Implementing Continuous Auditing in a Global Real Time Economy - PowerPoint PPT Presentation

1 / 34
About This Presentation
Title:

Implementing Continuous Auditing in a Global Real Time Economy

Description:

Implementing Continuous Auditing in a Global Real Time Economy Miklos A. Vasarhelyi KPMG Professor of AIS Rutgers University Technology Consultant AT&T Laboratories – PowerPoint PPT presentation

Number of Views:119
Avg rating:3.0/5.0
Slides: 35
Provided by: Michael2761
Category:

less

Transcript and Presenter's Notes

Title: Implementing Continuous Auditing in a Global Real Time Economy


1
Implementing Continuous Auditing in a Global Real
Time Economy
  • Miklos A. Vasarhelyi
  • KPMG Professor of AIS Rutgers University
  • Technology Consultant ATT Laboratories

2
Outline
  • The real time economy
  • Going Global
  • Measuring Business
  • Assurance in the Global Real Time Economy
  • Implementing Continuous Audit
  • Opportunities and Challenges

3
The Real Time Economy
4
The real time economy
  • The objective
  • Reduction of latency
  • Inter-Process 7 Intra-Process Latency
  • The facilitators
  • Sensors measuring transactions automatically
  • ERPs
  • Process Automation
  • Dashboards
  • Reengineering, Outsourcing, System Integration

5
RTE
  • Processes that are supported by real-time systems
  • Processes which are monitored on a close to
    continuous basis
  • Processes that are highly time dependent
  • Processes where timely decisions give competitive
    advantage

6
(No Transcript)
7
Going global
8
Going global - Preamble
  • Over the last 50 years technology has enabled
    major motion towards a global economy.
  • Consequently it has set into motion social
    change, economic rebalancing, and an
    unprecedented degree of across-country
    cooperation.
  • However this phenomenon of ubiquitous consequence
    has created a wave of challenges to the
    socio-technical structure of business and
    corporate policy making.

9
Going Global - Friedman
  • 11/09/1989 (Berlin Wall)
  • 08/09/95 (Netscape went Public)
  • Three billion new people joining the fray
  • Work flow software
  • Open sourcing
  • Outsourcing, offshoring, In-forming
  • Hardware software multifuctionality
  • Tools of cooperation

10
Measuring Business
11
(No Transcript)
12
RTEBIS
  • Very rapid business cycles
  • Instant need of resolution of certain business
    needs (for example monthly billing may not be
    acceptable)
  • Service agreements that specify certain degree of
    data reliability
  • Rapid change in the terms of agreements
    contingent on dynamic parameters
  • Utilization of Service Oriented Architectures
    that allow for dynamic servicing of clients and
    dynamic acquisition of suppliers and service
    providers

13
(No Transcript)
14
Assurance in the Global Real Time Economy
15
What is Continuous Auditing?
  • No consensus on what constitutes a continuous
  • audit
  • Enhanced auditor skill set
  • Differences from traditional audit
  • New audit risk model
  • Continuous reporting and impact on auditors
  • report
  • Senior management support

16
A Distinction between Continuous Auditing and
Continuous Monitoring
Continuous auditing does not necessarily have to
generate a report it is a process that tests
transactions based upon prescribed criteria,
identifies anomalies, and is the responsibility
of the auditor. Continuous monitoring, on the
other hand, is the responsibility of management,
best defined in terms of the COSO Study control
framework. Continuous monitoring, when employed
by auditors, focuses on the control environment
and not transactions.
17
An evolving continuous auditframework
Continuous Audit
Continuous Audit
Continuous Control Monitoring
  • Automation
  • Sensoring
  • ERP
  • E-Commerce

Data
CA CCM C(D)A CA -gt Continuous Audit CCM -gt
Continuous Control Monitoring C(D)A -gt Continuous
Data Assurance
18
Unibanco Advances to Clients Monitoring
19
Some Key Issues
  • Two recent surveys (ACL and PWC) show that a
    large number of key companies are attempting to
    perform continuous audit like functions
  • An industry of software is evolving with ACL,
    IDEA, APPROVA, and others growing rapidly
  • Control Monitoring and Continuous Data Assurance
    are the main approaches
  • The first recorded application was ATT Bell
    Laboratories CPAS effort in the 1986-1991 period
  • The Rutgers CarLab is working in leading
    applications

20
Overview of CaR-Lab examples
21
CAR-Lab Experiences
  • Control monitoring at Siemens
  • Transaction monitoring at Unibanco
  • Continuous (data) assurance at HCA
  • Other
  • Conceptual developments
  • Simulating Liberty
  • EBR work
  • KPMG projects

22
Siemens' Project Value Proposition
Automated Business Process Controls Monitoring
Project
23
Siemens' Project Features
  • Formalize automate internal audit procedures
    used for business process controls monitoring
  • Conduct man vs. model assessments
  • Calibrate exception rules to optimize model
    performance
  • Scale up to all SAP instances
  • Increase frequency of model application, where
    feasible
  • Transition to Approva application and extend the
    model where optimal

24
Implementing Continuous Audit
25
  • Background
  • While technologies of continuous audit have been
    extensively discussed and are progressively
    emerging the more mundane issues of their
    implementation in a socio-technical environment
    have been neglected
  • http//www.theiia.org/itaudit/features/in-depth-fe
    atures-2-10-08/feature-2/

26
2. Rule
  • Priority
  • Areas

6. Action and Reaction
3. Frequency
Audit Control Panel
5. Follow-up
4. Parameterization
Six steps of process implementation
27
Opportunities and Challenges
28
Opportunities for business and research (1)
  • Control system measurement
  • We are in a pre-paradigmatic stage of control
    documentation and measurement
  • We do not know how to monitor controls in large
    ERPs
  • We do not know how to provide a really
    supportable opinion on controls
  • We do not know how to rate combinations of
    controls
  • Business Process Monitoring and Alarming
  • Auditors have to carve a position on the new
    monitoring and control environment
  • Auditors can collect exception alarms as
    trusted parties and incorporate these into
    evidentiary matter
  • Auditors can be trusted

29
Opportunities (2)
  • Automatic Confirmation Tools
  • Confirmations will have an increased evidentiary
    role with eventual elimination of population and
    integrity worries
  • Intelligent confirmatory tags can do much
  • Database to database hand-shaking will be medium
  • Business opportunity for auditors
  • Audit bots (agents)
  • Many of the basic audit functions can be emulated
    by software
  • These must be eventually developed by the
    profession to work hand-in-hand with human
    auditors in the new audit world
  • These agents will work on all areas including 1)
    audit planning, 2) analytical reviews, 4)
    confirmations, and )5 evergreen opinions

30
Opportunities (3)
  • Collecting forensic trails
  • Auditor black box
  • Publishing real-time authenticated reports for
    different compliance masters
  • Publishing FD independent compliance reports

31
Challenges
  • Standards are needed for CA
  • Audit monitoring needs to be defined
  • Types of evidence are to change and must be
    reconsidered
  • Independence needs to be re-defined
  • The billing model has to be restructured to bill
    on function not hours
  • Audit firms must put improved knowledge
    collection and management processes to feed their
    audit analytic toolkit
  • Audit firms have to engage in auditor automation
    and pro-actively promote corporate data
    collection during-the-process
  • Value added must be justified in terms of data
    quality

32
  • Conclusions
  • Attention must be paid to the organizational
    processes that implement continuous audit
  • There are 6 key steps to progressively implement
    a CA program module by module
  • The CA process is dynamic and CA management will
    change schedule and parameters of each process
  • The organization of the audit process must be
    evolved progressively

33
Issues
34
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com