DOCSLIB.ORG

Continuous Monitoring and Continuous Auditing with IT-Assisted Tools 12 / 2017 the Board of Audit & Inspection of Korea

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Continuous Monitoring and Continuous Auditing with IT-Assisted Tools 12 / 2017 the Board of Audit & Inspection of Korea Continuous Monitoring and Continuous Auditing with IT-assisted tools 12 / 2017 The Board of Audit & Inspection of Korea Gim Namjin Table of Contents Part 1. Introduction 1 1. Research Background 1 2. Introduction to IT Audits 6 Part 2. Government’s Audit and Reporting in the U.S. 10 1. who audits 3 2. Government Audit Reporting(“Yellow Book”-GAGAS) 16 Part 3. Continuous Auditing and Continuous Monitoring 28 1. Defining Continuous Auditing 28 2. Differentiating Continuous Auditing from Continuous Monitoring 37 3. The needs of CA/CM 43 4. Skills Required 44 5. Barriers to CM and CA adoption 47 Part 4. Continuous Monitoring Software Tools 49 1. IT Audit Tools Requirement 49 2. Usefulness of CAATs 49 3. Use of Computer-assisted Audit Technique(CAATs) 52 4. Various IT audit tools 56 Part 5. Case studies 60 1. Application of ACL 60 2. Application CaseWare tool 72 3. Government auditing report: using ACL 79 4. Application of BAI audit tool 88 Part 6. Policy suggestions 94 1. Practice of BAI audits 94 2. Policy Recommendation 95 Part 7. Final opinion 98 【Figure】 No contents page Areas covered by the principles for public-sector 1 9 auditing 2 Flowchart of General Audit Operating Process 61 3 The capability of CaseWare Monitor 74 4 Flowchart of Local Audit Process 82 【Tables】 No contents page Areas covered by the principles for public-sector 1 2 auditing Continuous Auditing versus Continuous 2 40 Monitoring 3 Use of Computer-assisted Audit Technique 55 【Appendixes】 No contents page 1 Understanding audits of BAI 3 2 Understanding Financial Audit in the US 8 Federal government organization and financial 3 12 statement reporting flow 4 Issuing the independent auditor reports 23 FY2015 US. Federal Government Combined 5 25 Financial Statements 6 Survey of best suiting area and drivers 45 < 국외훈련 개요> 1. 훈련국 : 미국 2. 훈련기관명 : CKP회계법인(Choi, Kim & Park, LLP) 3. 훈련분야 : 감사원 IT감사 방법론 4. 훈련기간 : 2015. 12. 7. ~ 2017. 12. 6. 5. 훈련기관 소개 ○ 인터넷 웹주소 : http://www.ckpcpas.com ○ 대표회계사 : Hoon, Kim([email protected]) ○ 주소 : 2010 Main St., Suite 520 Irvine, CA 92614 ○ 전화/팩스 : (TEL) 949-757-0900/(FAX) 949-757-0668 ○ 조직 : CKP는 미국내 8개 office(*)를 보유한 한국계 최대 회계법인 으로, 미국 5대 회계법인 McGladrey의 member법인 (*) 캘리포니아주 Los Angeles, San Jose, Irvine, San Diego 등 4개, 알라바마주 Montgomery, 조지아주 La Grange, 뉴저지주 Fort Lee, 텍사스주 Houston ○ 주요업무 - 민간 및 공공부문의 재무제표 감사, 세무 및 컨설팅 - 이전가격 및 사전 가격합의서비스 - 자금조달․신용구축자문, 사업체 가치평가 및 M&A서비스 - Single audit, Compliance audit 및 기타 정부관련 회계서비스 Part 1. Introduction 1. Research Background In the beginning of 2014, the Korean Supreme Audit Institution(SAI), The Board of Audit and Inspection of Korean government(BAI) stressed that BAI should change and develop itself to fulfill its primary missions to protect wrongdoings and frauds in the public sector by adopting an Advanced Information Audit system(IT audit). So the head of BAI set up the new Information audit bereau in the BAI to meet the new challenges that these times require. However, there were two big and massive governmental-wide negligence of duty and fraudulent public money misuse in a couple years such as “Sewol-ho ferry sinking 2014”, and “the president Park’s governmental wrongdoings and her impeachment case 2017” that made political and socioeconomic shocks to the Korean citizens. This research background is placed on the basis of limitation of BAI audit that conducting mostly after bad things happenings, not so much predetective and effective to detect fraud. Also the auditees are appeal to the audit fatigue to the BAI that conducts audit ineffectively such as heavy material documentation preparing and unsettlement of audit results. So that I conducted this research to get the notice of IT audit schema and effective IT audit tools that useful in public sector. The table 1. shows the range of public sector and the major characters in the public sector auditings following by INTOSAI(International Organization of Supreme Audit Institutions). - 1 - [Table 1] Areas covered by the principles for public-sector auditing General Principles Professional Ethics & Independence judgement, due care Quality control qAudit team management & Scapticism & skills Audit risk Materiality Documentation Communication Principles related to the audit Peocess Planning the audit Conducting the audit Reporting & Follow up ․Established the terms of the ․Perform the planned audit audit ․Prepare a report based on the procedures to obtain audit ․Obtain understanding conclusions reached ⇒ evidence ⇒ ․Conduct risk assessment or problem analysis ․Follow up on reported matters ․Evaluate audit evidence and ․Identity risks of frauds as relevant draw conclusions ․Develop an audit plan * INTOSAI ISSAI-100, "Fundamental Principles of Public-Sector Auditing" 2014 - 2 - Appendix 1 Understanding audits of BAI The BAI performs audits to ensure that the taxpayer money is being expended properly, and conducts inspections of government agencies and their employees to assure that their duties are being performed appropriately. 1. Major missions (1) Verification of accounts (Article 99 of the Constitution; Article 21 of the BAI Act) BAI examines the final accounts of the state and verifies that the nation’s resources have been spent wisely to benefit the public. To this end, the Minister of Strategy and Finance writes up the final accounts which include the budgets implemented by all the government agencies, and submits the report to BAI. Then, BAI examines the report meticulously to ensure that the account totals and the actual amount spent are balanced. After BAI has examined the final accounts, the Minister of Strategy and Finance presents the report to the National Assembly on May 31st of the following year. (2) Financial audit (Articles 22 & 23 of the BAI Act) BAI audits the central government, local autonomies and public institutions to ensure that the budget which comes from taxpayer money is being used properly for the nation and its citizens. BAI also scrutinizes the budgets to examine whether or not public - 3 - servants, through willful intent or negligence, are reckless in conducting projects that waste public money. BAI, in accordance with the BAI Act, must audit 34,300 central and local governments as well as other institutions. Furthermore, there are an additional 30,000 institutions which BAI can audit when necessary or at the Prime Minister’s request. (3) Inspection (Article 24 of the BAI Act) Apart from audit, BAI carries out inspection to ensure that the work of government agencies, local autonomies and public institutions and the performance of their employees are being carried out according to the law and principles. just as financial audit is examination of an auditee’s finance, inspection is examination of public employees’ performance to ensure that they are doing their work properly. Should government employees break the law or work in an illegal manner, they will face consequences, such as disciplinary action, in order to set the situation right. BAI also works to correct and improve any irrational laws or systems as well as cumbersome administrative procedures. 2. Types of audit There are four kinds of audits: (1) Financial audit When conducting financial audit, the focus is on analyzing and evaluating the use and management of finances of the auditee and on providing recommendations for improvement. Financial audits are - 4 - conducted on a regular basis to ensure sound and efficient use of financial resources, and also to provide useful information and analysis to the people and the National Assembly. (2) Management audit The purpose of this audit is to conduct a comprehensive analysis and evaluation of the management of the organization, human resources and budget to ensure that the auditee is carrying out its functions and duties properly. This is to ensure that the work regarding budget proceeds both appropriately and lawfully. Through this process, the audit covers the entire management and thereby contributes to enhancing the transparency and efficiency of the organization. (3) Performance audit By conducting a systematic diagnosis and analysis of the problems, whether regarding major policies, projects, systems or management, comprehensive and fundamental recommendations for improvement can be made. This audit provides the support needed to ensure that major policies, measures and projects can be carried out smoothly for optimum results. (4) Special audit The purpose of special audit is to examine important social and economic issues or matters for which the people or the National Assembly have requested an audit. This type of audit is to be used in a flexible and timely manner as needed. The focus of BAI’ audits are on the nonfinancial audits, roughly, that of 80%. So is under 20% of the pure financial audit. - 5 - 2. Introduction to IT Audits Government entities have increasingly adopted Information and Communication Technologies(ICT) to conduct their functions and deliver various services. Such ICT based systems are commonly, also, referred to as Information Systems(IS) or Information Technology(IT) Systems. Supreme Audit Institutions(SAIs) are mandated to audit the Government and their entities as per their respective audit mandate. SAIs, thus, promote the efficiency, accountability, effectiveness and transparency of public administration. The continuous development of Information and Communication Technology has made it possible to capture, store, process and deliver information electronically. This transition to electronic processing has triggered a significant change in the environment in which
Load more

Recommended publications
  • Continuous Auditing: Implications for Assurance, Monitoring, and Risk
    ® IPPF – Practice Guide Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment Global Technology Audit Guide Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment Author David Coderre, Royal Canadian Mounted Police (RCMP) Subject Matter Experts John G. Verver, ACL Services Ltd. J. Donald Warren Jr., Center for Continuous Auditing, Rutgers University Copyright © 2005 by The Institute of Internal Auditors, 247 Maitland Avenue, Altamonte Springs, Florida 32701-4201. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form by any means — electronic, mechanical, photocopying, recording, or otherwise — without prior written permission of the publisher. The IIA publishes this document for informational and educational purposes. This document is intended to provide information, but is not a substitute for legal or accounting advice. The IIA does not provide such advice and makes no warranty as to any legal or accounting results through its publication of this document. When legal or accounting issues arise, professional assistance should be sought and retained. GTAG — Table of Contents 1. Executive Summary Summary for Chief Audit Executive ………………………………………………………………………...............1 Continuous Auditing ………………………………………………………………………………………1 The Need for a Continuous Auditing/Continuous Monitoring: An Integrated Approach ………………1 The Roles of Internal Audit Activity and Management ……………………………………………………2 The Power of Continuous Auditing …………………………………………………………………………2 Implementation Issues ………………………………………………………………………………………2 2. Introduction …………………………………………………………………………………………………3 Continuous Auditing: A Brief History ………………………………………………………………………3 Today’s Audit Environment …………………………………………………………………………………3 COSO Enterprise Risk Management (ERM) Framework …………………………………………………4 The Roles of the Internal Audit Activity and Management ………………………………………………5 Benefits of Continuous Auditing and Monitoring …………………………………………………………5 3.
    [Show full text]
  • Transferring Continuous Auditing to The
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by AIS Electronic Library (AISeL) Association for Information Systems AIS Electronic Library (AISeL) Research Papers ECIS 2016 Proceedings Summer 6-15-2016 TRANSFERRING CONTINUOUS AUDITING TO THE DIGITAL AGE – THE KNOWLEDGE BASE AFTER THREE DECADES OF RESEARCH Andreas Kiesow Osnabrueck University, [email protected] Tim Schomaker Osnabrueck University, [email protected] Oliver Thomas Osnabrueck University, [email protected] Follow this and additional works at: http://aisel.aisnet.org/ecis2016_rp Recommended Citation Kiesow, Andreas; Schomaker, Tim; and Thomas, Oliver, "TRANSFERRING CONTINUOUS AUDITING TO THE DIGITAL AGE – THE KNOWLEDGE BASE AFTER THREE DECADES OF RESEARCH" (2016). Research Papers. 42. http://aisel.aisnet.org/ecis2016_rp/42 This material is brought to you by the ECIS 2016 Proceedings at AIS Electronic Library (AISeL). It has been accepted for inclusion in Research Papers by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contact [email protected]. TRANSFERRING CONTINUOUS AUDITING TO THE DIGITAL AGE – THE KNOWLEDGE BASE AFTER THREE DECADES OF RESEARCH Research Kiesow, Andreas, Osnabrueck University, Germany, [email protected] Schomaker, Tim, Osnabrueck University, Germany, [email protected] Thomas, Oliver, Osnabrueck University, Germany, [email protected] Abstract Financial auditing is faced with an intensified regulatory framework and an increasing volume of ac- counting-relevant data. In order to address these challenges, information technology (IT) and corre- sponding information systems (IS) are implemented to improve the effectiveness and efficiency of audit services. In this context, continuous auditing (CA) is defined as an approach to deliver audit assurance in terms of an audit subject in real-time or almost real-time.
    [Show full text]
  • Continuous Monitoring: the Path to Continuous Auditing
    Continuous Monitoring: Paving the Road to Continuous Auditing The Less Subtle Sequel to Patrick’s Last Three Presentations Chris Rossie Co-founder & Vice President, Public Sector and International Historical Context Three Years Ago • ROI from Continuous Monitoring Two Years Ago • Continuous Monitoring Driving Operational Value One year ago • The Top Ten Wrong Things in Continuous Auditing Projects Copyright 2011 Oversight Systems. All rights reserved. / Page 2 The Problem with Continuous Auditing is Audit Audits are Pass/Fail • Little incentive for “extra credit” • Objective is to “check the boxes” Audit Budgets are Tight • External audit fees are under pressure • Internal audit department budgets are under pressure There is Tension Between Reduced Budgets and the Investments Required to Leverage Technology Copyright 2011 Oversight Systems. All rights reserved. / Page 3 Our Experiences That’s Not Bad, It’s Just Reality CM Drives Large ROI … and Does It in a Short Period of Time CA Create Value, Just Not as Large and Visible as CM But … CM Can Pave the Road to CA Let’s Look at Some Examples … Copyright 2011 Oversight Systems. All rights reserved. / Page 4 What Value Does Monitoring Deliver? • Regulations • Improper payment- FCPA real-time error OFAC prevention SOX Errors • Best practices Fraud/misuse COSO • Un-recovered GRC Program payments • Internal policies/ • Cost of capital procedures • Margin optimization • Audit Automation • 100% transaction • Resource review optimization • Fraud • Error correction Employee and prevention Vendor • Audit fees • Policy/procedures • Internal audit Procurement efficiency T&E • Recovery Audit P-cards Fees • Reporting reliability • Transaction-level analytics • Errors in Financial • Outsource • Decision support • Process improvement Reporting Effectiveness • Automated testing/reporting • Outsource SLA Management Copyright 2011 Oversight Systems.
    [Show full text]
  • UTRGV Procurement Card
    •••••••••••••••••••••••••••••••••••••••••••••••••••••• Brownsville • Edinburg • Harlingen Procurement Card – Continuous Auditing Report No. 17-06 March 2017 Office of Audits & Consulting Services March 15, 2017 Dr. Guy Bailey, President The University of Texas Rio Grande Valley 1201 West University Drive Edinburg, Texas 78539 Dear Dr. Bailey, The Office of Audits & Consulting Services has completed the audit of Procurement Card - Continuous Auditing as part of our fiscal year 2016 Audit Plan. The audit objectives were to: • develop custom data analytic reports that continuously identify procurement card transactions that may require further review; • test the items identified in the custom reports to ensure they adhere to procurement card policies and procedures; and, • determine if the custom reports could be used by management as a tool to increase awareness and compliance throughout the institution. The scope of this audit consisted of all procurement card transactions for the first eight months of fiscal year (FY) 2016 (September 1, 2015 through April 30, 2016). Our examination was conducted in accordance with guidelines set forth in The University of Texas System’s Policies UTS 129 and the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing (Standards). The Standards set criteria for internal audit departments in the areas of independence, professional proficiency, scope and performance of audit work, and management of internal auditing department. UTS 129 requires that we adhere to the Standards. Overall, we concluded the majority of the procurement card transactions tested complied with procurement card policies and procedures, and were adequately documented and reviewed by the Procurement Office. In addition, we determined certain custom IDEA reports could assist management with compliance monitoring of procurement card transactions; therefore, we will continue to provide procurement management with exception reports.
    [Show full text]
  • Continuous Auditing and Continuous Monitoring: Transforming Internal Audit and Management Monitoring to Create Value
    Continuous Auditing and Continuous Monitoring: Transforming Internal Audit and Management Monitoring to Create Value ADVISORY Continuous Auditing and Continuous Monitoring: Transforming Internal Audit and Management Monitoring to Create Value As global organizations aim to address the rapidly evolving and often complex risk environment and meet ever-changing regulatory, business, and industry requirements, leaders are searching for innovative ways to efficiently meet corporate objectives. Many have begun to advance their efforts by implementing continuous auditing (CA) and continuous monitoring (CM) disciplines around their organizational processes, transactions, systems, and controls. Leveraging proactive, technology-based applications to manage performance and key areas of risk and control has become a practical and necessary alternative to meet the growing needs of the organization. Together, CA and CM offer a broad range of benefits that can help organizations add value and improve business performance. CA/CM can deliver regular insight into the status of controls and transactions across the global enterprise, enhancing risk and control oversight capability through monitoring and detection. What Is Continuous Auditing and Continuous Monitoring? Across organizations and industries, while the definitions may vary, the goal of CA/ Integrated CA/CM Model CM is to provide greater transparency into the operations and more timely reporting –Enterprise Risk + of concerns. Continuous auditing consists of the automated collection of audit evidence and indicators by an internal or Continuous Monitoring Continuous external auditor from an entity’s IT systems, processes, transactions, and controls Auditing on a frequent or continuous basis. This Controls Portfolio information enhances auditor capabilities ed and helps to ensure compliance with Processes and Transactions omat policies, procedures, and regulations.
    [Show full text]
  • AUDIT ANALYTICS and CONTINUOUS AUDIT
    AUDIT ANALYTICS and CONTINUOUS AUDIT AUDIT ANALYTICS AICPA Assurance Services Executive Committee The mission of the AICPA Assurance Services Executive Committee (ASEC) is to assure the quality, relevance, and usefulness of information or its context for decision-makers and other users by (1) identifying and prioritizing emerging trends and market needs for assurance, and (2) developing related assurance methodology guidance and tools as needed. ASEC achieves its mission by: providing guidance and leadership in identifying and prioritizing significant emerging assurance trends and market needs while engaging users, preparers, and influencers toward action; AUDIT developing assurance guidance by creating suitable criteria when necessary, and/or performance guidance, as appropriate; ANALYTICS communicating new assurance methodologies, guidance, and and opportunities to our members and the profession on a global basis; and creating alliances with industry, government, or other specialized groups to improve CPA access to new assurance opportunities. CONTINUOUS For additional information on the AICPA’s Assurance Services Executive Committee please visit aicpa.org/ASEC. AUDIT AICPA Business Reporting, Assurance and Advisory Services Team Looking Toward the Future The overarching role of the AICPA’s Business Reporting and Assurance & Advisory Services Team is to provide leadership oversight, direction and visioning for emerging business reporting and assurance issues and initiatives that are identified and addressed through input from AICPA
    [Show full text]
  • Continuous Auditing in the Shadow of SOX: Re-Engineering Interim Reporting and Assurance
    Continuous Auditing in the Shadow of SOX: Re-Engineering Interim Reporting and Assurance Efrim Boritz* Ontario Chartered Accountants Chair School of Accountancy University of Waterloo October 31, 2005 Work in Progress; Subject to Change *The author would like to acknowledge the extensive assistance provided by Chris Hicks of the Canadian Institute of Chartered Accountants and the funding provided by the Capital Markets Leadership Task Force. The views expressed in this paper are solely those of the author and may not represent the views of the members of the CMLTF. 1 of 21 - DRAFT Continuous Auditing in the Shadow of SOX: Re-Engineering Interim Reporting and Assurance A DISCUSSION PAPER October 31, 2005 J. Efrim Boritz Introduction This discussion paper is based on extensive discussions with capital markets stakeholders in Canada over the past 6 months. These discussions have included issuers/preparers, investors, auditors, board members and regulators. The purpose of these discussions was to surface issues that need to be addressed to reduce information risks borne by capital markets participants and thereby contribute to market efficiency and lower cost of capital. The key points raised in this discussion paper are: • There is a need to focus more attention on the quality of interim/continuous reporting and disclosure not just annual financial statements, because timely information is highly valued by capital market participants but the reliability of this information can be improved. • The auditing profession should strive to re-allocate much of the year end “audit” work pertaining to material transactions and events that occur throughout the year into the interim periods in which those transactions and events first occur.
    [Show full text]
  • Innovation and Practice of Continuous Auditing
    Innovation and Practice of Continuous Auditing David Y. Chan Rutgers Business School Rutgers University One Washington Park Newark, NJ 07102-3122 (E) [email protected] (T) 973-353-5172 (F) 973-353-1283 Miklos A. Vasarhelyi1 Rutgers Business School Rutgers University One Washington Park Newark, NJ 07102-3122 (E) [email protected] (T) 973-353-5172 (F) 973-353-1283 1 Respectively PhD Student and KPMG Professor of AIS, Rutgers Business School. Corresponding author [email protected]. We express our gratitude to Andreas Nicolaou, anonymous reviewer(s), participants of the Rutgers Accounting Research Forum, participants of the 2nd Annual Pre-ICIS Workshop on Accounting Information Systems, and JP Krahel for their contribution to the refinement of this paper. 1 I. Abstract The traditional audit paradigm is outdated in the real time economy. Innovation of the traditional audit process is necessary to support real time assurance. Practitioners and academics are exploring continuous auditing as a potential successor to the traditional audit paradigm. Using technology and automation, continuous auditing methodology enhances the efficiency and effectiveness of the audit process to support real time assurance. This paper defines how continuous auditing methodology introduces innovation to practice in seven dimensions and propose a four stage paradigm to advance future research. In addition, we formulate a set of methodological propositions concerning the future of assurance for practitioners and academic researchers. Keywords: Continuous Auditing, Traditional Auditing, Innovation, Audit Methodology, Audit Process, Audit Stages, Audit Practice, Analytical Procedures, Data Modeling, Data Analytics II. Introduction The objective of financial reporting is to provide information that is useful to management and stakeholders for resource allocation decisions (FASB, 2006).
    [Show full text]
  • Continuous Auditing: the Usa Experience and Considerations for Its Implementation in Brazil
    Revista de Gestão da Tecnologia e Sistemas de Informação Journal of Information Systems and Technology Management Vol. 3, No. 2, 2006, p. 211-224 ISSN online: 1807-1775 CONTINUOUS AUDITING: THE USA EXPERIENCE AND CONSIDERATIONS FOR ITS IMPLEMENTATION IN BRAZIL Michael G. Alles Rutgers Business School, U.S.A Fernando Tostes State University of Rio de Janeiro, Brazil Miklos A. Vasarhelyi Rutgers Business School, U.S.A Edson Luiz Riccio University of Sao Paulo, Brazil ______________________________________________________________________ ABSTRACT Continuous Auditing, broadly defined as the transformation of internal and external auditing through the application of modern information technology, is being increasingly adopted by firms throughout the world. Organizations ranging from Siemens, HCA, the Royal Canadian Mounted Police, BIPOP Bank and the Internal Revenue Service are developing tools and practices that will bring assurance closer to the transaction and reduce through automation, the cost of auditing. A June 2006 PricewaterhouseCoopers survey finds that 50% of U.S. companies now use continuous auditing techniques and 31% percent of the rest have already made plans to follow suit. In this article we introduce the concepts of CA to a Brazilian audience and discuss its further application there. Keywords: Continuous Auditing, CA, Auditing, Implementation, Brazil _____________________________________________________________________________________ Recebido em/Manuscript first received: 06/06/2006 Aprovado em/Manuscript accepted: 13/09/2006 Michael G. Alles, Associate Professor, Rutgers Business School, Department of Accounting & Information Systems, Ackerson Hall # 300P, 180 University Avenue, Newark, NJ 07102-1897 (973) 353 5352 (W) E-mail: [email protected] Fernando Tostes, Professor Adjunto, Universidade do Estado do Rio de Janeiro, Brasil, E-mail: [email protected] Miklos A.
    [Show full text]
  • Continuous Audit & XBRL
    A Framework for Identifying Potential Synergistic Combinations of Continuous Auditing and XBRL Glen L. Gray, PhD, CPA California State University, Northridge Rick S. Hayes, PhD, CPA California State University, Los Angeles Simple Question/Complex Answer Question: Where can synergy best be achieved between XBRL and continuous auditing? Answer: Complex m x n problem space, where m is the alternative dimensions of continuous auditing implementations and n is the alternative characteristics of XBRL implementations. Continuous auditing can be m1 x m2, where m1 is many definitions of continuous and m2 is many definitions of auditing “…„continuous‟ is a malapropism.” McCann (2009) Simple Question/Complex Answer The missing word: population Continuous auditing is almost always 100% population sample Hidden cost: What about massive false positives? Hidden risk: What about missed smoking gun? 2-step process: (1) CA, then (2) sample CA results Client-side XBRL Data Hub Client Auditor Management Mainframe XBRL Standardized Internet data analysis/ data hub mining tools Server Server Servers Internal Auit Servers Populating the XBRL Data Hub Centralized Conversions Conversion at data hub Data hub holds legacy and XBRL data Distributed Local Conversions Conversion at/near source Data hub holds XBRL data Native XBRL No conversion Data hub holds XBRL data Benefits/Costs Dimensions Implement any CA: Benefits > Costs Benefits Tangibles Increase revenue Reduce costs (efficiency) XBRL = economy of scale Shifting skill level of auditors
    [Show full text]
  • The Impact of the XBRL Environment on Auditing
    2018 9th International Symposium on Advanced Education and Management (ISAEM 2018) The impact of the XBRL environment on auditing Yuanqing Mao1, Liucheng Zhang2, * 1 School of Accounting, Harbin University of Commerce, Harbin, 150028, China 2School of Accounting, Harbin University of Commerce, Harbin, 150028, China [email protected] Keywords: XBRL, audit, impact Abstract: XBRL comes into being with the continuous development of information technology. Its application not only brought a series of positive influence to the audit works, but also made the audit works face the challenge in many aspects. This paper analyzes the effect of XBRL technology on audit and its deficiencies, and proposes corresponding countermeasures to solve problems, so as to hope that XBRL technology can more effectively reduce audit risks and improve audit service quality. 1. The concept of XBRL As an extensible business reporting language, XBRL is an emerging electronic financial reporting format. It is mainly caused by the fact that different enterprises have different forms of financial reports. In traditional electronic financial reports, there are problems that need to be converted according to different users, which makes their utilization rate very low. By adding specific labels and classifications to the data in financial accounting, XBRL enables the computer to automatically extract and process the corresponding data according to user requirements. Since XBRL is an xml-based data transfer standard, if the user's browser supports XML, it can browse and download financial reports in XBRL format, just as if the user's browser supports XML. In the current big data environment, the rapid development of the Internet has made XBRL more important, and also brought profound influence to the audit industry.
    [Show full text]
  • Continuous Monitoring and Continuous Auditing from Idea to Implementation Continuous Monitoring and Continuous Auditing: from Idea to Implementation
    Continuous monitoring and continuous auditing From idea to implementation Continuous Monitoring and Continuous Auditing: From Idea to Implementation Most financial and auditing executives are aware of The current environment of rising risks, regulatory activity, continuous controls monitoring and continuous auditing and compliance costs makes this the ideal time to consider and of the general benefits of such programs. Yet (or to reconsider) the potential role of CM or CA, or both, relatively few enterprises have realized their full potential, in your enterprise. You might also consider what it would particularly at the enterprise-wide level. Deloitte sees take to implement them, what they would look like, how the reason for this as twofold: first, executives have not they would operate, and whether to further investigate seen a clear, strong business case for establishing either these modes of monitoring and auditing. continuous monitoring (CM) or continuous auditing (CA) in their enterprises; second, they lack a clear picture of how This paper, prepared for internal audit, accounting, CM or CA would be implemented in their organizations. financial, and risk management executives, can guide you in these considerations. CEOs, COOs, and board members A quick definition, to be expanded upon below, may be who share those executives’ concerns about rising risk, in order because we have found that some confusion regulation, and costs — and the potential impact on their surrounds CM and CA. Although they are often lumped enterprises — may also find this paper informative. together, perhaps because they are both automated, ongoing processes, they are actually two distinct types of programs. As the name implies, continuous monitoring Continuous auditing enables internal audit enables management to continually review business to continually gather from processes data processes for adherence to and deviations from their that supports auditing activities.
    [Show full text]