In this summary, we will cover:
- What continuous Auditing and continuous monitoring are.
- The current state of continuous Auditing and continuous monitoring in organizations/firms.
- Why continuous auditing and continuous monitoring is still struggling for acceptance.
- Continuous auditing (CA) helps an auditor to use technological tools to easily collect and analyze data quickly instead of the traditional manual process.
- Continuous monitoring (CM) is mostly done by the management of the organization. They are responsible for implementing and monitoring policies, processes, and internal controls so that they are effectively working.
- Few practitioners are aware of CA and CM, but its potential is yet to be discovered. Therefore, CA/CM should be properly advocated for, so as to the effective/efficient audit process.
- The CA/CM is still at an inconsistent/insubstantial state as it is currently struggling to gain recognition in the accounting/finance world.
- The CA/CM is still struggling to gain recognition in mostly the external auditing because CA/CM is seen as an extremely costly undertaking and payback period which is extremely lengthy.
Normally audits (traditional audits) are performed once a year with the collection of audit data yearly, this, however, brings us to continuous auditing and continuous monitoring. CA is often made possible by the use of technological tools which easily collects data and analyzes it quickly. Meanwhile, this kind of auditing is done frequently that is, on a daily basis other than the standard audit process. CM is mostly managed by the organization/firm, the management/manager ensures that the policies, processes, and internal controls are implemented and monitored hence, ensuring that they are working effectively. One would think that the CM process is monitored by the auditor meanwhile it is handled by the management of the organization, while the auditor handles the CA.
Why do firms use CA and CM?
Most firms, mostly the internal auditors use the CA/CM because;
- It is comprehensive and has timely information. That is, it has the ability to provide vital information in a real-time context.
- It has the ability to perform a higher quality audit which consumes fewer resources other than the traditional methods.
- CA/CM also has the capacity to assist in the mitigation and also the prevention of problems in specific risk areas.
- CA/CM has the capability/mechanisms to uncover fraudulent activities in formative stages unlike the traditional approach of discovering fraudulent activity.
- CA/CM also has the ability to reform the manner in which businesses operate in the sense that, CA/CM contributes to organizational effectiveness, efficiency, and long-term profitability.
The services rendered by CA/CM are; it controls and processes, dispenses operational risk management services, it converts from manual to automated data, it designs controls around processes, it also formulates tests and monitors routines and finally provides full-service packages including tools, installation, setup, training, and maintenance.
What can firms do to promote CA/CM?
Most firms haven’t adopted the use of CA/CM because its use and relevance hasn’t been well known and most practitioners do not have the required skill set/expertise for dispensing the CA/CM services. In order to promote the use of CA/CM;
- Firms, especially public firms should be able to ensure that there is a shift away from the old mentality of manual sampling and testing in audits to a more comprehensive standard with CA/CM as the basic foundation.
- There is a need for advocacy mechanisms. Standard bodies like PCAOB should be able to assist with advocating for CA/CM, for instance, they could issue papers on various topics relevant to CA/CM. topics like; explaining the concept of CA/CM, how to implement it, its relative value, how it can transform businesses. This should be made known to practitioners because if they fully understand CA/CM concepts, they can likely embrace CA/CM approach.
- It is believed that PCAOB can be useful in the transitioning of firms from manual auditing to the more automated and standardized domain.
Finally, organizations have not started reaping the benefits that CA/CM could yield. Though some gains have been made in internal audit application but there hasn’t been an increase in the CA/CM application to external auditing and since some accounting professionals do not possess the necessary capabilities to handle CA/CM initiatives, it is necessary for firms to know that CA/CM is vital for the transformation of manual audit to an automated process.
AICPA (2015) ‘Audit analytics and continuous audit: looking toward the Future’. Pg. 53-63, New York.