Continuous auditing enables auditors to significantly reduce and perhaps eliminate the time between occurrence of the client’s events and the auditor’s assurance services thereon.
Many audit tools are also available some of which are described below: Example of Purchase order automatically when reorder level occur
Snapshots: The snapshot software is built into the system at those points where material processing occurs which takes images of the flow of any transaction as it moves through the application. These images can be utilized to assess the authenticity, accuracy, and completeness of the processing carried out on the transaction.
System Control Audit Review File (SCARF): Just like Snapshot technique it involves embedding audit software modules within application to provide continuous monitoring of the system’s transactions. The information collected is written onto a file. Auditor then examines the information contained on this file to see if some aspect of the application system needs follow-up.
The ITF technique involves the creation of a dummy entity in the application system to verify processing authenticity, accuracy, and completeness.
Continuous and Intermittent Simulation (CIS):): This is a variation of the SCARF continuous audit technique. This technique can be used to trap exceptions whenever the application system uses a database management system. During
application system processing, CIS executes in the following way:
Audit Hooks: There are audit routines that flag suspicious transactions. For example, internal auditors at Insurance Company determined that their policyholder system was vulnerable to fraud every time a policyholder changed his or her phone number or address and then subsequently withdrew funds from the policy.
They devised a system of audit hooks to tag records with a number or address change. The internal audit department will investigate these tagged records for detecting fraud. When audit hooks are employed, auditors can be informed of questionable transactions as soon as they occur. This approach of real-time notification displays a message on the auditor’s terminal.
Explore All Chapters