Transcript of CHAPTER 29: CONTINUOUS ASSURANCE

AUDITING AND XBRL

Topics
CONTINUOUS ASSURANCE AUDITING AND XBRL
IMPLEMENTING CONTINUOUS ASSURANCE AUDITING
BENEFITS OF CAA
XBRL: INTERNAL BASED EXTENSIBLE BUSINESS REPORTING LANGUAGE
DATA WAREHOUSES, DATA MINING, AND OLAP
NEWER TECHNOLOGIES THE CONTINUOUS CLOSE, AND INTERNAL AUDIT
Continuous Assurance Auditing (CAA)
is the process of installing control-related monitors in information
technology (IT) systems.
IMPLEMENTING CONTINUOUS ASSURANCE AUDITING
Vouch means to attest, guarantee, or certify something as being true or
reliable, and auditors performed tests to support that vouching.
(a) What is a CAA Monitoring Process?
CAA is an audit process that produces audit results simultaneously with,
or within a short time after, the occurrence of actual events. CAA
generally independent of the underlying business application with
processes that test transactional data against defined control parameters
or rules. CAA processes today run automatically on a daily or weekly basis
and generate exception reports or alerts for internal auditor follow up.
CAA is more detective than preventive
eXtensible Business Reporting Language (XBRL) is a standards based way
to communicate business and financial information across multiple
enterprises.
CHAPTER 29: CONTINUOUS ASSURANCE AUDITING AND XBRL
Integrated Test Facilities (ITFs)
or
System Continuous Audit Review File (SCARF)
facilities monitoring tools that was developed by the IT specialist internal
auditors
"The transition to new reporting and auditing models is going to demand
not only new audit approaches but personnel of the highest caliber. With
this in mind, the profession has been working actively in the following
areas: continuous auditing or continuous assurance involves reporting on
short time frames and can pertain to either reporting on the effectiveness
of a system producing data or more frequent reporting on the data itself."
Continuous Assurance Auditing
Repetitive software audit monitors are built into IT applications.

 Rather than scheduling periodic internal audits review an area, CAA

records areas of potential interest for internal audits attention.
Internal audit is generally responsible for the confidentiality of installed
CAA software and must adapt to any user installed IT changes.
Continuous Monitoring
In many respects, CM is very similar to CAA except that the IT users
often at the direction of management install CM in an application of
interest.
Rather than looking for individual exception items or unusual
transactions, CM often is installed in the form of dashboardlike screens
similar to a gas tank gauge in an automobile to monitor the ongoing
operation and status of the application.
Internal audit may review CM processes on a periodic basis but often
only to gain assurance that the overall process is working.
(b) Resources for Implementing CAA
i. Microsofts CAA approach
ii. ACL Continuous Assurance Systems
iii. Dashboard approach to monitoring: Business objects and others
29.2 Benefits of CAA
29.3 XBRL: Internal Based Extensible Business Reporting Language
(a) XBRL Defined
(b) Implementing XBRL
Data Warehouses, Data Mining, and OLAP
(a) Importance of storage tools
(b) Data warehouses and Data Mining
(c) Online Analytical Processing

Multidimensional conceptual views

Trend analysis over sequential time periods
Drill down capabilities to deeper levels of consolidation
Intuitive data manipulation
Rotation to new-dimensional comparisons in the viewing area
Reach-through to underlying detail data.

29.5 Newer technologies, the continuous close, and internal audit