Meeting Challenges and Expectations of Continuous Auditing in the Context of Independent Audits of Financial Statements

Du, Hui; Roohani, Saeed

doi:10.1111/j.1099-1123.2007.00359.x

Cited by 32 publications

(17 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this approach the continuous monitoring and auditing system is separate from the client's enterprise system. MCLs are stand-alone systems that rely on comparisons of extracted transaction data with pre-determined constraints that allow for continuous monitoring of systems and identification of violations (Du and Roohani, 2007).…”

Section: Monitoring and Control Layer (Mcl)mentioning

confidence: 99%

Automating Vendor Fraud Detection in Enterprise Systems

Singh¹,

Best²,

Mula³

2013

JDFSL

View full text Add to dashboard Cite

Fraud is a multi-billion dollar industry that continues to grow annually. Many organizations are poorly prepared to prevent and detect fraud. Fraud detection strategies are intended to quickly and efficiently identify fraudulent activities that circumvent preventative measures. In this paper, we adopt a DesignScience methodological framework to develop a model for detection of vendor fraud based on analysis of patterns or signatures identified in enterprise system audit trails. The concept is demonstrated by developing prototype software. Verification of the prototype is achieved by performing a series of experiments. Validation is achieved by independent reviews from auditing practitioners. Key findings of this study are: (a) automating routine data analytics improves auditor productivity and reduces time taken to identify potential fraud; and (b) visualizations assist in promptly identifying potentially fraudulent user activities. The study makes the following contributions: (a) a model for proactive fraud detection; (b) methods for visualizing user activities in transaction data; and (c) a stand-alone Monitoring and Control Layer (MCL) based prototype.

show abstract

Section: Monitoring and Control Layer (Mcl)mentioning

confidence: 99%

Automating Vendor Fraud Detection in Enterprise Systems

Singh¹,

Best²,

Mula³

2013

JDFSL

View full text Add to dashboard Cite

show abstract

“…A permanent communication connection to the auditing object is necessary (i.e., the cloud service). To enable a permanent communication, [15] developed a continuous auditing model, which effectively connects the auditor's systems to the auditee's systems, by using XML and CORBA. Similar auditing architectures include independent monitoring and control layers for continuously querying and analyzing auditing objects [3,42,52,53].…”

Section: System Architecturementioning

confidence: 99%

“…For example, [30] analyzed the OVAL (Open Vulnerability and Assessment Language) and the XCCDF (Extensible Configuration Checklist Description Format) to enable (semi-) automated IT controls checks, patch and configuration management validation, and vulnerability assessments. The provided tools, processes, and capabilities may differ based upon the extent, kind, and objectives of the used auditing system [15,42,52,53].…”

Section: System Architecturementioning

confidence: 99%

See 1 more Smart Citation

What is Really Going On at Your Cloud Service Provider? Creating Trustworthy Certifications by Continuous Auditing

Lins

Thiebes

Schneider

et al. 2015

2015 48th Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Cloud service certifications attempt to assure a high level of security and compliance. However, considering that cloud services are part of an everchanging environment, multi-year validity periods may put in doubt the reliability of such certifications. We argue that continuous auditing of selected certification criteria is required to assure continuously reliable and secure cloud services and thereby increase the trustworthiness of certifications. Continuous auditing of cloud services is still in its infancy, thus, we performed a systematic literature review to identify automated auditing methods that are applicable in the context of cloud computing. Our study yields a set of automated methods for continuous auditing in six clusters. We discuss the identified methods in terms of their applicability to address major concerns about cloud computing and how the methods can aid to continuously audit cloud environments. We thereby provide paths for future research to implement continuous auditing in cloud service contexts.

show abstract

“…This approach also has a rather long history in the context of information systems dating as far back as 1991 (Vasarhelyi & Halper 1991;Vasarhelyi et al 2004;Kuhn & Sutton 2005;Alles et al 2006;Kuhn & Sutton 2006;Du & Roohani 2007;Li et al 2007). The MCL differs from the EAM in that it is an independent non-integrated software solution that uses middleware to extract data from the enterprise system which is to be monitored.…”

Section: Continuous Assurancementioning

confidence: 99%

Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Best¹,

Ríkharðsson²,

Toleman³

2009

JDFSL

View full text Add to dashboard Cite

Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in enterprise systems. The steps in this process are: (1) threat monitoringsurveillance of security audit logs for 'red flags', (2) automated extraction and analysis of data from audit trails, and (3) using forensic investigation techniques to determine whether a fraud has actually occurred. We demonstrate how mySAP, an enterprise system, can be used for audit trail analysis in detecting financial frauds; afterwards we use a case study of a suspected fraud to illustrate how to implement the methodology.

show abstract

Meeting Challenges and Expectations of Continuous Auditing in the Context of Independent Audits of Financial Statements

Cited by 32 publications

References 14 publications

Automating Vendor Fraud Detection in Enterprise Systems

Automating Vendor Fraud Detection in Enterprise Systems

What is Really Going On at Your Cloud Service Provider? Creating Trustworthy Certifications by Continuous Auditing

Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Contact Info

Product

Resources

About