). In 2010, the Australian Institute of Chartered Accountants also published its Continuous Assurance for the Now Economy. Leveraging this statutory work, continuous auditing literature reviews (Brown et al, 2007; Chiu, Liu, & Vasarhelyi, 2014), and literature from practice, this essay will summarize some basic theory postulates for continuous assurance. Assurance, for purposes of this essay, is defined as an umbrella of services that include the traditional audit and other services of a similar or complementary nature that are emerging or being facilitated by new technologies and business needs. (Vasarhelyi & Alles, 2006) Considering the new assurance needs in control structure, control compliance, data, and the existing guidance on continuous auditing, a reconsideration and expansion of the elements in the concepts of continuous assurance is needed. 2. THE ELEMENTS OF CONTINUOUS ASSURANCE REVISITED The advent of new information and analytic technologies has brought about new products as well as new ways to perform business processes. Since the early years of continuous auditing, business has substantially evolved the continuous monitoring processes of production into many other areas of activity including accounting and finance. 2.1 Continuous Auditing Versus Continuous Monitoring Considerable thought has been given to the problem of overlap between management and assurance processes when they progress in the automation route. KPMG (Littley and Costello, 2012) described it in operational terms, as shown in table 1-3. Another approach would be to 13
AUDIT ANALYTICS AND CONTINUOUS AUDIT:LOOKING TOWARD THE FUTURE consider some new type of conceptualization based on the new economics of information, control, and risk. Table 1-3: CA Versus CM Continuous Auditing Performed by Internal Audit • Gain audit evidence more effectively and efficiently • Reactmoretimelytobusiness risks • Leverage technology to perform more efficient internal audits • Focus audits more specifically • Help monitor compliance with policies, procedures, and regulations Continuous Monitoring Responsibility of Management • Improve governance—aligning business/compliance risk to internal controls and remediation • Improve transparency and react more timely to make better day-to-day decisions • Strive to reduce cost of controls and cost of testing/monitoring • Leverage technology to create efficiencies and opportunities for performance improvements Littley and Costello (2012), as shown in table 1-1 and the AT&T Bell Laboratories development of Continuous Process Audit System (CPAS) (Vasarhelyi & Halper, 1991) in parallel to management’s Prometheus system (table 4) show a substantive overlap of management and assurance analytics and the potential of the usage of similar systems to support infrastructure. IBM’s 6 internal audit approach was to commission three monitoring systems for auditees and progressively obtain their agreement to use the system for monitoring by management. Traditional audit thinking argues that if the auditor acts as a "monitorer," in one sense, he or she becomes part of the control system and loses independence. On the other hand, the traditional audit can be viewed as a form of tertiary control acting both as a deterrent as well as an after-the-fact detective control. The progressively increasing set of layers between the auditor and the data, as well as the massive nature of data being used by large corporations, forces the existence of monitoring and reporting layers, not to mention ERP software, web interfaces, legacy systems, and outsourced processes. Vasarhelyi & Halper (1991) initially developed the CPAS project aimed at creating a meta-understanding of the system being audited and making this system auditor-monitored. It became clear after a certain amount of time that similar monitoring insight and analytics would be also of interest to management and of benefit in the utilization of the system being monitored. Consequently AT&T developed the Prometheus system (Vasarhelyi, Halper, & Esawa, 1995), which used the same technological undercarriage of CPAS but with some unique analytics for both 6 As described in annual presentations at the World Continuous Auditing Symposium in Newark (2011, 2012), that can be seen in http://raw.rutgers.edu/ 14
Page 1 and 2: AUDIT ANALYTICS and CONTINUOUS AUDI
Page 3 and 4: Notice to Readers Audit Analytics a
Page 6 and 7: TABLE OF CONTENTS Preface Acknowled
Page 8 and 9: CONTENTS 3 Evolution of Auditing: F
Page 10: CONTENTS B Page Implementing Contin
Page 13 and 14: AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 16 and 17: AUTHOR BIOGRAPHIES Abdullah Alawadh
Page 18 and 19: AUTHOR BIOGRAPHIES He is a passiona
Page 20 and 21: AUTHOR BIOGRAPHIES AICPA Assurance
Page 22 and 23: AUTHOR BIOGRAPHIES management. Prio
Page 24 and 25: AUTHOR BIOGRAPHIES Trevor R. Stewar
Page 26: PART I Essays 1
Page 37: AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 89 and 90:
AUDIT ANALYTICS AND CONTINUOUS AUDI
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Page 112 and 113:
ESSAY 4 Reimagining Auditing in a W
Page 114 and 115:
ESSAY 4: REIMAGINING AUDITING IN A
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 170:
PART II Case Studies 145
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 182 and 183:
CASE STUDY B Implementing Continuou
Page 184 and 185:
CASE STUDY B: IMPLEMENTING CONTINUO
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192:
Page 195 and 196:
Page 197 and 198:
Page 200 and 201:
CASE STUDY D Implementing Continuou
Page 202 and 203:
CASE STUDY D: IMPLEMENTING CONTINUO
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210:
AICPA Assurance Services Executive
show all

AUDIT ANALYTICS AUDIT

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?