CAATTS computer assisted audit tools and

techniques;
broader
umbrella
whose
subcomponents can be grouped into two
categories:
1. Software used to increase an auditors
personal productivity and software
2. Techniques to increase the efficiency
and effectivity of the audit function
CAATS computer assisted audit techniques
Computer assisted audit tools
a. Productivity tools
- E work papers
- Groupware
- Time and billing software
- Reference libraries
- Document management
b. Generalized audit software tools
- ACL
- Audit expert systems
- Utility software
- Statistical software
Computer assisted audit techniques
a. CAATs to validate application
integrity
- Test decks
- Integrated test facility
- Parallel simulation
b. CAATs to verify data integrity
- Data extraction and analysis
- To detect fraud
- Continuous auditing techniques
Generalized audit software (GAS) myriad
software tools help auditors extract data from
client records and perform various quality
assurance tests on that underlying data.
Audit productivity software any software
that facilitates the auditors personal
productivity

a. import clients raw data from

legacy systems
b. automatically
generate
working paper
c. export to excel
d. enter AJE
e. break down accounts
Groupware can facilitate share of
information across firms and between
the auditor and the client.
Time and billing software can ease
the formerly onerous process of
accounting for chargeable hours and
compiling
and
preparing
bills
accordingly
Reference libraries; used for two
main reasons:
1. locate company specific policies and
procedures
2. search for authority when researching
a particularly thorny problem
Document management software
that has made online document
storage readily available and practical
increased auditors productivity
Generalized audit software tools
Data extraction and analysis audit
software such as ACL; perform routine
tasks that auditor has considerably
more time to concentrate on analytic
thinking.
Statistical analysis enables auditors
to perform statistical analysis on a
clients data file
Audit expert systems software that
can be used in making routine,
structured decisions.

Electronic working papers

Advantages:

a. unbiased decision making

b. incorporating
expertise
multiple experts

paperless office
common features:

of

c. constant availability
Disadvantages
1. Difficulty in eliciting decision
making process and criteria from
the experts
2. Difficulty
in
updating
the
knowledge base and rules
contained therein
3. Time required to develop and test
the system
4. Expense
5. Difficulty in modelling uncertainty
in decisions
6. Mechanical adherence to the
process
Computer assisted IT techniques
procedures that assist IT auditors in obtaining
sufficient, reliable, relevant and useful
evidence to support predefined audit
objectives.
Professional standards and guidelines
specific to the use of audit techniques (CAATs)
Planning - When planning, auditor should
consider an appropriate combination of
manual techniques and CAATs
Performance of audit work - Use of CAATs
should be controlled by the IS auditor to
provide reasonable assurance that the audit
objectives and the detailed specifications of
the CAATs have been met.
Documentation - The step by step CAATs
process should be specifically documented to
provide adequate additional evidence
Reporting

objectives,
scope
and
methodology section, and the body of the
report should contain clear description of the
CAATs used.
THE STEPS TO USING CAATS
1. Auditor sets key objectives during
audit planning, based on risk
assessment

2. Auditor identifies which specific

CAATs will provide sufficient, relevant
and AT useful evidence to achieve key
audit objectives.
3. Auditor must identify which files,
records and fields are needed form
the client.
4. Determine in which format you prefer
to receive the data
5. Request data files from client in the
preferred format
6. Import the data into ACL
7. Use CAATs to verify the integrity
8. Perform specific CAATs as planned, to
meet key audit objectives
9. Investigate and reconcile exceptions
10. Document results in the audit work
papers
*tape is an inexpensive method for
extracting and storing data
CAATS TO VALIDATE APPLICATION INTEGRITY
Test data use a set of fabricated data and
run the test through the application and
compare the results with results he expected
to obtain.
Useful for testing application logic
and processing.
Integrated test facility variation of the test
deck method. Test deck method cannot allow
for testing of live data and this is the
purpose of the integrated test facility
Parallel simulation the objective of the
parallel simulation method is to test the
integrity of a clients application.
CAATS TO VERIFY DATA INTEGRITY
CAATs extract and analyse data
Importing the data into ACL
Counting count the number of records is
ALWAYS the first step after importing the data
in ACL
Verifying be sure that the data type
conforms to the description in the input file

definition created (numeric field may not

contain characters etc.)
Statistics identify statistical properties of
any date or numeric data elements you
identify.
Stratify auditors use to determine ranges of
numeric data.

Techniques
1. Techniques
to
validate
client
applications
2. Techniques to verify data integrity
Continuous and intermittent simulation (CIS)
embeds an audit module in a database
management system.

Age aging of accounts receivable and

accounts payable

Audit hooks are audit routines that

flag suspicious transactions.

Gaps and duplicates useful for examining

payroll file and determine if there were any
gaps in payroll checks. This would indicate a
missing check.

The system control audit review file

(SCARF) uses embedded audit
modules to continuously monitor
transaction activity and collect data
on transactions with special audit
significance.

The snapshot technique examines

the way transactions are processed.

CAATS TO DETECT FRAUD

Digital analysis uses the statistical
properties of a series naturally occurring
numbers through the use of Benfords Law.
Benford discovered that the first digit
of a series of naturally occurring
follows a distribution that has since
come to be known as Benfords Law.
Auditor must be careful to determine
if artificial barriers have been placed
into the population which affects its
naturalness.
Data query models information is viewed
globally, in context with other relevant
information about the client or the situation
under review.
-

Example is travel expenses,

compute travel expense as a total
number of sales.

Selected transactions are

marked with a special code
that triggers the snapshot
process.

Audit modules in the program

record these transactions and
their master file records
before and after processing.

In a batch processing system, the ITF

technique

Eliminates the need

reverse test transactions

Is easily concealed from

operating employees because
test transactions dont need
to be reversed.

CONTINUOUS AUDITING TECHNIQUES

-

Increase reliability
timely information

and

more

*page 202
Tools encompass software used to manage
the audit engagement and boost auditors
productivity, as well as software used to
gather evidence to support key objectives

to

In online processing systems, test

transactions can be:

Submitted on a frequent basis

Processed
transactions

with

actual

Traced
through
processing stage

every

Can all be accomplished without

disrupting
regular
processing
operations.

Places a small set of fictitious files

Consequently, auditors use concurrent audit

techniques to continually monitor the system
and collect audit evidence while live data are
processed during regular operating hours.
No satisfactory audit trail
Embedded audit modules
Test data generator program, which
automatically prepares test data based on
program specifications.