3. ISACA: “the collection of audit evidence, by an auditor, on systems and transactions, on a continuous basis through a period” External Auditors: electronic audit evidence gathering process to render an opinion on fair presentation of financial statements (Rezaee et al) Internal Auditors: process to evaluate business processes and assess management’s monitoring process of the control and disclosure environment (Rezaeeet al)
4.
5. Continuous Monitoring (CM) A tool for management Automatic and continuous monitoring of: compliance of business processes and transactions against company rules, policies and objectives effectiveness of internal controls Some techniques/procedures are similar CA and CM complement each other
17. Demand for CA SOX Growing complexity of business transactions Trend towards continuous reporting (ie. MD&A, XBRL) Wide adoption of ERP systems and data warehouses More responsibilities for fraud detection
19. 1. Business case cost benefit analysis Hard to justify using ROI alone Recommended to develop specific cases where CA is value adding and cost saving
20. 2. Client Pre-requisite Good control environment Good data integrity Understanding of company system and controls in place Senior executive and BOD support
21. 3. Adoption Strategy prioritize the risk areas under each business process ROI, degree of risk and costs and benefits start with a less complex, high return and low cost project quick realization of benefits gain support 4. Planning scope and objectives resources and timeline roles and responsibilities
22. 5. Design and implementation establish the business rules, controls and analytical procedure benchmarks frequency of testing follow up procedures 6. Monitoring and communication results and benefits reported to stakeholders
25. Barriers to CA Cost constraint Hard to demonstrate benefits using ROI Lack of system integration (decentralized) Lack of data integrity and control environment Staff resistance