Charting your Journey Towards Continuous Auditing and Monitoring through Improved Techniques for Data Analysis 

Whether or not your audit shop has the latest automated technology, continuous auditing may be an effective option for you. Continuous auditing involves performing control and risk assessments on a frequent basis, if not virtually in real-time. Recently, the need to accelerate audit activities has led to the increased adoption of continuous auditing as a vital monitoring tool. This course walks through the process of continuous auditing using real-world examples.

Course Duration: 1 day 

CPE Hours Available: 6

Knowledge Level: Beginner/Intermediate 

Field of Study: Auditing

Prerequisites: None

Advance Preparation: None

Delivery Format: Group-Live 

Fees: $250.00| Becuase we are a local chapter of the IIA , we are able to offer this course at a very reasonable rate. Similar courses can cost close to $400 or more! 

Registration and Payment Deadline: Friday, January 25, 2013

Schedule: 8:00 am-8:30 am - Sign in and breakfast|8:30-3:30 Training with a 1-hour break for lunch 

Meals: Continental breakfast will be provided. The students will be responsible for lunch on their own. The Learning Tree facility is in a very upscale business area with plenty of dining options, including Thai, shushi, Starbucks, American cuisine, pizza, and deli options within a 5-minute walk. 

Outline:

1. Case Studies and Headline Examples. Why are Data Analysis and Continuous Auditing such important topics for Internal Audit?

• Discuss headlines and examples of why it's so important to be migrating from analyzing a sample of transactions to testing the entire population
• Discuss the speed of change as it relates to Risk Assessment.  Why updating an audit plan only once a year may not be good enough
• Making the transition to data-driven Risk Assessment and audit project selection
• How to get there?  QuickStart methodology.  Discussion of skills and techniques needed to incorporate use of data analysis into internal audit processes.  

2. IIA Guidance from the Global Technology Audit Guides (#3, #13, and #16)

• Distinguish between Data Analysis, Continuous Auditing and Continuous Monitoring. How are they similar?  How do they differ?
• Continuous Risk Assessment (i.e. Project Selection) vs. Continuous Controls Assessment
• Data analysis as an integrated part of a broader anti-fraud program
• Explore the value of data-driven risk assessment and the notion of incorporating more frequent interviews, surveys, and trending queries / ratios into audit project selection.

 3. Maturity Model Introduction

• Distinguish between Data Analysis, Continuous Auditing and Continuous Monitoring. How are they similar?  How do they differ?
• Continuous Risk Assessment (i.e. Project Selection) vs. Continuous Controls Assessment
• Data analysis as an integrated part of a broader anti-fraud program
• Explore the value of data-driven risk assessment and the notion of incorporating more frequent interviews, surveys, and trending queries / ratios into audit project selection.

 4. Continuous auditing maturity model exercise

• Case study / example from Arrowpoint Capital (profiled in Fall 2009 Issue of Internal Auditing magazine).  Updates since Fall 2009 to discuss their continued progression
• Discuss best practices for Brainstorming, Data Acquisition, Scripting, Analyzing, and Reporting the results of data-driven audit procedures.  
• Self-assessment.  Review model and identify where your team is today.  And where you might like to progress to, by when…

 5. Group discussion, exercise on data analysis, specific to a business process

• Brainstorming exercise of identifying audit objectives and related tests that can be developed using techniques discussed in the earlier QuickStart discussion. (note: selection of business process will be based on Industries and/or Organizations represented in class.  Exercises can be cross-industry like review of Journal Entries or P-Card, or specific to HealthCare or Government, like Grant Compliance)
• Templates / Techniques for mapping Brainstorming results against available data.

 6. The relationship between Data Analysis and Risk Assessment. 

• Good / Better / Best.  Use of survey, interviews, trending queries and exception queries in Risk Assessment and Audit Project Selection.
• Moving up the Maturity Curve.  Incorporating the output from periodic Data Analytics as input into an audit plan
• What works in practice – experiences and examples

7. Specific Tips for Moving Up the Maturity Curve, including wrap-up and takeaways for your next audit.  

• Review of QuickStart approach in the context of individual audit and Company objectives.  
• Charting a company-specific Roadmap for Continuous Auditing (handout / exercise)
• Examples for how others have advanced on their Company-specific Maturity Curve
• Additional Resources: LinkedIn Groups, Blogs and other on-line references

Instructor: 

Joe Oringel, CIA, CPA - Principle with Visual Risk IQ:   Joe is a CPA and CIA with twenty years of experience in internal auditing, fraud detection and forensics. He has over ten years of Big 4 external audit, internal audit, and risk advisory experience, most recently with PricewaterhouseCoopers prior to helping found Visual Risk IQ. His corporate experience includes information security, internal auditing, and risk and control of large ERP systems for companies in highly regulated industries, including Pharmaceuticals, Utilities, and Financial Services.

Joe and his business partner Kim Jones left PwC in 2006 to start Visual Risk IQ, where they help large, complex organizations take advantage of new technologies for continuous auditing, continuous monitoring, visual reporting and risk-focused data analysis.  He is an active blogger, tweeter, and experimenter in using Social Media tools, His article titled Social Media Implications for Internal Auditors was published in WG&L’s Internal Auditing in July 2010. 

Visual Risk IQ is an alliance partner and implementation specialist for Oversight Systems, IDEA, and ACL and delivers tailored solutions for clients both directly and in concert with other consulting firms.  Joe is a frequent speakers and authors about continuous auditing and data analysis, and have presented similar topics at MISTI’s SuperStrategies, AICPA Controller’s Workshops, the IIA’s Governance Risk and Compliance Conference, and numerous IIA Chapter and District Conferences around the country.

 

Register Now!