Developing A Continuous Auditing Assistance System Based on Information Process Models

In recent years, Continuous Auditing (CA) has become an inevitable trend in current business environment. Computer-aided auditing systems, such as the Generalized Audit Software (GAS), are widely used to complete this task. However, most auditors who are not equipped with IT backgrounds have great degree of difficulty in integrating computer-aided auditing system with their professional knowledge in auditing. This limitation greatly impairs the auditors' ability to independently and continuously performs tests in the CA environment. This study proposed a systematic analysis approach to assist auditors in bridging the “semantic gap” between the information system and auditors' specialty. This proposed approach first provides a framework for auditors to effectively understand business processes and data flow/data structure of information systems. These ingredients are then mapped into the process of auditing including auditing objectives, key controls and auditing rules by employing information process models such as Use-case Diagram, Data Flow Diagram, and Entity-Relationship Diagram. With this approach, auditors can independently design auditing rules which can be automatically embedded in the database. Auditors can also perform auditing tasks independently on a real-time basis and reach the objectives of Continuous Auditing.

[1]  Alan R. Peslak,et al.  Incorporating Business Processes and Functions: Addressing the Missing Element in Information Systems Education , 2005, J. Comput. Inf. Syst..

[2]  Miklos A. Vasarhelyi,et al.  Principles of Analytic Monitoring for Continuous Assurance , 2004 .

[3]  Richard McClatchey,et al.  A Use-Case Driven Approach in Requirements Engineering : The Mammogrid Project , 2004, ArXiv.

[4]  Isaca Standards Board,et al.  Continuous Auditing: Is It Fantasy or Reality? , 2022 .

[5]  Gregor E. Kennedy,et al.  More sense from audit trails : Exploratory sequential data analysis , 2004 .

[6]  David H. Olsen,et al.  ENHANCING INTEGRITY BY INTEGRATING BUSINESS RULES , TRIGGERS , AND ACTIVE DATABASE TECHNIQUES , 2002 .

[7]  Hans Eriksson,et al.  Business Modeling With UML: Business Patterns at Work , 2000 .

[8]  Robert J. Vokurka,et al.  Process mapping in successful ERP implementations , 2004, Ind. Manag. Data Syst..

[9]  Ben A. Chaouch,et al.  Minimizing Cost of Continuous Audit: Counting and Time Dependent Strategies , 2003 .

[10]  Miklos A. Vasarhelyi,et al.  Continuous Online Auditing: A Program of Research , 1999, J. Inf. Syst..

[11]  Arnold M. Wright,et al.  Forum on Continuous Auditing and Assurance. (Foreword) , 2002 .

[12]  Lee Nelson,et al.  Stepping into continuous audit: a health-care audit shop shares its strategy for making real-time auditing a success , 2004 .

[13]  Rick Elam,et al.  Continuous Auditing: Building Automated Auditing Capability , 2002 .

[14]  Levent V. Orman,et al.  Database audit and control strategies , 2001, Inf. Technol. Manag..

[15]  Joseph F. Brazel A Measure of Perceived Auditor ERP Systems Expertise: Development, Assessment, and Uses , 2005 .

[16]  Robert A. Jones,et al.  An Empirical Investigation of the Task Specific Relative Strenghts of Selected Accounting and Information Systems Diagramming Techniques , 2005, J. Comput. Inf. Syst..

[17]  Rick Elam,et al.  REAL-TIME ACCOUNTING SYSTEMS , 2000 .

[18]  Barbara D. Klein User Perceptions of Data Quality: Internet and Traditional Text Sources , 2001, J. Comput. Inf. Syst..

[19]  Frederick Gallegos,et al.  Is Audit Training Needs for the 21ST Century: A Selected Assessment , 2001, J. Comput. Inf. Syst..

[20]  J. Donald Warren,et al.  Continuous Auditing: Potential for Internal Auditors , 2003 .

[21]  David C. Yen,et al.  Auditing in the e-commerce era , 2004, Inf. Manag. Comput. Secur..

[22]  Fang Zhao Management of information technology and business process re-engineering: a case study , 2004, Ind. Manag. Data Syst..

[23]  Moshe Zviran,et al.  A System Development Methodology for ERP Systems , 2002, J. Comput. Inf. Syst..

[24]  Mark S. Beasley,et al.  Auditing and Assurance Services , 2007 .

[25]  Roger Debreceny,et al.  Employing generalized audit software in the financial services sector: Challenges and opportunities , 2005 .

[26]  Oscar Barros A Novel Approach to Joint Business and Information System Design , 2005, J. Comput. Inf. Syst..

[27]  Robert L. Braun,et al.  Computer‐assisted audit tools and techniques: analysis and perspectives , 2003 .

[28]  Uday S. Murthy,et al.  A continuous auditing web services model for XML-based accounting systems , 2004, Int. J. Account. Inf. Syst..

[29]  Uday S. Murthy An Analysis of the Effects of Continuous Monitoring Controls on e-Commerce System Performance , 2004, J. Inf. Syst..

[30]  Uday S. Murthy,et al.  Monitoring High Volume On‐line Transaction Processing Systems Using a Continuous Sampling Approach , 2003 .

[31]  Jon B. Woodroof,et al.  Continuous audit: the motivations, benefits, problems, and challenges identified by partners of a Big 4 accounting firm , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[32]  Junaid M. Shaikh E‐commerce impact: emerging technology – electronic auditing , 2005 .