Embed Size (px)
Citation preview
www.theiia.org
Continuous Auditing
Global Technology Auditing Guide 3Twelfth Continuous Auditing and Reporting Symposium
Rutgers Business SchoolNovember 3, 2006
www.theiia.org
Institute of Internal Auditors
•Advocating and promoting the value that internal audit professionals add to their organizations;
•Providing comprehensive professional educational and development opportunities; •Researching, disseminating, and promoting to practitioners and stakeholders knowledge;•Educating practitioners and other relevant audiences on best practices in internal auditing; and •Bringing together internal auditors from all countries to share information and experiences.
The Institute of Internal Auditors is a global professional association with more than 122,000 members, and is recognized as the internal audit professions leader in certification, education, research and technical guidance. Its mission includes:
www.theiia.org
GTAGWritten primarily for the chief internal audit executive (CAE) and audit supervisors, the guides address concerns of the board of directors and chief-level executives.
Each Global Technology Audit Guide (GTAG) is written in straightforward business language to address timely issues related to information technology management, control, or security.
GTAG is a ready resource series for chief audit executives to use in the education of members of the board and audit committee, management, process owners, and others regarding technology-associated risks and recommended practices.
www.theiia.org
What This Guide Covers• Role of continuous auditing in today’s
internal audit environment• Relationship of continuous auditing,
continuous monitoring, and continuous assurance
• The application and implementation of continuous auditing
• Benefits of a continuous, integrated approach
www.theiia.org
Role of Continuous Auditing• Today’s audit challenges
– Regulatory compliance & controls– Internal audit value and independence– Availability of skilled resources– Determining appropriate technology solutions
• Need for timely, ongoing assurance over risk management and control systems
• Role of continuous auditing– Provides more frequent, more timely, analyses to
better manage control deficiencies and risk
www.theiia.org
Gaining Clarity: Some Definitions
• Continuous Auditing– Method used to perform audit-related activities on a
continuous basis – includes control and risk assessment– Performed by Internal Audit
• Continuous Monitoring– Processes to ensure policies/processes are operating
effectively and to assess adequacy/effectiveness of controls
– Performed by operational/financial management; audit independently evaluates adequacy of management activities
• Continuous Assurance– Combination of continuous auditing and audit oversight
of continuous monitoring
www.theiia.org
Relationship of Continuous Auditing/Monitoring/Assurance• Role of continuous auditing dependent on
management’s role in continuous monitoring of controls– Inverse relationship: the
greater the role of management, the less of a direct role of internal audit
• True continuous assurance – Depends on effective monitoring
by management of internal controls and Audit’s independent assessment of that function
www.theiia.org
Application Areas• Continuous control assessment
– Identification of control deficiencies– Identification of fraud, waste, abuse
• Continuous risk assessment– Examination of consistency of processes– Development of enterprise audit plan– Support to individual audits – Follow-up on audit recommendations
www.theiia.org
Key Steps to Implementation• Establish audit objectives and requirements• Gain executive-level support• Ascertain degree to which management is
performing monitoring role• Select appropriate technology solutions• Identify information sources and gain access• Understand business processes and identify key
controls and risks• Build audit skill set• Manage and report results
www.theiia.org
Benefits• Increased scope of audit activities• Increased ability to mitigate risk• Reduced cost of internal control assessment• Increased confidence in financial results• Improvements to financial operations• Reduced financial errors and potential for fraud• Reduced revenue leakage for improved bottom-line results• Sustainable and cost-effective means to support compliance
