Sunday, January 6, 2013

CAAT - Audit Analysis

Here are some ways that CAAT can be used for audit analysis;
  • Information retrieval - e.g. JET, identify patterns, shifts or trends, duplicate records
  • Network security - e.g. system overrides, access authorities,
  • Fraud detection - e.g. transaction analysis. Comparing supplier and payroll records
  • Audit reporting and management tools
  • Continuous monitoring
  • E-commerce security
See file interrogation for ways that the above may be carried out.

CAAT for audit analysers faces the following problems. Information may be;

  • Confidential
  • Hard to retrieve
  • Encrypted
  • Spread over Several Systems

  • Ways of tackling this CHESSS problem are

    • building an audit team with these specialist skills
    • libraries of information describing retrieval routines

    Users should be aware of the risks of erroneous extrapolation and inappropriate disclosure related to use of analysis derived from CAATs.