Transcript Doing More with Less Your Untapped Resources

Doing More with Less
Your Untapped Resources
Paulette Keller, CPA, CIA
Mike Jacka, CPA, CIA
[email protected]
[email protected]
Change happenz



Changing laws/regulations
Changing risk environment
Changing economic conditions
Changing conditions often require us to do
more with less.
Untapped resources
Processes


Computer assisted audit techniques (CAATs)
Continuous Assurance
Partnerships

Integrated Assurance
People

Creativity
CAATs

CAATs: is a growing field within the audit profession. In the broadest sense
CAATs the practice of using computers to automate or simplify the audit
process. In practice, however, CAATs has become synonymous with
incorporating data analytics into the audit process.
Why CAATs
PAST
•Manual and computerized
business processes
•The traditional auditing
model – periodic reviews of
static information.
PRESENT
•Nearly all business information
is digitized.
•Manual review is, at best,
inefficient and at worst, not
possible.
•Demands to do more with less
Data analysis using CAAT

Risk Assessment – examination of key performance metrics or key risk
indicators to determine if the risk profile of a particular function has changed.
For a finance function you might look at the following.
– Cash balance compared to plan and prior period
– Cash transactions that exceed authority limit
– Significant differences identified between planned and actual taxes
– Significant unexplained financial fluctuations

Fraud detection – examine data for potential fraud indicators.
– Vendor/Employee/Agent address comparison
– Vendor SSN/EIN validation
– Employee name/Payee comparison
– Benford analysis (expected frequency)
– Ratio analysis
– Supplemental payments under authority
Data analysis (continued)


Control evaluation – tests of specific controls to determine if they are working
as intended.
– Access control to a particular system
– Payments over authority limits
– Appropriate approvals of transactions
– Review of entries that may indicate a management override of controls
– Split purchase orders
Recovery opportunities
– Duplicate payments
– Travel expense irregularities
Continuous Assurance
“To remain relevant….internal auditors need to move beyond a static, cyclical audit
approach and adopt a continuous, comprehensive approach to audit and risk
assessment – one that optimizes the use of technology. The ability to identify and
analyze emerging risks and trends, and to conduct audits on a more targeted basis
in response to specific risk concerns will be essential.” 2012 Survey PwC



Continuous Auditing
–
Method used to perform audit-related activities on a continuous basis – includes control
and risk assessment
–
Performed by Internal Audit
Continuous Monitoring
–
Processes to ensure policies/processes are operating effectively and to assess
adequacy/effectiveness of controls
–
Performed by operational/financial management; audit independently evaluates adequacy
of management activities
Continuous Assurance
–
Combination of continuous auditing and audit oversight of continuous monitoring
Source IIA GTAG3
Continuous Assurance Benefits








Increased scope of audit activities
Increased ability to mitigate risk
Reduced cost of internal control assessment
Increased confidence in financial results
Improvements to financial operations
Reduced financial errors and potential for fraud
Reduced revenue leakage for improved bottom-line results
Sustainable and cost-effective means to support compliance
Source IIA GTAG3
Integrated Assurance
Many organizations have several groups that contribute to providing
assurance that the risk and control framework is operating as
intended.
Most of these groups work in isolation
Why integrated assurance?



Duplication of effort is costly
Lack of coordination causes unnecessary disruption in business
activity
Providers working in silo may not see the big picture
Integrated Assurance Challenges




Lack of common platforms
Reluctance to share information
Different objectives
Different competencies
Integrated Assurance Benefits






Consolidated view on
Issues/Risks
Enhanced quality of reports
Comparability
Focus on critical issues
Plan gaps & overlaps addressed
Easier & Better Management
Of Risks & Issues
Creativity