Emerging CARLAB work PowerPoint PPT Presentation

presentation player overlay
1 / 25
About This Presentation
Transcript and Presenter's Notes

Title: Emerging CARLAB work


1
Emerging CARLAB work
  • Miklos A. Vasarhelyi

2
Outline
  • Continuous Control Monitoring
  • Simulating Continuous Auditing
  • Control Tags

3
Ongoing CA/R/Lab Projects
  • CA Continuous Control Continuous Assurance
  • Continuous Control Monitoring (CCM)
  • Siemens SALT project
  • KPMG next generation control assessment
  • Control tags
  • Continuous Assurance
  • Advanced analytics at HCA (and Siemens)
  • Liberty CA Simulator (and integrating with CCM)

4
CCM
5
Distributed And Inter-networked Systems A New
Control Paradigm
resident analytics
Auditee systems
Auditee systems
resident analytics
metrics
Auditee systems
resident analytics
Control Monitoring Device
Control Agent
Auditee systems
resident analytics
Monitoring Probes
Auditee systems
CA Monitoring Audit by exception
6
Levels Of Assurance
  • Data Level Assurance (DLA)
  • Develop innovative tools control tags, cookie
    crumbs, control paths, aggregate estimates
  • Process Level Assurance (PLA)
  • Create a model that allows for the process by
    process estimate of control effectiveness
  • Opinion Level Assurance (OLA)
  • Develop temporal related continuous control
    effectiveness assessments
  • Evergreen opinions
  • Exception frames
  • Probabilistic opinions

7
Simulating Continuous Auditing
  • Miklos A. Vasarhelyi
  • Rutgers University

8
Outline
  • The problem
  • Structure of the simulation
  • Demo
  • Conclusions

9
The problem
  • Progressively a large set of solutions is
    emerging in the CA arena
  • Many of them have been theoretical and have no
    empirical basis
  • It is very difficult to get transactional and/or
    control data from real-life companies
  • Companies will give little entry to real-life
    situations

10
Structure of the Simulation
  • Distributional data drawn from real life data
  • The control structure is symbolic of a wide set
    of companies / processes
  • We will vary the control structure and nature of
    data stream to compare

11
(No Transcript)
12
(No Transcript)
13
(No Transcript)
14
System Architecture
15
(No Transcript)
16
Conclusions
  • A tool for continuous audit simulation through
    transaction replication and control evaluation
  • Used real company distributions
  • ARENA is a constricting tool
  • There is much potential for its use
  • Next step is results of simulations

17
Control Tags
  • Miklos A. Vasarhelyi

18
Definition
  • XML derivative tagging with a new type of tag,
    the control tags that incorporate specific
    control information on items of information.

19
Types of Control Tags
  • 1) tags that specify the reliability of the
    control process that has generated the
    transaction
  • 2) tags that serve to leave behind tracer
    information on the datum processing (cookie
    crumbs),
  • 3) tags that record processes that the
    transaction was submitted,
  • 4) tags that contain other control information,
    and
  • 5) a mixture of the above.

20
Reliability control tags
  • An ongoing assessment of the reliability of the
    control processes that generate a transaction is
    made.
  • This measurement is carried with the transaction
  • If it is subject to other processes, this
    reliability assessment is changed

21
Control tags, cookie crumbs and digital IDs
Dynamic control spots with cookie crumb
collection
Subsidiary 1 Financial statements
DID1
DID5
DID4
Consolidation Financial statements
Assurance station
Subsidiary 2 Financial statements
DID2
DID7
DID8
DID9
Subsidiary 3 Financial statements
Financial Intermediary Financial
statements analysis
DID3
DID6
22
Tracer related control tags (cookie crumbs)
  • Tags carry a unique identifier of the transaction
    that is encrypted
  • This identifier is deposited in tracer
    receptacles across the transaction path
  • Public x private encrypting schema are used to
    verify transaction paths

23
Path recording control tags
  • Transactions record its path by collecting
    process DIDs and carrying them encrypted
  • Alternatively these may be deposited in a third
    party safe Web site and a pointer carried
  • Information about the crypt decoding key / method
    is carried by the transaction as a tag

24
Information Control Tags
  • Contain other control related information that
    could entail
  • Organizational placement and hierarchies
  • Reliability change related information
  • Name of the DLA assuror, e.g. KPMG
  • Outsource related agreements

25
Conclusions
  • The balkanization financial information
    distribution creates serious integrity concerns
  • Control tags associated to XML derivative
    transactions can deal with many of these problems
  • Substantial investments on the standards, their
    implementation into software, and their
    conceptualization must be made
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2026 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Emerging CARLAB work" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!