Internal Audit: Efficiency Through Automation teaches state-of-the-art computer-aided audit techniques, with practical guidelines on how to get much needed data, overcome organizational roadblocks, build data analysis skills, as well as address Continuous Auditing issues. Chapter 1 CAATTs History, Chapter 2 Audit Technology, Chapter 3 Continuous Auditing, Chapter 4 CAATTs Benefits and Opportunities, Chapter 5 CAATTs for Broader Scoped Audits, Chapter 6 Data Access and Testing, Chapter 7 Developing CAATT Capabilities, Chapter 8 Challenges for Audit,
Autorentext
David Coderre has over twenty years of experience in
internal audit, management consulting, policy development,
management information systems, system development, and application
implementation areas. He is currently President of CAATS
(Computer-Assisted Analysis Techniques and Solutions). He is the
author of three highly regarded books on using data analysis for
audit and fraud detection.
Klappentext
Praise for Internal Audit: Efficiency through Automation
"Internal audit's role within the organization is more visible than ever before, largely due to the intense regulatory and compliance pressures of the last few years. This book provides an excellent overview of technology's historical role in supporting audits, and practical examples of the value audit technology provides today. It should be mandatory reading for every audit leader tasked with maximizing the effectiveness of his or her audit team to support high- performing organizations."
Harald Will, President and CEO, ACL Services Ltd.
"A wonderful desktop reference for anyone trying to move from traditional auditing to integrated auditing. The numerous case studies make it easy to understand?and provide?a how-to?for those?seeking to?implement automated tools including continuous assurance. Whether you are just starting down the path or well on your way, it is a valuable resource."
Kate M. Head, CPA, CFE, CISA, Associate Director, Audit and Compliance, University of South Florida
"In the many years that it has been my pleasure to know and work with David Coderre, I have always been extremely impressed with his grasp of auditing, risk assessment, and data analytics, but more importantly how to do it all better and faster. If you want a high-quality audit outcome and effective resource utilization, learn from the best it doesn't get any better!"
Greg Duckert, CIA, CISA, CPA, CMA,?CEO and founder, Virtual Governance Institute
"'Do more with less.' A familiar phrase, but David Coderre actually shows you how to use technology to enhance your audit product. A must-read for any size audit shop."
Ian Craigen, Supervising Senior: IS Audit
"David Coderre is the ultimate expert on the use of computer-assisted audit tools and techniques. His twenty-first-century methods are revolutionizing the way audits are conducted. We have used his recommended methods in our audit practice with great success for many years. Every audit organizationinternal, external, governmental, SEC, or non-issuerof every size should have David's books in use. These ideas work."
David L. Cotton, CPA, CFE, CGFM, Chairman, Cotton & Company LLP
Inhalt
Case Studies xv
Preface xvii
Acknowledgments xxi
CHAPTER 1 CAATTs History 1
The New Audit Environment 2
The Age of Information Technology 3
Decentralization of Technology 3
Absence of the Paper Trail 4
Do More with Less 4
Definition of CAATTs 5
Evolution of CAATTs 6
Audit Software Developments 7
Historical CAATTs 8
Test Decks 8
Integrated Test Facility (ITF) 9
System Control Audit Review File (SCARF) 9
Sample Audit Review File (SARF) 9
Sampling 10
Parallel Simulation 10
Reasonableness Tests and Exception Reporting 11
Traditional Approaches to Computer-Based Auditing 12
Systems-Based Approach 12
Data-Based Approach 15
Audit Management and Administrative Support 19
Roadblocks to CAATT Implementation 20
Summary and Conclusions 24
CHAPTER 2 Audit Technology 27
Audit Technology Continuum 27
Introductory Use of Technology 27
Moderate Use of Technology 28
Integral Use of Technology 29
Advanced Use of Technology 30
Getting There 31
General Software Useful for Auditors 32
Word Processing 32
Text Search and Retrieval 34
Reference Libraries 35
Spreadsheets 35
Presentation Software 37
Flowcharting 38
Antivirus and Firewall Software 39
Software Licensing Checkers 39
Specialized Audit Software Applications 40
Data Access, Analysis, Testing, and Reporting 40
Standardized Extractions and Reports 44
Information Downloaded from Mainframe Applications and/or Client Systems 45
Electronic Questionnaires and Audit Programs 48
Control Self-Assessment 49
Parallel Simulation 50
Electronic Working Papers 51
Data Warehouse 52
Data Mining 54
Software for Audit Management and Administration 56
Audit Universe 56
Audit Department Management Software 57
E-mail 57
File Transfer Protocol (FTP) 57
Intranet 59
Databases 60
Groupware 61
Electronic Document Management 61
Electronic Audit Reports and Methodologies 62
Audit Scheduling, Time Reporting, and Billing 63
Project Management 64
Extensible Business Reporting Language (XBRL) 64
Expert Systems 67
Audit Early-Warning Systems 68
Continuous Auditing 69
Continuous Auditing versus ContinuousMonitoring 72
Example of Continuous Auditing: Application to an Accounts Payable Department 74
Stages of Continuous Auditing 77
Continuous Auditing Template 79
Sarbanes-Oxley 80
Important SOX Sections 81
The Role and Responsibility of Internal Audit 83
Risk Factors 84
Detecting Fraud 85
Determining the Exposure to Fraud 86
SOX Software 88
Assessment of IT Controls and Risks 90
Defining the Scope 92
GAIT Principles 93
Governance, Risk Management, and Compliance (GRC) 94
Internal Audit's Role in the GRC Process 97
Identifying and Assessing Management's Risk Management Process 99
Assessment of Internal Control Processes 100
GRC Software 101
Summary and Conclusions 102
CHAPTER 3 CAATTs Benefits and Opportunities 103
The Inevitability of Using CAATTs 103
The New IM Environment 105
The New Audit Paradigm 105
Expected Benefits 108
Planning PhaseBenefits 109
Conduct PhaseBenefits 112
Data Analysis 112
Increased Coverage 112
Better Use of Auditor Resources 115
Improved Results 116
Reporting PhaseBenefi...