Data Analysis and Data Integrity – part #1

A common refrain that I hear is, “We can’t rely on the data because it does not have integrity.” This raises a couple of questions in my mind and should in yours as well.  First, what is management using to produce its reports and make decisions?  Second, how accurate does your data have to be to allow you to perform analytics and arrive at valid recommendations/conclusions.  The obvious answer to…

August 10, 2022
Read More >>

Duplicates Invoices – Root Cause Analysis

Cost recovery firms make millions of dollars identifying and recovering duplicate payments.  They often have well developed analytics that can identify duplicate payments while reducing the number of false positives.  You will pay 25-50% but you are getting money back, so it feels like a win-win.  However, there are two things to keep in mind: 1) they go after the low hanging fruit and the largest possible duplicates; and 2)…

June 10, 2022
Read More >>

Data Analytics and Internal Audit

This is the next post in a series that discusses the importance of having a proper audit objective, defining the business goals and objectives, and the risks to the achievement of those objectives.  This article will discuss the identification and assessment of risk.  The next series of articles will look at the audit finding statement: Criteria, Condition, Cause, Impact and Recommendation.  The focus will be on the use of data…

February 16, 2022
Read More >>

Building a Sustainable Analytics Function

Study after study has shown that data analytics is effective and efficient at detecting risk and identifying control weaknesses, non-compliance, and inefficient business processes.  Chief Financial Officers (CFOs) and Chief Audit Executives (CAEs) have repeatedly stated that data analysis expertise is a much-needed skill, and surveys by the ACFE and CPA firms over the past 10 to 15 years have rated data extraction, data analysis, and analytical software as critical…

September 8, 2021
Read More >>

SOX Cost Reductions through Data Analytics

According to the Protiviti report, ‘SOX Compliance and the Promise of Technology and Automation1’ SOX compliance costs have shown year-over-year increases but are starting to level off.  It also states that organizations are beginning to make greater use of technology and automation to support the compliance process.  However, implementing automation in the SOX compliance process is difficult for many organizations.  Understanding and defining requirements, getting stakeholder buy-in, and the investment…

July 5, 2021
Read More >>

Unicorns and the Case for Analytics

It feels odd to have to continue to justify the need for and use of analytics.  What can I add that has not already been stated many times over the past 20-30 years?  Studies since the early 1990’s have pointed to the need for businesses and auditors to embrace the use of analytics.  More recently, Deloitte’s 2021 Global Risk Management Study1 recognizes the potential for digital risk management technology to…

April 27, 2021
Read More >>

The Why Factor

Too often auditors are satisfied with only finding the problem.  In fact, it is usually only ‘evidence that there is a problem’ and not the actual problem.  At which point their recommendations fall short of providing value and helping management improve controls and reduce risk. These types of audits often look something like this: Objective: Verify compliance with “A” Criterion – you are supposed to do “A” Condition – the…

August 2, 2020
Read More >>

37-Point Check-up for your ERP

COVID hasn’t really changed things for auditors – it has just brought things to the forefront that we should already have been doing.  Things like: focusing on key risks to the organization, and embracing and maximizing the use of analytics.  This article describes how an audit function can check on the robustness of the internal controls, identify and assess risks, prevent fraud, and provide assurance – remotely – by employing…

July 17, 2020
Read More >>

Analytics to support risk-based audit plan (RBAP)

The Risk-Base Audit Plan (RBAP) is an important output of Internal Audit.   Not only is it a requirement of the IIA standards, but it also focuses audit on the most significant risks affecting the organization.  In addition, it gives the Chief Audit Executives (CAEs) everything they needed to determine which audits will be performed and when; and to identify the required audit resources. However, developing a robust RBAP is not…

January 3, 2020
Read More >>

See Visualizations

Dave Coderre, RiverAA I have been performing analytics for more than 30 years and I am not sure if it was simply a case of “hard to teach an old dog new tricks” or what, but I never really saw the point of visualizing the results.  If I run an Accounts Payable duplicates test and identify $500K in duplicates and can tell you that it is because of three main…

October 6, 2019
Read More >>