Download presentation
Presentation is loading. Please wait.
Published byJemimah Anderson Modified over 9 years ago
1
Continuous Auditing ISACA London Chapter Technical Presentation Thursday, June 27th 2002 Charles Mansour, CISA ©Charles Mansour
2
Background 1980’s - Embedded Audit Modules Now - ‘We need assurance about what’s happening now, not yesterday Recent corporate failures have highlighted the need for key stakeholders to know the ‘as is’ situation Increasing emphasis on Corporate Governance –(SEC: Chairmen should personally sign and underwrite financial statements)
3
Objectives Introduce Continuous Auditing / Monitoring Look at the background Look at how it works Look at the issues Look at where it’s going
4
Signpost Should last for about 45 minutes Handouts Questions
5
Continuous Auditing The Canadian Institute of Chartered Accountants (CICA), defines a continuous audit as; – "a methodology that enables independent auditors to provide written assurance on a subject matter using a series of auditors' reports issued simultaneously with, or a short period of time after, the occurrence of events underlying the subject matter”
6
Continuous Monitoring Provides Management (or the Board) with an independent means to satisfy themselves ‘at event’ that the Control Framework is being effective in containing key risks or identifying problems so that early corrective action can be put in place
7
Why do we need Continuous Audit Audit 1 Audit 2 Expectation Reality Control Environment Time t1t2
8
Why do we need Continuous Audit Audit 1 Audit 2 Expectation Reality Control Environment Time t1t2
9
Why do we need Continuous Audit Baseline Audit Ongoing Measurement Expectation Reality Control Environment Time t1
10
So What’s the difference between an Embedded Audit Module and a Continuous System?? EAMs were meant to be used as a fairly crude means of Management Control –e.g. select a sample (every 10,000th record) for billing verification –select accounts for audit confirmation letters CAS’s are used to provide key stakeholders with independent assurance about the Internal Control Framework CAS’s should focus on key control issues –Key Performance Indicators –Key Risks CAS’s deliver assurance quickly
11
Scope of Continuous Auditing Depends on –At Event Audit Opinion –Key Risk Set –Senior Management Buy in –External Audit / Internal Audit Co- operation (for assurance) –Maturity of Organisation –Reliability of systems –Integration of Audit Reporting Tools
12
Scope of Continuous Auditing What ??? Depends on Firm’s organisational maturity Key Risks? –Internet availability / downtime –Variance from norms –re-work costs –level of General Ledger imbalance / Write offs
13
How Will it work?? Rules (Strong change control) Data Report Engine (highly secure) Stakeholder’s Desktop (via WEB?) Audit Scrutiny Hours / Days
14
5 Things need to be present (according to the CICA) Reliable systems Highly automated reporting process Accurate & secure communications link to auditor Reports should be accurate and understandable Auditors have to have the right level of proficiency
15
Features ‘Evergreen Reports’ –contains auditor’s report and information dated at the time of the user access ‘Report on Demand’ –Similar to the Evergreen Report but only available if specifically requested by the user Focus in any information relevant to organisation’s decision making
16
Issues Time (especially IT scheduling) Auditor involvement in development Globalisation Reliance on Automated Routines Security of update routines Second Hand Data Audit Evidence Problem Reporting and Follow up Security / Change Control Systems Integration –e.net type tools?
17
Reprise We’ve Looked at –what Continuous Audit is –why we need it –how it might work –some of the issues
18
Useful Websites ISACA website K-Net website CICA website (for CA Exec Summary) –http://www.cica/cicawebsite.nsf/public print/sgrcaexecsummary
19
Conclusion ‘Le plus ca change…..’ It’s evolving! (Currently an issue for the accounting profession, but could involve Internal Audit as key players) Historic Audit isn’t cutting the mustard Would continuous auditing have stopped the Enron mess It is basically the the same as management information Watch this space!
20
Questions?????? ©Charls Mansour
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.