explain how information technology has impacted assurance services and has led to continuous assurance

click to edit

Continuous auditing

click to edit

derives from

Continuous assurance by internal auditors

can apply to assurance on historical financial information, non-financial information, systems reliability and behaviour

key

involves the use of embedded modules in a client’s computer system to perform auditing activities, such as control and risk assessments, on a more frequent basis.

The key to continuous auditing is that it produces audit results simultaneously with, or a short period of time after, the relevant events

Data analytic techniques have the ability to analyse complete populations of data in order to identify patterns, correlations, and deviations from expected results. As such, they have the potential to provide efficient and reliable audit techniques.

rapid advances in information technology over recent years. This has resulted in a large amount of information being available more quickly to a wide range of users.

decision-makers need continuous information on which to base their decisions, it is likely that they will also require independent assurance on the reliability of that information.

would evaluate

In a continuous audit,

continuous financial statement audit

auditors would evaluate, using suitable criteria, the relevant subject matter information as described above

the suitable criteria would be the IFRS.

Evidence

methods of obtaining audit evidence, including inspection, observation, enquiry, recalculation, reperformance and analytical procedures.

It also relies heavily on automated tools and techniques to provide much of the evidence because of the time period within which reporting is required.

For example, management would design controls to prevent, detect and correct errors so that the likelihood of a material error is reduced to an appropriate level.

These controls would include alarm triggers, which are automated warnings to management and auditors that:

• controls are functioning as intended and have identified an error that requires investigation and, if necessary, correction by management
• controls do not appear to be functioning as intended, based on pre-determined indicators or anomalies in the information being generated.

A continuous audit engagement can be either:

• an attestation engagement, or

• a direct engagement.

attestation engagement

an attestation engagement provides an opinion, using suitable criteria, on management’s written assertion.

direct engagement

In a direct engagement for a continuous audit, the auditor’s report provides an opinion on subject matter for which management is responsible

For example, the auditor can report on the fairness of management’s written assertion that, in all significant respects, the company maintains effective controls in conformity with certain criteria.

For example, the auditor’s opinion could state directly whether the entity maintains effective controls in conformity with certain criteria.

See internal audit map