Research Stream in Continuous Audit
Download
Report
Transcript Research Stream in Continuous Audit
Research Streams in
Continuous Audit:
A Review and Analysis of the
Existing Literature
Carol E. Brown, Oregon State University
Jeffrey A. Wong, Oregon State University
Amelia A. Baldwin, University of Alabama
Overview
Objective: summarize and provide a framework for
classifying continuous audit research
Six major categories:
demand factors
theory and guidance
enabling technologies
applications
cost benefit factors
Over sixty papers included, more exist
Demand Factors
Increasing complexity and data-intensiveness of the
business environment (Alles, et al, 2002; Means and Warren 2005)
More electronic transactions (EDI etc), scrutiny important
(Van Decker, 2004. Vasarhelyi, et al, 2004).
outsourcing
value chain integration
Users desire reliable information to be disclosed more
frequently, more timely and in more detail (Elliot 2002; Means and
Warren 2005)
WWW reporting (Elliot 2002; Kogan et al 1999)
XBRL based reporting (Alles, et al, 2002; Elliot 2002)
Sarbanes-Oxley -- companies must disclose certain
information on a current basis (Vasarhelyi, et al, 2004; Vasarhelyi, et al,
2005; Harrison 2005; Means and Warren 2005)
Impediments
Who will pay
Independence issues
Large start up costs
Who owns work product (Alles, et al, 2002)
Theory and Guidance
Description of concepts (Vasarhelyi, 2002; Vasarhelyi and Greenstein, 2003;
Razaee et al 2002; Abdolmohammadi and Sharbatouglie, 2005)
Framework (Vasarhelyi and Alles, 2005; Vasarhelyi et al, 2004)
Research Agenda (Kogan et al, 1999; Razaee et al 2002; CICA/AICPA 1999)
Implementation Challenges (DeWayne and Woodroof, 2003)
Substantial Implementation Guidance
16 propositions for implementation methods (Greenstein and Ray, 2002)
Project management issues, approaches to development and
generic example of a prototype (Abdolmohammadi and Sharbatouglie, 2005)
Conditions for viability, conduct of hypothetical audit (CICA/AICPA
1999)
Literature Review (Rezaee et al, 2002)
Practitioner General Education (Krass, 2002; McGuire et al, 2003;
Vasarhelyi et al, 2002; White, 2005)
Enabling Technologies
Belief Functions (Dutta and Srivastava 1993; Gillett and Srivastava 2000; Shafer
and Srivastava 1990; Srivastava and Mock 2000; Srivastava and Shafer 1992)
Database (Borthick et al 2001; Groomer and Murthy 1989)
Expert Systems (Halper et al 1992; Gillett 1993; Boritz and Wensley 1990, 1992;
Peters 1990; Bailey et al 1985, Meservy et al 1996 and many more)
Intelligent Agents (Nelson and Kogan 2000; Nelson et al 1998; Woodroof
and Searcy 2001 and many more)
Neural Networks (Baker 2005; Coakley and Brown 1993, Brown and
Coakley 1999, 2000; Ethridge et al 2000; Koskivaara 2000, 2004; Lin et al 2003 and
many more)
XBRL/ XML (Rezaee and Hoffman 2001; Murthy and Groomer 2004 and
many more)
Applications
Case Studies
Product Descriptions
Application Domain
Case Studies
Pilot implementation of the monitoring and control
layer for continuous monitoring of business process
controls (Alles et al, 2005a)
Continuous Process Auditing System (CPAS)
developed at AT&T Bell Laboratories (Vasarhelyi & Halper 1991;
Vasarhelyi & Halper 1991b; Vasarhelyi et al 1991)
FRAANK – Financial Reporting and Auditing Agent
with Net Knowledge (Kogan et al, 2002)
Separation of duties - Algieba Corp.- SAP R/3 (Boccasam and
Kapoor, 2003)
Selective Monitoring and Assessment of Risks and
Trends or SMART. (Rose and Hirte 1996)
Product Descriptions
AuSoftware –
checks controls and audit issues at the most
distributed levels in very large enterprises
tracks the effects of consolidation and reconciliations
on data anomalies. (Sigvaldason and Warren 2005; Sigvaldason and Warren
2005b)
SQL Remote Guard – continuous monitoring and
auditing of remote database access activity
(Fonseca 2005)
Audit Command Language (ACL) - used for file
interrogation, which enables direct access to
computerized client data (Braun and Davis 2003)
Application Domain
Emergency response management
information systems (Turoff et al, 2004)
Business assurance analytics (BAA) (Van Decker
2004)
Electronic continuous audit of accounts
payable (Potla 2003)
Continuous control monitoring (Glover and Romney
1998) (Huffman and Crump 2005)
Cost Benefit Issues
Possible paths along which continuous assurance will
evolve (Alles, et al 2002)
Long run operating cost of running database audit (Pathak et al
2005)
Benefits of timely discovery of errors, omissions, and
defalcations. Cost-effectiveness of automated, softwaredriven audit procedures. (Means and Warren, 2005)
Discussion of economic feasibility (Kogan et al 1999)
Experimental market and laboratory experiment for
Continuous Online Audit (COA) (Daigle and Lampe 2005)
Nine benefits of continuous business assurance
analytics (Van Decker 2004)