The human touch
As more auditors switch on to the benefits of using electronic systems and databases, George Quigley reminds us that not everything can be automated.
31 December 2021 23.59.00: Tracy has been tracking three companies since July. She feels the market has been mispricing at least two of them and senses she could make a killing both from buying and selling shares in the first quarter of the new year. Her research is almost complete, but she’s missing one key ingredient. She needs to know what the results of the companies are.
Earlier that day, she had a quiet laugh to herself. It isn’t as if she trained a long time ago. But the thought of having to wait as long as nine months to obtain company information – presented at a very high level in printed format – really does seem to belong to a different age.
It was the financial crisis that started around 2008 that triggered the change. Governments, regulators and investors needed more information and they needed it more quickly. Investors had been complaining for some time that company accounts were not what they needed and that the financial reporting standards made limited sense to them. They wanted information about results and they wanted it fast. Why weren’t they able to get data over the internet? Surely companies could provide that information via a database quickly and easily?
Governments agreed and the traditional company accounts and the auditing processes that accompanied them were changed forever.
It is almost new year’s day. Tracy should be out partying, but instead she is putting the finishing touches to her data analytics routines. In less than a minute those company results will be online. The databases containing the relevant information are almost accessible. It will take Tracy about 15 seconds to download the information, flow it into her software and fit the final piece of the jigsaw.
The story is, of course, fictional, though elements of truth run through it. The way in which companies now produce information, including financial data, is essentially electronic. That information is held in databases and is available in real time to people within those companies. And organisations continue to extend their use of systems. Some now operate solely in the virtual world.
But a look at the way audits are carried out, reveals a very different picture – one that hasn’t changed much in years. Although auditors make use of information held on databases too, we typically do so by printing files off the system, manually checking them against some form of source documentation (in many cases also electronic) and then inputting them by hand into the audit software we use (often a combination of Microsoft Word and Excel). We don’t use the data in any sophisticated way.
We could though, like Tracy, design audit tests that could be done electronically via the database. This would bring a number of advantages. No longer would we be sampling some data; we would be testing the entire data set. We could carry out tests that looked at the transactions over the year, rather than just at a point in time. We could profile data, carry out tests of control and much more. The list of things that could be done, while not endless, is a long one. These methods could even be used to test Excel spreadsheets – an area in which testing is still carried out mainly as a manual process.
These techniques are known as computer-assisted audit techniques (CAATs). In the broadest sense CAATs refers to the use of any computer during an audit. I like to think of CAATs as using computers to simplify and automate the audit process.
They can also take us beyond the traditional audit process into wider assurance offerings. Remember, the faculty is the Audit and Assurance Faculty, and you can use these tools to have a view on a company’s entire data set. What other assurance services could you provide based on this information?
I am sure that over the coming years we will move increasingly towards electronic methods of auditing. But despite the many advantages this will bring, I would like to sound a note of caution. However clever the tools are that we use, they will not replace thought and common sense. That is something that only comes with experience. Audit scepticism is still needed, even in an electronic world.
George Quigley is a partner in risk advisory services at BDO.
This article first appeared in Audit & Beyond, magazine of the ICAEW Audit and Assurance Faculty, in February 2012.