Here are some ways that CAAT can be used for audit analysis;
- Information retrieval - e.g. JET, identify patterns, shifts or trends, duplicate records
- Network security - e.g. system overrides, access authorities,
- Fraud detection - e.g. transaction analysis. Comparing supplier and payroll records
- Audit reporting and management tools
- Continuous monitoring
- E-commerce security
See file interrogation for ways that the above may be carried out.
| CAAT for audit analysers faces the following problems. Information may be; |
|
Confidential
Hard to retrieve
Encrypted
Spread over Several Systems
|
Ways of tackling this CHESSS problem are |
|
- building an audit team with these specialist skills
|
- libraries of information describing retrieval routines
|
|
|
Users should be aware of the risks of erroneous extrapolation and inappropriate disclosure related to use of analysis derived from CAATs.
|
