Editorial

Editorial

Article Type: Editorial From: Managerial Auditing Journal, Volume 31, Issue 1

I would like to thank everyone who submitted papers for this special issue and also to the reviewers who provided quality feedback and assistance in getting these manuscripts ready for publication. This special issue of Managerial Auditing Journal is dedicated to the fields of continuous auditing/monitoring (CA/CM) and continuous reporting. While continuous auditing as a conceptual approach has been around for a number of years, starting with the paper by Miklos Vasarhelyi and Fern Halper (1991), initial impediments to implementations of CA/CM approaches were primarily technological. This is not unlike the early work in relational databases, as it was also a desired possibility, but the required technology was unavailable. Today, we do see many firms using more real-time approaches to monitoring and auditing their transactions. However, there are some concerns that continue to be raised. While technology is still a critical hurdle, other concerns include the commitment by management to providing the necessary resources and the problems associated with dealing with large amounts of data. In this special issue, we have papers that focus on each of these concerns.

One of the major applications of CA/CM has been in the evaluation of internal controls. In most firms, the evaluation of internal controls is done to provide additional assurance about the quality of a firm’s financial information. However, the committee of sponsoring organizations (COSO) framework also considers that controls improve the effectiveness and efficiency of operations and adherence to applicable laws and regulations. There is a good deal of research that does imply that the quality of internal controls can impact these other areas and improve the quality of information that is not just financial. In the paper entitled, “Internal Control Effectiveness – A Clustering Approach”, by Länsiluoto et al., we see an examination of the relationship between the three areas in which internal control systems can benefit an organization (efficiency and effectiveness of operations, reliable financial disclosure and compliance with laws and regulations) and the five areas of the COSO framework. The COSO report indicates that all components of the framework must be present for effective internal control. The authors find that the quality of each of the five components is not consistent across their sample of firms in Finland and that the difference in the quality of the components is related to the quality of the benefits to the organization. Using self-organizing maps (SOM), they find evidence of four distinct clusters with varying levels of quality in each of the COSO components and varying levels of benefit that internal controls provide to organizations. The SOM section of the paper is not necessary to understand their results, but does provide a good background and explanation of the SOM methodology. Not surprisingly, they find that firms with the highest level of quality in the COSO components also obtain the highest level of benefits from their internal control systems. Their findings for the other three clusters will provide the reader with an interesting perspective of the impact of lower-quality COSO components and the resultant impact on the benefits provided by internal controls. This paper adds to the literature by providing a framework to understand how the effectiveness of the COSO components might impact the benefits derived from internal controls.

The paper by Singh and Best provides another approach to visualizing the connections within large data sets. Their paper entitled, “Interactive Visual Analysis of Anomalous Accounts Payable Transactions in SAP Enterprise Systems”, provides the reader with various visual analyses of a transaction set. The authors’ purpose is to provide the reader with various visualizations of their data that might be useful in detecting fraudulent transactions. The problem with fraudulent transactions is that they occur in such small numbers that many statistical sampling techniques have a very small chance of detecting these transactions. Therefore, other techniques need to be part of the auditor’s toolkit. The authors present a number of ways to visualize accounts payable transactions and show how each can provide some insight into anomalies in their large data set. The benefits of viewing data is not limited to those situations when investigators want to deal with possible fraudulent transactions, and so readers may think of other situations to apply the approaches suggested in the paper. As with the first paper, this one provides additional methods to provide humans with an approach to organizing a large amount of information into a format they can examine more readily.

The third paper in this special issue also addresses the problems associated with making large sets of data available and useable. Lucian Cristian’s paper, “Considerations Regarding the Design of an Online Collaboration Audit System”, provides an approach to making audit information readily available to broad groups of stakeholders. The research question addressed in the paper considers International Standards on Auditing such as 510, which stipulates that auditors should have access to information in predecessor working papers. The author is concerned with the design of such a system to meet the needs of various audit stakeholders in the Romanian audit environment. While it is true that most firms, by any measure, are in countries with advanced technologies, auditing must occur in other locations where certain technological issues need to be addressed. Thus, it continues to be true that some of the impediments to CA/CM are still technological, and it is critical to understand how these issues can be addressed. In this paper, an approach to making audit evidence continuously available is presented. Concerns of stakeholders interested in data compiled about the performance of the firm are also addressed.

In the fourth paper by Appelbaum et al., we get another view of possible issues that can impact the implementation and use of CA/CM. Their paper, “Designing CA/CM to Fit Not-for-Profit (NFP) Organizations”, examines the problems related to the use of the technology in a firm that does not have the same pressures as most firms using CA/CM. Most firms that are willing to implement CA/CM technologies have pressures such as compliance with SOX and therefore can see benefits both to their operations as well as to their audit process. For NFPs, there is a question of whether this technology can show real benefits to the organization. This paper uses a case study approach to develop a strategy to both understand a particular business process and then to design a CA/CM solution. As with the Länsiluoto et al. paper, the reader is not required to have an initial understanding of the case study methodology to understand the results of this project. However, reading this section of the paper can provide a useful background in the case study methodology. This paper adds to the body of research on CA/CM by examining a pressing issue regarding the CA/CM technology. Is CA/CM appropriate for all firms? Additionally, what benefits can firms without SOX pressures realize from the efforts required to implement this technology?

The final paper of this special issue, by Amin and Mohamed, looks at an area of continuous reporting; the use of the Internet to report financial information. Their paper entitled, “Auditors’ Perceptions of the Impact of Continuous Auditing on the Quality of Internet Reported Financial Information in Egypt”, examines the relationship between continuous audit and continuous reporting. The Internet is an accepted method to provide all types of information. However, to provide financial information over the Internet, certain quality issues must be considered. If the information provided over the Internet is just a copy of the firms’ annual report, then users simply need to bypass sites such as the SEC.gov to get a firm’s financial data. However, if the information provided over the Internet is changed to reflect new conditions within the firm, then its quality must be considered. Therefore, the continuous review or audit of the information to be made continuously available becomes a relevant question. The paper examines the perceptions of independent auditors working in Egypt of the impact that CA/CM can have on certain aspects of Internet-reported financial information. Some of their findings are not surprising, as the auditors do perceive that CA/CM will reduce audit time and will permit more timely disclosure. Other results are not so obvious and provide the readers with some areas for additional investigation.

Again, I am grateful both to the authors who have made their work available for publication in this special issue and to the reviewers who provided the authors with suggestions to improve their work. I trust that all readers of this special issue will find some benefit from reading the papers presented herein.

Graham Gal - Isenberg School of Management, University of Massachusetts, Amherst, Massachusetts, USA