Audit Automation as the Foundation of Continuous Auditing - PowerPoint PPT Presentation

About This Presentation
Title:

Audit Automation as the Foundation of Continuous Auditing

Description:

Benefits of mobility (and EAM): ... SAP GRC Access Control, Risk Management, Process Control (VIRSA) Oracle Governance, Risk, and Compliance (LogicalApps) ... – PowerPoint PPT presentation

Number of Views:154
Avg rating:3.0/5.0
Slides: 14
Provided by: Goog6673
Category:

less

Transcript and Presenter's Notes

Title: Audit Automation as the Foundation of Continuous Auditing


1
Audit Automation as the Foundation of Continuous
Auditing
  • Michael Alles
  • Alexander Kogan
  • Miklos A. Vasarhelyi
  • J. Donald Warren, Jr.

2
The Case for Audit Automation
Audit Automation as the Foundation of Continuous
Auditing
  • Automation of business processes
  • Labor-intensive repetitive audit work
  • Cost and availability of qualified audit
    personnel
  • Budgetary pressure on internal audit departments
  • Complexity of business transactions and
    increasing risk exposure
  • Scale and scope of audit procedures
  • Timeliness of audit results

CA/R/Lab
3
Audit Automation Work Sequence
Audit Automation as the Foundation of Continuous
Auditing
  • Identification and engagement of stakeholders
  • Business process owners
  • IT personnel
  • Internal auditors
  • Composition of audit automation teams
  • Automation of audit procedures
  • Duplicate automation is ideal but too expensive
  • Verification of automated procedures
  • Independent verification by experienced auditors
  • Approval of automated audit program

CA/R/Lab
4
Formalizing the Audit Program
Audit Automation as the Foundation of Continuous
Auditing
  • Automation requires formalization
  • Formalized is usually automatable
  • Possibility of formalization is often
    underestimated
  • Benefits of formalization
  • promotes precision and consistency
  • improves confidence in audit results
  • Reduces long-run audit costs
  • Problems with formalization
  • Many humans resist formal thinking
  • Formalization can be very laborious and costly
  • Certain complex judgments are not amenable to
    formalization

CA/R/Lab
5
Re-engineering the Audit Program
Audit Automation as the Foundation of Continuous
Auditing
  • Conventional audit programs are not designed for
    automation
  • Formalizable and judgmental procedures are often
    intermixed redesign is required to separate
    them out
  • Re-engineering objective maximize the proportion
    of automatable procedures in the audit program
    (i.e., reduce reliance on informal judgmental
    techniques)
  • Substitution of high frequency (continuous)
    automated procedures for eliminated manual methods

CA/R/Lab
6
Continuous Auditing (CA) as Implementation of
Automated Audit
Audit Automation as the Foundation of Continuous
Auditing
  • Formalized audit procedures are programmed into
    an automated audit system that can run
    continuously
  • CA CCM CDA
  • Continuous Control Monitoring (CCM)
  • Access Control and Authorizations
  • System Configuration and Business Process
    Settings
  • Continuous Data Assurance (CDA)
  • Master Data
  • Transactions
  • Analytics (including Continuity Equations)

CA/R/Lab
7
Baseline Monitoring (Baselining)
Audit Automation as the Foundation of Continuous
Auditing
  • Traditionally used in configuration management
    and IT security
  • Baseline a snapshot of system configuration and
    business process settings
  • Deltas from baseline exceptions
  • Critical issues
  • Definition of baseline (the more static
    parameters are, the better they are suitable for
    baselining)
  • Initial verification of baseline values
  • Security of baseline (both definition and current
    values)
  • Accumulation of deltas redefinition of baseline

CA/R/Lab
8
Scalability of Audit Automation
Audit Automation as the Foundation of Continuous
Auditing
  • Automation of highly specific audit procedures
    for different enterprise units can incur
    prohibitive costs
  • Automation will be scalable across the enterprise
    only if the repetitive audit procedure automation
    costs are eliminated
  • Strategies for making audit automation scalable
  • Hierarchical structuring of automated audit
    procedures from the most generic audit
    procedures applicable across the enterprise to
    the more specific ones for major units and
    subunits
  • Hierarchical updates
  • Parameterization of automated audit procedures

CA/R/Lab
9
Architecture of Automated Audit
Audit Automation as the Foundation of Continuous
Auditing
  • Organization of audit software
  • integrated software vs.
  • distributed (i.e., multi-agent-based) system
  • Access to the enterprise system and data
  • Direct (either to the database or to the
    application layer)
  • Intermediated (through a business data warehouse)
  • Platform of audit software
  • Common enterprise platform (EAM embedded audit
    module)
  • Separate platform (MCL monitoring and control
    layer)
  • Providers of audit software
  • Common platform enterprise software vendors
  • Separate platform 3rd party vendors and audit
    firms

CA/R/Lab
10
Mobile Agents in Automated Audit
Audit Automation as the Foundation of Continuous
Auditing
  • Mobile agents can be transported to the
    enterprise platform to be run there (as EAM!)
  • Benefits of mobility (and EAM)
  • Protection against network connectivity outages
  • Event-triggered execution of audit procedures
    potentially zero latency (not affected by network
    congestion)
  • More efficient for processing large volumes of
    enterprise data (on site vs. moving that data
    over the network)
  • Problems with mobility (and EAM)
  • Protection of enterprise platform against
    (possibly malicious) agent
  • Protection of agent against possible manipulation
    by the platform
  • Impossibility of protecting the agent outweighs
    the benefits!

CA/R/Lab
11
Securing Continuous Auditing
Audit Automation as the Foundation of Continuous
Auditing
  • Location of continuous auditing hardware
  • clients premises
  • audit shop
  • Physical access security
  • Logical access security
  • Super-user privileges
  • Clients IT personnel access
  • Export / import of CA system settings

CA/R/Lab
12
Software for Audit Automation
Audit Automation as the Foundation of Continuous
Auditing
  • ACL
  • CaseWare IDEA
  • Approva
  • Oversight Systems
  • Governance, Risk, and Compliance Solutions
  • SAP GRC Access Control, Risk Management, Process
    Control (VIRSA)
  • Oracle Governance, Risk, and Compliance
    (LogicalApps)
  • IBM Workplace for Business Controls and Reporting
  • Paisley Enterprise GRC
  • OpenPages
  • AXENTIS Enterprise
  • BWise
  • Protiviti Governance Portal

CA/R/Lab
13
Whats Coming?
Audit Automation as the Foundation of Continuous
Auditing
  • AMR Research projects spending on government,
    risk and compliance applications and services
    will top 32.1 billion in 2008, up 7.4 from
    2007. In 2009, growth is projected at 7 .
  • Hosted, or on-demand solutions
  • Integration of audit automation with audit
    working papers software
  • Transformation of internal audit
  • Structural changes in external audit

CA/R/Lab
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Audit Automation as the Foundation of Continuous Auditing" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!