Search results

The advances and continuous development of technology have been identified as significant influences on the accounting profession (AICPA, 1998). In the last twenty years, both academia and the accounting profession have been giving much attention to the demand and opportunity for audits to be performed automatically, continuously and in nearly real time. This paper presents a comprehensive review of continuous auditing research by providing an overview of the emergence and growth of the continuous auditing literature and classifying the extant continuous auditing research on the basis of four research characteristics indicated by a newly developed research taxonomy.

The advances and continuous development of technology have been identified as significant influences on the accounting profession (AICPA, 1998). In the last twenty years, both academia and the accounting profession have been giving much attention to the demand and opportunity for audits to be performed automatically, continuously and in nearly real time. This paper presents a comprehensive review of continuous auditing research by providing an overview of the emergence and growth of the continuous auditing literature and classifying the extant continuous auditing research on the basis of four research characteristics indicated by a newly developed research taxonomy.

In this paper we report on the approach we have developed and the lessons we have learned in an implementation of the monitoring and control layer for continuous monitoring of business process controls (CMBPC) in the US internal IT audit department of Siemens Corporation. The architecture developed by us implements a completely independent CMBPC system running on top of Siemens’ own enterprise information system which has read-only interaction with the application tier of the enterprise system. Among our key conclusions is that “formalizability” of audit procedures and audit judgment is grossly underestimated. Additionally, while cost savings and expedience force the implementation to closely follow the existing and approved internal audit program, a certain level of reengineering of audit processes is inevitable due to the necessity to separate formalizable and non-formalizable parts of the program. Our study identifies the management of audit alarms and the prevention of the alarm floods as critical tasks in the CMBPC implementation process. We develop an approach to solving these problems utilizing the hierarchical structure of alarms and the role-based approach to assigning alarm destinations. We also discuss the content of the audit trail of CMBPC.

The pressure is on organizations to go beyond automating their internal audit activities and develop and integrate internal auditing into business processes of the enterprise. This paper aims to propose a “full power” continuous auditing (CA) model with three key components: electronic audit evidence functions; intra‐process auditing; and inter‐process auditing.

This paper follows a design science approach by identifying relevant problems from the current literature, defining the objectives of the study, designing and developing the “full power” CA model, and evaluating the model. The model supports business process‐centric auditing and enhances the business monitoring capacities of organizations enabling the fulfillment of increasingly stringent compliance requirements with internal policies as well as external regulations.

This work has attempted to fill the gap between the enterprise solutions offered by enterprise system providers and a structured approach to auditing within enterprise environments by proposing the IIPCA model which combines the automated controls inherent in the systems with continuous audits based on electronic audit evidence. The approach provides for auditing both within and between processes ensuring comprehensiveness of the audit process.

The paper makes a contribution by proposing a “full power” continuous auditing model on the principle of continuous monitoring and with predefined building block components; facilitating the integration of continuous auditing within business information processing in an enterprise using different building blocks; and giving practitioners insight on the adoption of the CA in the enterprise and how it will enhance their audit effectiveness, and audit efficiency.

The purpose of this paper is to analyze the hurdles, compared with that in the United States, for the implementation of Continuous Auditing in China. As a timely, cost-saving and efficient auditing method, continuous auditing is being increasingly adopted throughout the world. However, while it is increasingly applied in the USA, continuous auditing is still in its infancy in China.

This paper compares and contrasts China and the USA in three important dimensions that determine the “economic architecture” of assurance: the business environment, the audit profession and technology.

The authors find that excessive government intervention in business, the lack of competition, independence of auditors, the support from management and the continuous auditing-specific regulations, as well as the technology gap between these two countries, are the main barriers for the implementation of continuous auditing in China.

The findings of this paper provide better understanding of the drivers of continuous auditing adoption in the USA and the barriers toward doing so in China.

The term “continuous auditing” has never been formally introduced until the release of the draft of the Internal Control Audit Guide in 2011.

The paper highlights how technology by itself is not deterministic, but given the extraordinary rise in the Chinese economy in both its size and its sophistication, it has be to assumed that its “leapfrog” into parity if not outright leadership in continuous assurance is still a matter of “when” and not of “if”.

In the almost twenty years since Vasarhelyi and Halper (1991) reported on their pioneering implementation of what has come to be known as Continuous Auditing (CA), the concept has increasingly moved from theory into practice. A 2006 survey by PricewaterhouseCoopers shows that half of all responding firms use some sort of CA techniques, and the majority of the rest plan to do so in the near future. CA not only has an increasing impact on auditing practice, but is also one of the rare instances in which such a significant change was led by the researchers. In this paper we survey the state of CA after two decades of research into continuous auditing theory and practice, and draw out the lessons learned by us in recent pilot CA projects at two major firms, to examine where this unique partnership between academics and auditors will take CA in the future.

The traditional audit paradigm is outdated in the real time economy. Innovation of the traditional audit process is necessary to support real time assurance. Practitioners and academics are exploring continuous auditing as a potential successor to the traditional audit paradigm. Using technology and automation, continuous auditing methodology enhances the efficiency and effectiveness of the audit process to support real time assurance. This paper defines how continuous auditing methodology introduces innovation to practice in seven dimensions and proposes a four-stage paradigm to advance future research. In addition, we formulate a set of methodological propositions concerning the future of assurance for practitioners and academic researchers.

During a pandemic, with businesses implementing social distancing protocols and work-from-home strategies, the use of continuous controls monitoring (CCM) may add value to the internal audit function. This study aims to examine the use of CCM technologies and the impact on the internal audit function during a pandemic.

This study adopted a case study approach for this study because it focuses on questions of “how” and “what.” Case studies provided an opportunity for an in-depth analysis of the phenomena being investigated. Semi-structured interviews were used to collect data. This study did not use sampling. Instead, multiple case studies were used for data collection.

Based on the findings, this study makes several contributions to the literature, for example, in health-care evidence suggests the pandemic has caused internal audit to focus on risk areas. Other industries, such as retail, have invested in CCM. However, in all cases, education and preparedness (or the lack thereof) appeared to significantly influence uptake of CCM. Organizations that made prior investments in CCM technologies experienced greater acceptance in the face of changing demands. Training in emerging technologies is a key competency in supporting audit operations in changing environments.

As the study was conducted with a small sample of cases, findings cannot be extrapolated nor generalized beyond the case study organizations.

This study found that several factors limit adoption, exploitation and further development of CCM technologies, such as lack of top management support, acceptance of CCM technologies and suitable education and training of internal audit staff.

This study addresses the issue of the value that CCM offers organizations and whether it is a silver bullet that the internal audit profession needs, particularly when physical access to organizations may be restricted. The COVID-19 pandemic placed considerable focus on digital access. Better IT systems and more data will allow organizations to better support employees, inform strategic and financial decisions and engage stakeholders. During the recovery phase, leveraging investments in CCM technologies will contribute to internal audits’ ability to help clients to manage organizational risk.