Internal Audit: Efficiency Through Automation teaches state-of-the-art computer-aided audit techniques, with practical guidelines on how to get much needed data, overcome organizational roadblocks, build data analysis skills, as well as address Continuous Auditing issues. Chapter 1 CAATTs History, Chapter 2 Audit Technology, Chapter 3 Continuous Auditing, Chapter 4 CAATTs Benefits and Opportunities, Chapter 5 CAATTs for Broader Scoped Audits, Chapter 6 Data Access and Testing, Chapter 7 Developing CAATT Capabilities, Chapter 8 Challenges for Audit,
Autorentext
David Coderre has over twenty years of experience in
internal audit, management consulting, policy development,
management information systems, system development, and application
implementation areas. He is currently President of CAATS
(Computer-Assisted Analysis Techniques and Solutions). He is the
author of three highly regarded books on using data analysis for
audit and fraud detection.
Inhalt
Case Studies xv
Preface xvii
Acknowledgments xxi
CHAPTER 1 CAATTs History 1
The New Audit Environment 2
The Age of Information Technology 3
Decentralization of Technology 3
Absence of the Paper Trail 4
Do More with Less 4
Definition of CAATTs 5
Evolution of CAATTs 6
Audit Software Developments 7
Historical CAATTs 8
Test Decks 8
Integrated Test Facility (ITF) 9
System Control Audit Review File (SCARF) 9
Sample Audit Review File (SARF) 9
Sampling 10
Parallel Simulation 10
Reasonableness Tests and Exception Reporting 11
Traditional Approaches to Computer-Based Auditing 12
Systems-Based Approach 12
Data-Based Approach 15
Audit Management and Administrative Support 19
Roadblocks to CAATT Implementation 20
Summary and Conclusions 24
CHAPTER 2 Audit Technology 27
Audit Technology Continuum 27
Introductory Use of Technology 27
Moderate Use of Technology 28
Integral Use of Technology 29
Advanced Use of Technology 30
Getting There 31
General Software Useful for Auditors 32
Word Processing 32
Text Search and Retrieval 34
Reference Libraries 35
Spreadsheets 35
Presentation Software 37
Flowcharting 38
Antivirus and Firewall Software 39
Software Licensing Checkers 39
Specialized Audit Software Applications 40
Data Access, Analysis, Testing, and Reporting 40
Standardized Extractions and Reports 44
Information Downloaded from Mainframe Applications and/or Client Systems 45
Electronic Questionnaires and Audit Programs 48
Control Self-Assessment 49
Parallel Simulation 50
Electronic Working Papers 51
Data Warehouse 52
Data Mining 54
Software for Audit Management and Administration 56
Audit Universe 56
Audit Department Management Software 57
E-mail 57
File Transfer Protocol (FTP) 57
Intranet 59
Databases 60
Groupware 61
Electronic Document Management 61
Electronic Audit Reports and Methodologies 62
Audit Scheduling, Time Reporting, and Billing 63
Project Management 64
Extensible Business Reporting Language (XBRL) 64
Expert Systems 67
Audit Early-Warning Systems 68
Continuous Auditing 69
Continuous Auditing versus ContinuousMonitoring 72
Example of Continuous Auditing: Application to an Accounts Payable Department 74
Stages of Continuous Auditing 77
Continuous Auditing Template 79
Sarbanes-Oxley 80
Important SOX Sections 81
The Role and Responsibility of Internal Audit 83
Risk Factors 84
Detecting Fraud 85
Determining the Exposure to Fraud 86
SOX Software 88
Assessment of IT Controls and Risks 90
Defining the Scope 92
GAIT Principles 93
Governance, Risk Management, and Compliance (GRC) 94
Internal Audit's Role in the GRC Process 97
Identifying and Assessing Management's Risk Management Process 99
Assessment of Internal Control Processes 100
GRC Software 101
Summary and Conclusions 102
CHAPTER 3 CAATTs Benefits and Opportunities 103
The Inevitability of Using CAATTs 103
The New IM Environment 105
The New Audit Paradigm 105
Expected Benefits 108
Planning PhaseBenefits 109
Conduct PhaseBenefits 112
Data Analysis 112
Increased Coverage 112
Better Use of Auditor Resources 115
Improved Results 116
Reporting PhaseBenefi...