Audit quality can be enhanced through using data analytics, and bring about more meaningful and quicker results to benefit the regulator, management and auditors. Data analytics is a practical approach to manage the way data flows through information systems.
Consider for instance how AAF, ISAE and SOC internal controls reporting would benefit from an analysis of unusual or repeating items for a large volume of transactions for payroll, master trust contributions or biogas weighbridge inputs. Consider too from getting this evidence what better controls for prevention, detection, management reporting and governance reporting could be built-in to capture 100% of transaction activity over a set period.
Data analytics (DA) is the process of examining data sets to draw conclusions about the information they contain and best applied using purpose-built software. It enables the service auditor to not only manipulate a complete data set of 100% of transactions in a population but also display the results graphically quickly and simply for the benefit of management, board and trustee directors. It can also be set to manage and monitor the information regularly desired by regulators.
An extract from the ICAEW 2016 publication ‘Data analytics for external auditors’ states some of the commonly performed data analytics routines:
Service auditors using data analytics would be following in the footsteps of large systems developed companies like Oracle, SAP and Microsoft. The audit and AAF, ISAE and SOC assurance based approaches for risk analysis and controls testing, sampling and materiality need not exclude DA.
Although a challenger, data analytics should enhance rather than replace audit and assurance. It gives the opportunities to introduce external data and non-financial elements into the AAF, ISAE and SOC controls reporting framework. However, there may need to be a reworking of what is acceptable evidence to meet the demands of international audit and assurance standards.
To move forward we need to prioritise two things: