This is the seventh in a series of articles on data analytics and internal audit. This article looks at the audit finding statement: recommendation. The focus will be on the use of data analytics to assist you in determining the recommendation. In simple terms, the recommendation is the action that management should take – putting in a control, changing a business process, etc. If the other components of the finding…
Audit Finding Attribute: Impact
This is the sixth in a series of articles on data analytics and internal audit. This article looks at the audit finding statement: Impact. The focus will be on the use of data analytics to assist you in determining the impact of what was observed (the condition) and to support the recommendation. In simple terms, the impact answers the ‘why should I care.’ What is the impact of controls failing…
Audit Finding Attribute: Cause
This is the fifth in a series of articles on data analytics and internal audit. This article looks at the audit finding statement: Cause. The focus will be on the use of data analytics to assist you in determining the cause of what was observed (the condition) and to support the development of the recommendation. In simple terms, the cause answers the ‘why.’ Why are controls failing to prevent and/or…
Audit Finding Attribute: Condition
This is the fourth in a series of articles on data analytics and internal audit. This article looks at the audit finding statement: Condition. The focus will be on the use of data analytics and how the condition supports the development of the recommendation. In simple terms, the condition is “what is.” Typically, the analytics are testing for the existence of something, and the results are the condition. For example,…
Audit Finding Attribute: Criteria
This is the third in a series of articles on data analytics and internal audit. This article looks at the audit finding statement: Criteria. The focus will be on the use of data analytics and how the criteria play an important role in the development of analytics to support and inform the audit. IIA Standard 2210.A3 states that “adequate criteria are needed to evaluate controls.” Simply put, the audit criteria…
Data Analytics and Internal Audit
This is the next post in a series that discusses the importance of having a proper audit objective, defining the business goals and objectives, and the risks to the achievement of those objectives. This article will discuss the identification and assessment of risk. The next series of articles will look at the audit finding statement: Criteria, Condition, Cause, Impact and Recommendation. The focus will be on the use of data…
Analytics – Pet Peeves
As a promoter of data analysis for fraud, internal controls, and audit for more than 30 years, I am often asked, “Which software tools or application should I use?” While I have packages that I have used for 30+ years, and am a co-founder of an data analytics service provider (WWW.CTRLmatters.Com) , I hesitate to answer the question. The capabilities and robustness of data analytics are changing very quickly, and…
Better Audit Recommendations
Setting the proper objective is critical to delivering on a quality, value-add audit. It must be strongly linked to the goals and objectives of the entity being audited; drive the risk identification and assessment; and be a foundation for the audit workplan and conduct of the audit. And ultimately, is it the statement upon which the audit concludes. Yet too many audits have poor objectives. I have performed analysis in…
My Analytics Journey
Dave Coderre, Co-Founder CTRLmatters It occurred to me today that I have been performing internal audits and reviews for more than half my life. Throughout the years I had had many failures and successes. I have learned from both by identifying lessons-learned when things worked and even more importantly when they didn’t. I also took responsibility for my failures and shared my successes with the auditors on my teams. In…
Building a Sustainable Analytics Function
Study after study has shown that data analytics is effective and efficient at detecting risk and identifying control weaknesses, non-compliance, and inefficient business processes. Chief Financial Officers (CFOs) and Chief Audit Executives (CAEs) have repeatedly stated that data analysis expertise is a much-needed skill, and surveys by the ACFE and CPA firms over the past 10 to 15 years have rated data extraction, data analysis, and analytical software as critical…