A continuous auditing web services model for XML-based accounting systems

“…The architecture consists of eight elements: "(1) data-capture layer, (2) data-filtering layer, (3) relational storage, (4) measurementstandards layer, (5) inference engine, (6) analytic layer, (7) alarms and alerting layer, and (8) reporting platform" (Vasarhelyi et al 2004, p. 12). Related to this architecture, Kuhn and Sutton (2006) proposed using the architecture specifically for detecting financial statement fraud and discussed how a continuous analytical monitoring model of certain "key-event-transactions" can be used to alert auditors of potential management fraud, while Murthy and Groomer (2004) proposed a new Web Services based monitoring and control layer architecture for business process monitoring that would facilitate and standardize the communication between assurance providers and clients. While not monitoring transaction level data or internal controls for exceptions, nor monitoring data in real-time, Nigrini and Johnson (2008) report on an implementation where restaurants are scored on ten key variables using data from monthly sales reports to help internal auditors decide which restaurants to investigate.…”

Information Fusion in Continuous Assurance

“…The architecture consists of eight elements: "(1) data-capture layer, (2) data-filtering layer, (3) relational storage, (4) measurementstandards layer, (5) inference engine, (6) analytic layer, (7) alarms and alerting layer, and (8) reporting platform" (Vasarhelyi et al 2004, p. 12). Related to this architecture, Kuhn and Sutton (2006) proposed using the architecture specifically for detecting financial statement fraud and discussed how a continuous analytical monitoring model of certain "key-event-transactions" can be used to alert auditors of potential management fraud, while Murthy and Groomer (2004) proposed a new Web Services based monitoring and control layer architecture for business process monitoring that would facilitate and standardize the communication between assurance providers and clients. While not monitoring transaction level data or internal controls for exceptions, nor monitoring data in real-time, Nigrini and Johnson (2008) report on an implementation where restaurants are scored on ten key variables using data from monthly sales reports to help internal auditors decide which restaurants to investigate.…”

Information Fusion in Continuous Assurance

“…In the literature, continuous assurance also appears to be a broad term for services that aim to provide continuous assurance to the buyer of these services or to a third party (Best et al 2004;Alles et al 2002;Elliot 2002;Rezaee et al 2002;Sutton 2006;Jones & Xiao 2003;Yu et al 2000;Murthy & Groomer 2004;Searcy & Woodroof 2003;Nelson 2004). The term continuous assurance is a more farreaching term than continuous auditing as the latter service focuses on assurances only related to the annual financial report (Alles et al 2002).…”

“…The EAM approach, its benefits, drawbacks, technologies and processes have been discussed for many years (Groomer & Murthy 1989;Groomer & Murthy 2003;Alles et al 2004;Murthy & Groomer 2004, Debreceny et al 2005Alles et al 2006). EAMs are basically independent software modules embedded in an information system where they monitor transactions and activities.…”

Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

“…Existing auditing solutions and tools are hopelessly outdated and are not applicable to SOA solutions [ [17]. These are tightly coupled to the controlled application, and assume that applications are homogenous and monolithic in nature.…”

Compliance Requirements for Business-process driven SOAs