An excerpt from the current issue of Internal Auditor by ACL’s John Verver.
“Surveys of the internal audit profession repeatedly have ranked increased use of technology — specifically that for audit analytics, continuous auditing, continuous monitoring, and fraud detection — among the top priorities for auditors. Although many of these techniques are similar, it is generally agreed that continuous monitoring is management’s responsibility, as part of its mandate for managing risks and maintaining effective control systems.
Based on its own experience with using data analysis technology, internal audit is often able to demonstrate to management the benefits of transactional testing to identify instances of fraud, error, and abuse, as well as to determine the effectiveness of financial application and other internal controls. As long as auditors are able to maintain appropriate objectivity and independence, they also can advise management on how to best implement continuous monitoring of financial and operational transactions.
Numerous technology issues need to be addressed to implement such a transaction-testing system successfully. A primary issue is identifying and accessing the data required to perform the analysis. Another is building a library of tests that identify transactions that have either evaded financial control systems or those for which no effective control had been designed in the first place. Beyond these technology issues, organizations seeking the greatest benefit from automated transaction testing also must address three common challenges relating to processes and people…”
John Verver, CA, CISA, CMC, is Vice President, Product Strategy and Alliances at ACL Services and a longtime proponent of the role of technology in audit, compliance, and continuous controls monitoring. He is a member of the advisory board of the Continuous Auditing Research Laboratory at Rutgers University.
To read the rest of John’s article in Internal Auditor, click here.