Call Now

Get The App


Concurrent or Continuous Audit

Continuous auditing enables auditors to significantly reduce and perhaps eliminate the time between occurrence of the client’s events and the auditor’s assurance services thereon.


Types of audit tools

Many audit tools are also available some of which are described below: Example of Purchase order automatically when reorder level occur

Snapshots: The snapshot software is built into the system at those points where material processing occurs which takes images of the flow of any transaction as it moves through the application. These images can be utilized to assess the authenticity, accuracy, and completeness of the   processing   carried   out   on the transaction.

System Control Audit Review File (SCARF): Just like Snapshot technique it involves embedding audit software modules within application to provide continuous monitoring of the system’s transactions. The information collected is written onto a file.  Auditor then examines the information contained on this file   to see if some aspect of the application system needs follow-up.

Integrated Test Facility (ITF)

The ITF technique involves the creation of a dummy entity in the application system to verify processing authenticity, accuracy, and completeness.

  • This test data would be included with the normal production data used as input to the application system.
  • In such cases the auditor has to decide what would be the method to  be  used to enter test data and the  methodology for  removal of the effects of  the ITF transactions.

Continuous and Intermittent Simulation (CIS):): This is a variation of the SCARF continuous audit technique. This technique can be used to trap exceptions whenever the application system uses a database management system. During


application system processing, CIS executes in the following way:

  • The database management system transfers the copy of transaction to  CIS. CIS then determines whether it wants to examine the transaction further. If yes, CIS replicates or simulates the application system processing.
  • Every update to the database of the selected  transaction  will  be  checked  by  CIS  to  determine  whether  discrepancies  exist   between the results it produces and those the application system produces.
  • Exceptions identified by CIS are written to an exception log file.
  • The advantage of CIS is that it does not require modifications to the application system and yet provides an online auditing capability.

Audit Hooks: There are audit routines that flag suspicious transactions. For example, internal auditors at Insurance Company determined that their policyholder system was vulnerable to fraud every  time  a  policyholder changed  his or her phone number or address and then subsequently withdrew funds from the policy.

They devised a system of audit hooks to tag records with a number or address change. The internal audit department will investigate these tagged records for detecting fraud. When audit hooks are employed, auditors can be informed of questionable transactions as soon as they occur. This approach of real-time notification displays a message on the auditor’s terminal.

Explore All Chapters