Audit analytics, audit data analytics, or IT audit analytics refers to the intelligence generated from reviewing audit-related information, often through the use of technology. Like a variety of other forms of data analytics, audit analytics involves analyzing data to find actionable, and often hidden, audit insights. Using audit analytics can be a great way for an audit team to better identify risks, while providing opportunities to strengthen their overall audit methodology, and to make data-driven recommendations.
This article identifies and expands on three frequently asked questions specific to the topic of audit analytics.
Ad hoc or changing audit data set?
Audit teams often audit a function or process only once in each two- or three-year cycle. As such, they often work with new or changing data sets and understand that the underlying audit needs remain the same, but that the data sets change with each audit.
Audit analytics maturity curves generally describe less mature processes as “ad hoc”, progressing up to being repeatable and then automated/continuous. However, in many internal audit programs, audits are performed one time or are only repeated after several years. So, how can these audit organizations progress up the maturity curve?
What other organizations have suggested is that they standardize, and/or streamline, what they can. One example would be the way data is accessed. Although they may be accessing different data each time, the processes that they have established with IT helps to avoid the notion of completely “re-inventing the wheel”. This often includes how the data will be transferred, as well as streamlining the request for data and signoff process to access to the data, among other things.
Some organizations have created templates to help them ask the right questions about what tests can be (or should be) run. These templates are typically higher-level questions but are needed to drill into the more specific questions pertinent to the audit.