Top Three Considerations When Automating Your Internal Control and Audit Activities

Choose an area of interest:

Member Sign Up
Member Log On
Edit Member Profile
Newsletters
Editorial Inquiries
Privacy Policy
Reader Profile
About Us
Contact Us
Advertise

NewsLine
Columnists & Columns
Newsletters
Opinion Poll

Search Archives
Resources/Tools
Associations, Societies & Firms
Federal and State Link Library
Newsletters & Journals
CPA Exam Study Guides
Glossary

Search Jobs
Post Resume
Career Resources
Company Gallery
Professional Designations
Internships
Colleges & Universities
Post Jobs/Search Resumes

Login to Professional Education Center
Login to FMN Online
Login to CPA Report Online
Login to FMN Self-Study PEC
Login to CPA Report Self-Study PEC
FMN Video Subscriber Center
CPA Report Video Subscriber Center
Accounting & Finance CPE Programs
Corporate Training
Ethics & Compliance
Association Reseller Program
e-Learning Consulting
Engineering Education Programs

Professional Education Center
SmartPros Book Digests
Wiley Book Corner

Choose an area of interest:

Top Three Considerations When Automating Your Internal Control and Audit Activities
By Richard B. Lanza, CPA, Cash Recovery Partners LLC

June 2005 (SmartPros) Good quality internal control and audit professionals have become a hard commodity to come by lately which has been compounded by the increased workload in these areas over the past three years. Companies therefore need to improve the efficiency of such resources and automation is being seen more and more as the key enabler of such change.

By steeping themselves in a "stew" of audit and control software vendor surveys and interviews, the authors of a new guide, The 2005 Buyer's Guide To Audit, Anti-Fraud, and Assurance Software, outline three best practices:

1. Focus Long Term Yet Start Simple and Build Iteratively

Software development lifecycles have matured over time to arrive at a common best practice: "know what you want long term and build iteratively each day to get there". And isn’t this simply common sense that you would employ if you are building a career, a financial plan, or in this case, the integration of technology into a business process.

Taking these lessons and relating them back to your next audit or control software implementation, a few suggestions can be made:

Focus on the first engagement – Make sure that, regardless of the type of software, that the first engagement is a small but quality winner.
Think prototype – Don’t feel you need to make it perfect in the first go-around. Remember that if you can build a prototype and show the positive cash return to the company, you have the foundation to prove additional future returns when the system is fully-functional. For example, a data analysis report may be run that proves a company can recover $100,000. This report could then be placed within the company’s ERP system and hence a system enhancement to be run on a continuous basis for recurring future returns.
Start with inexpensive software – You may want to start with software that the company already has licenses to (i.e., document management, data warehouse, spreadsheet) and prove the value of a more extensive implementation based on these relatively free tools. Again, once the value is seen, the company is in a much better position to decide to invest in more industry-grade technology.

2. Add a Layer of Technology After Nailing The Process Down

Many companies will simply rush to add technology feeling it will solve a problem, only to find that the problem has not been lessened. This can be explained by the fact that most people work still on instincts rather than rational and planned thought. The instinct to panic and implement "software" because they are facing a challenging documentation project or a performance objective by year-end rarely works.

In the panic, people normally forget the interdependency relationship and thus do not realize that they must first understand the process, understand the people, and improve the process as best as possible before layering technology. Therefore, a company planning on implementing enterprise risk management should first map out the competencies people need to enact this change, develop a process that will be accepted by the organization, and THEN implement technology.

3. Integrate All Components

Companies should start as soon as possible in thinking how their technology components will integrate together. This could be accounting system data they are analyzing or control testing documentation systems that need to "talk" to one another. While sounding futuristic, all of the technology to complete this task currently exists. Some vendors are even starting to partner their products together (i.e., integrating risk management and audit workpaper systems) or with other vendors (i.e., data analysis vendors working with audit workpaper vendors). The reality though is that we are still at the early stages of integration which means that the benefits of automation are mostly still yet to be realized.

For more best practices, industry trends, and over 100 vendor profiles, see The 2005 Buyer’s Guide To Audit, Anti-Fraud, and Assurance Software.

RICH LANZA, CPA, CFE, PMP, is President of Cash Recovery Partners, LLC. He is the author of 12 publications and training courses in ACL, IDEA, Access, ActiveData, and Excel and has over 50 articles for major audit publications. For more information or to contact Rich, visit his SmartPros column, The Bottom Line.

		Related Stories

		Preventing Errors and Fraud in Spreadsheets


		Related Courses

Would you recommend this article?

5 (yes, highly)
4
3
2
1 (no, not at all)

Comments: