The case for process mining in auditing: Sources of value added and areas of application

Jans, Mieke; Alles, Michael; Vasarhelyi, Miklos A.

doi:10.1016/j.accinf.2012.06.015

Cited by 118 publications

(56 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Examples of CCM are procedures for monitoring access controls and authorizations, system configurations, and business process settings; while CDA includes procedures for verifying master data, transactions, and key process metrics using analytics (Alles et al 2006(Alles et al , 2008. Jans et al (2013) explore the implications to both external and internal audit of process mining the event logs captured by ERP systems and provide a detailed description of how this procedure is used for control monitoring and data assurance. Following the standard route in technology adoption, the manual audit procedures are being automated and, subsequently, reengineered to fully exploit the capabilities of the technology (Jans et al 2013).…”

Section: 1background Of the Studymentioning

confidence: 99%

“…Jans et al (2013) explore the implications to both external and internal audit of process mining the event logs captured by ERP systems and provide a detailed description of how this procedure is used for control monitoring and data assurance. Following the standard route in technology adoption, the manual audit procedures are being automated and, subsequently, reengineered to fully exploit the capabilities of the technology (Jans et al 2013). …”

Section: 1background Of the Studymentioning

confidence: 99%

See 1 more Smart Citation

The Reliance of External Auditors on Internal Audit's Use of Continuous Audit

Mălăescu

Sutton

2014

Journal of Information Systems

View full text Add to dashboard Cite

Abstract:As a response to the increased demand for timely and ongoing assurance over the effectiveness of risk management and control systems, companies are moving towards a more automated control environment through the implementation of continuous audit modules. The purpose of this study is to evaluate external auditors' reliance on internal audit's work when advanced audit techniques are introduced by the internal auditor and the impact this reliance has on budgeted audit hours. Prior literature suggests that internal control deficiencies also have an impact on external auditor reliance and the audit budget. The reliance decision of an external auditor has important economic consequences and implications for efficiency and effectiveness of the overall audit. In recent years, the PCAOB has encouraged greater such reliance to improve audit efficiency. An experiment is conducted with 87 experienced external auditors to investigate the theorized effects. Using a 2 x 2 between subjects factorial design, the frequency of the internal audit (traditional vs. continuous audit) and prior year material weakness (absent vs. present) are manipulated. Consistent with predictions, we find that auditors are willing to rely more on internal audit work in a continuous audit environment than in a traditional environment, and this effect is magnified when the prior year audit report on the effectiveness of internal controls indicates that controls are working properly. The presence of a material weakness, however, negatively impacts judgments on the budget for the valuation of a complex account. In addition, both material weakness and continuous audit have an impact on the overall audit budget, which is reduced only when the company has no prior year material weakness and a functioning continuous audit module is put in place. The results show that auditors increase budgeted hours for the engagement at a higher rate when the client uses traditional internal audit procedures.Keywords: Continuous Audit; Continuous Monitoring; Material Weakness; Internal Audit Reliance; Audit Budgets 3 INTRODUCTIONCompanies are under constant pressure to improve the reliability and accountability of their financial information in order to comply with regulatory bodies and to compete for capital in the evolving global business environment. As a response to global demands for timely and ongoing assurance over the effectiveness of risk management and control systems, companies are increasingly moving towards automated control environments through the implementation of technologies such as continuous audit modules (PwC 2006;IIA 2009;Protiviti 2013).Continuous audit is defined as "a method used to perform control and risk assessments automatically on a more frequent basis" (Coderre, 2006, pg. 1). Continuous audit technology allows ongoing audit testing of financial transactions and associated controls in real time. The internal audit profession is thus better equipped for addressing the needs of stakeholders, in spite of the challenges it faces: question...

show abstract

Section: 1background Of the Studymentioning

confidence: 99%

Section: 1background Of the Studymentioning

confidence: 99%

The Reliance of External Auditors on Internal Audit's Use of Continuous Audit

Mălăescu

Sutton

2014

Journal of Information Systems

View full text Add to dashboard Cite

show abstract

“…El riesgo tecnológico en términos de auditoría puede ser definido como la probabilidad que la información almacenada en los sistemas pueda contener errores importantes que pasen sin ser detectados durante el transcurso de la auditoría (Jans, Alles, & Vasarhelyi, 2013). Del mismo modo Dzeng (1994) definió que el riesgo tecnológico está influenciado por el riesgo inherente y el riesgo de control.…”

Section: Riesgo Tecnológicounclassified

Aplicación de un Modelo de Auditoría Continua Utilizando JD Edwards EnterpriseOne

Intriago¹

2016

Investigatio

View full text Add to dashboard Cite

ResumenComúnmente los departamentos de Auditoría de Sistemas, en su plan anual asignan un alto número de horas y recursos para la revisión de la información generada por los módulos del ERP de la empresa, esto conlleva a dejar aspectos fundamentales en términos de riesgos tecnológicos, como son: EvAaluación del Gobierno TI, Revisión de Cuentas Privilegiadas, Análisis del DBMS, Revisión de DRP y BCM. En este artículo, se implementa un modelo de auditoría continua a cuatro empresas de Guayaquil que utilizan JD Edwards EnterpriseOne como ERP y se evalúa los resultados obtenidos en comparación a una auditoría tradicional de sistemas. Como resultado se obtuvo que el modelo de auditoría continua realiza una revisión completa del ERP, presentando resultados confiables, optimizando tiempo y recursos humanos. Palabras Clave: Auditoría de sistemas, auditoría continua, efectividad, JD Edwards, riesgos tecnológicos. AbstractCommonly departments Systems Audit in its annual plan assigned a high number of hours and resources to reviewing the information generated by the modules of the ERP of the company, this leads to leave key aspects in terms of technological risks, such as: evaluation of IT Govemance, Review of privileged accounts DBMS Analysis, Review of DRP and BCM. lii this paper, a model of continuous auditing to four companies that use Guayaquil as ERP ID Edwards EnterpriseOne and results compared to a traditional system audit is evaluated is implemented. As a result it was found that the model of continuous auditing performed a comprehensive review of ERP, presenting reliable results, optimizing time and human resources

show abstract

“…For the process mining introduction, the interested reader is also referred to the process mining website www.processmining.org. Process mining was successfully applied in a set of business areas, such as healthcare [16,31,21], insurance [25], auditing [12], hardware test processes [22] and even vessel behavior [15]. In this paper we present case studies from the other application area -tourist industry.…”

Section: Related Workmentioning

confidence: 99%

Process mining can be applied to software too!

Rubin

Mitsyuk

Lomazova

et al. 2014

Proceedings of the 8th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement

View full text Add to dashboard Cite

Modern information systems produce tremendous amounts of event data. The area of process mining deals with extracting knowledge from this data. Real-life processes can be effectively discovered, analyzed and optimized with the help of mature process mining techniques. There is a variety of process mining case studies and experience reports from such business areas as healthcare, public, transportation and education. Although nowadays, these techniques are mostly used for discovering business processes.However, process mining can be applied to software too. In the area of software design and development, process models and user interface workflows underlie the functional specification of almost every substantial software system. When the system is utilized, user interaction with the system can be recorded in event logs. After applying process mining methods to logs, we can derive process and user interface flow models. These models provide insights regarding the real usage of the software and can enable usability improvements and software redesign.In this industrial paper we present several process mining examples of different productive software systems used in the touristic domain. With the help of these examples we demonstrate that process mining enables new forms of software analysis. The user interaction with almost every software system can be mined in order to improve the software and to monitor and measure its real usage.

show abstract

The case for process mining in auditing: Sources of value added and areas of application

Cited by 118 publications

References 10 publications

The Reliance of External Auditors on Internal Audit's Use of Continuous Audit

The Reliance of External Auditors on Internal Audit's Use of Continuous Audit

Aplicación de un Modelo de Auditoría Continua Utilizando JD Edwards EnterpriseOne

Process mining can be applied to software too!

Contact Info

Product

Resources

About