Louis Smidt scite author profile

Australian Accounting Review

Ahmi

Steenkamp

et al. 2018

The advancement of information technology in today's technologically driven era has had a significant impact on the way corporate organisations are conducting their business, especially in a developed country such as Australia. Consequently, it is now almost impossible to conduct effective and efficient audits without the use of technology‐based tools in control environments that are dominated by big data and increasing volumes of electronic audit evidence. Generalised Audit Software (GAS) is one of the most frequently used technology‐based tools available for the internal audit function for tests of controls purposes. The objective of this article is to explore the maturity of the use of GAS by internal audit functions in Australia. The literature review reveals that the use of GAS by internal audit functions globally is still at a relatively low level of maturity, despite the increased adoption of information technology and the generation of big data within organisations. Similarly, the empirical results also confirm the low level of maturity in the use of GAS by internal audit functions in Australia. Only 17.4% of the respondents displayed a high level of maturity with regard to the use of GAS.

An Assessment of the Purpose of the use of Generalised Audit Software:A perspective of Internal Audit Functions in Australia

Nest

Steenkamp

et al. 2019

The application of statistical and/or non-statistical sampling techniques by internal audit functions in the South African banking industry

Nest¹,

Smidt²,

Lubbe³

2015

RGC

This article explores the use by internal audit functions of audit sampling techniques in order to test the effectiveness of controls in the banking sector. The article focuses specifically on the use of statistical and/or non-statistical sampling techniques by internal auditors. The focus of the research for this article was internal audit functions in the banking sector of South Africa. The results discussed in the article indicate that audit sampling is still used frequently as an audit evidence-gathering technique. Non-statistical sampling techniques are used more frequently than statistical sampling techniques for the evaluation of the sample. In addition, both techniques are regarded as important for the determination of the sample size and the selection of the sample items.

The use of sampling and CAATs within internal audit functions in the South African banking industry

Nest

Lubbe

2014

Assessment of the Purpose of the Use of GAS

Steenkamp

Ahmi

et al. 2021

This article explores the purpose for which GAS, as a data analytics tool, is utilised by internal audit functions in Australia. A quantitative research method was applied, and the data was analysed using descriptive statistics. The total number of online questionnaires returned was 50 (i.e., a response rate of 15.53%) from the total research population of 322 chief audit executives of internal audit functions of organisations that are registered members with the IIA-Australia. The purpose of descriptive statistics is to describe what the data looks like and to compare variables numerically; therefore, no inferences or extrapolation of the data results were made. The results of the study can be used as a benchmark that may enable CAEs to identify whether they are staying abreast of current best practice in the area of technology-based tools and techniques for tests of controls.

The use of generalised audit software by internal audit functions in a developing country: A maturity level assessment

Nest¹,

Smidt²,

Lubbe³

2017

RGC

This article explores the existing practices of internal audit functions in the locally controlled South African banking industry regarding the use of Generalised Audit Software (GAS), against a benchmark developed from recognised data analytic maturity models, in order to assess the current maturity levels of the locally controlled South African banks in the use of this software for tests of controls. The literature review indicates that the use of GAS by internal audit functions is still at a relatively low level of maturity, despite the accelerating adoption of information technology and generation of big data within organisations. The empirical results of this article also confirm that the maturity of the use of GAS by the internal auditors employed by locally controlled South African banks is still lower than expected, given that the world, especially from a business perspective is now fully immersed in a technological-driven business environment. This study has since been extended to other industries in the following countries namely, Canada, Columbia, Portugal and Australia.

The use of generalised audit software by internal audit functions in a developing country: The purpose of the use of generalised audit software as a data analytics tool

Nest¹,

Smidt²,

Lubbe³

2017

RGC

This article explores the purpose of the use of generalised audit software as a data analytics tool by internal audit functions in the locally controlled banking industry of South Africa. The evolution of the traditional internal audit methodology of collecting audit evidence through the conduct of interviews, the completion of questionnaires, and by testing controls on a sample basis, is long overdue, and such practice in the present technological, data-driven era will soon render such an internal audit function obsolete. The research results indicate that respondents are utilising GAS for a variety of purposes but that its frequency of use is not yet optimal and that there is still much room for improvement for tests of controls purposes. The top five purposes for which the respondents make use of GAS often to always during separate internal audit engagements are: (1) to identify transactions with specific characteristics or control criteria for tests of control purposes; (2) for conducting full population analysis; (3) to identify account balances over a certain amount; (4) to identify and report on the frequency of occurrence of risks or frequency of occurrence of specific events; and (5) to obtain audit evidence about control effectiveness.

Current Use of the Risk Register to Integrate Strategy and Risk- and Performance Management: A Case of a University of Technology in South Africa

Smidt¹,

Pretorius²,

Nest³

2022

jafas

Purpose: The primary research objective was to establish how the university management used the risk register as part of the process to achieve strategic objectives, manage risk and assess performance. Methodology: The study followed a mixed-methods design. It commenced with the qualitative collection of data through the analysis of the current literature to establish whether the risk register has the characteristics of a management tool. Based on the qualitative data collection and analysis, a structured questionnaire was developed to collect quantitative data to achieve the primary research objective, namely to establish how the university’s management currently uses the risk register to achieve strategic objectives, manage risk and assess performance. Findings: The findings indicated that management realized the value of integrating strategy with risk and performance management, but not through using the risk register. Furthermore, 79.5% of the participants agreed that the risk register was populated to manage risk, 40.2% agreed that it was populated to comply with legal requirements, and 25.2% completed the risk register to comply with executive management requirements. Originality/Value: This study is meant to raise the awareness that the risk register can be used as a tool to integrate strategy and risk and performance management as it includes the strategic objectives, the risk, and the controls to prevent the risk from arising.