Woman leads group meeting
ComplianceFinanceTax & AccountingMay 18, 2022

3 frequently asked questions about audit analytics

Audit analytics, audit data analytics, or IT audit analytics refers to the intelligence generated from reviewing audit-related information, often through the use of technology. Like a variety of other forms of data analytics, audit analytics involves analyzing data to find actionable, and often hidden, audit insights. Using audit analytics can be a great way for an audit team to better identify risks, while providing opportunities to strengthen their overall audit methodology, and to make data-driven recommendations.  

This article identifies and expands on three frequently asked questions specific to the topic of audit analytics.

Ad hoc or changing audit data set?

Audit teams often audit a function or process only once in each two- or three-year cycle. As such, they often work with new or changing data sets and understand that the underlying audit needs remain the same, but that the data sets change with each audit.

Audit analytics maturity curves generally describe less mature processes as “ad hoc”, progressing up to being repeatable and then automated/continuous. However, in many internal audit programs, audits are performed one time or are only repeated after several years. So, how can these audit organizations progress up the maturity curve?

What other organizations have suggested is that they standardize, and/or streamline, what they can. One example would be the way data is accessed. Although they may be accessing different data each time, the processes that they have established with IT helps to avoid the notion of completely “re-inventing the wheel”. This often includes how the data will be transferred, as well as streamlining the request for data and signoff process to access to the data, among other things.

Some organizations have created templates to help them ask the right questions about what tests can be (or should be) run. These templates are typically higher-level questions but are needed to drill into the more specific questions pertinent to the audit. 

I believe curiosity is an auditor’s greatest trait, and analytics is a great complementary tool to aid their exploration.
Ken Petersen, Associate Director and Product Manager for TeamMate Analytics

Leveraging these tests is also important. For example, is there a need to look for duplicates, is there value to pulling outliers, etc.?  Although the data and the overall parameters will be different, the fundamentals of these tests are the same across each audit.

How best to use audit analytics to validate (or challenge) initial assumptions?

It’s not uncommon for the audit team or auditee (or both) to have formed an opinion based on preliminary work or information, with an assumption that was challenged by the data analysis work.

Data analytics supports an auditor’s natural curiosity and review. When done correctly and consistently, it often reveals new questions or paths of inquiry. This is precisely the benefit of putting analytics tools into the hands of all auditors. This is the best way to uncover hidden risks and deliver value to the organization.

Furthermore, this underscores the value of being agile. Agile auditing provides audit teams the flexibility to dig deeper into areas where preliminary or related information raises concerns or additional questions.

No one likes surprises. Early communication with the appropriate parties is always appreciated. Data and evidence-based support will be valued in your communications when findings are not as they were originally anticipated.

Are there basic analytics tests that can be used to help auditors gain confidence when starting an analytics program?

With any data set you receive, checks for completeness and accuracy should always be performed. This includes confirming data is formatted correctly (a numeric field is numeric for all records, confirming data is within sensible or required ranges, etc.). For example, if you asked for all data for a given month, check that all dates are within that range, confirm that you received the correct number of records, and that the amounts cross check to another source.

Always look at graphical representations of the data. This is a good way to initially become familiar with the data and look for unexpected data patterns. A TeamMate Analytics customer did this with their data and immediately recognized many instances of a transaction type that neither she nor the auditee expected.

It’s common to manipulate data for either analysis or reporting purposes. Having a robust toolset that is easy to use can save hours of time. In fact, TeamMate Analytics customers have told us that using our tools to manipulate data have saved them many hours per month.

Keep in mind, the above three questions are preliminary to the process of digging in and doing the data analysis auditors should be performing on a regular basis. The most common tests we see internal auditors conducting are joining data sets together, looking for duplicates and summarizing data. We also see an emphasis on sampling, but this is often done on data that has been reduced based on other tests or on tests that have been summarized.

Ken Petersen
Associate Director, Product Management
Ken has over 25 years of experience in developing and implementing systems and working with data in a variety of capacities while working for both Fortune 500 and entrepreneurial software development companies. Since 2002 Ken’s focus has been on the Governance, Risk, and Compliance space helping numerous customers across multiple industries implement software solutions to satisfy various compliance needs including audit and SOX.
Back To Top