The increasing role of IT auditors in financial audit: risks and intelligent answers
Abstract
Financial auditing cannot be imagined without the involvement of IT specialists since business processes are designed to be served by IT components such as ERP systems, online customer-facing applications, databases etc. Financial auditors therefore exposed to IT system and control reliance want to gain reasonable assurance that data and transactions stored in IT systems cannot be modified, access is controlled, and there is no suspicion of any fraud at business organizations. The paper tries to understand the current situation of IT audit involvement in financial auditing, interpret risks that parties face and provide some solutions by use of intelligent applications.
Keyword : financial audit, IT audit, IT controls, IT threats, risk management, machine learning
How to Cite
Barta, G. (2018). The increasing role of IT auditors in financial audit: risks and intelligent answers. Business, Management and Economics Engineering, 16, 81-93. https://doi.org/10.3846/bme.2018.2142
This work is licensed under a Creative Commons Attribution 4.0 International License.
References
CVE Details. (2018). Microsoft: vulnerability statistics. Retrieved from https://www.cvedetails.com/vendor/26/Microsoft.html
EY. (2016). Insights-Driven digital innovation. Retrieved from http://www.ey.com/Publication/vwL UAssets/EY-insightsdriven-digital-innovation/$FILE/EY-insights-driven-digital-innovation.pdf
Gartner. (2017a). Hype cycle for artificial intelligence, 2017. Retrieved from https://www.gartner.com/document/3770467?ref=solrAll&refval=193456093&qid=063144043355fa4bde62ca5985043d81#
Gartner. (2017b). Predicts 2018: artificial intelligence. Retrieved from https://www.gartner.com/document/3827163/meter/charge
Haugeland, J. (1985). Artificial intelligence: the very idea. MIT Press, Cambridge, Massachusetts.
IFAC. (2009). International Standard on Auditing 200. Overall objectives of the independent auditor and the conduct of an audit in accordance with internation standards on auditing. Retrieved from http://www.ifac.org/system/files/downloads/a008-2010-iaasb-handbook-isa-200.pdf
ISACA. (2004). IT control objectives for Sarbanes-Oxley. The importance of IT in the design, implemen-tation and sustainability of internal control over disclosure and financial reporting. Retrieved from http://www.isaca.org/knowledge-center/research/documents/sox-appendix_res_eng_0504.doc
Issa, H., Ting, S., & Vasarhelyi, A. M. (2017). Research ideas for artifical intelligence in auditing. The formalization of audit and workforce supplementation. Journal of Emerging Technologies in Accounting, 13(2), 1-20.
KPMG. (2017). Digitalisation in accounting. Study of the Status Quo in German Companies. Retrieved from https://home.kpmg.com/content/dam/kpmg/de/pdf/Themen/2017/digitalisation-in-accounting-en-2017-KPMG.pdf
KPMG. (2016). The impact of cognitive technology on business and financial reporting. Retrieved from https://assets.kpmg.com/content/dam/kpmg/pdf/2016/05/game-changer-impact-of-cognitive-technology.pdf
Kroll. (2015). Global Fraud Report. Vulnerabilities on the Rise. Annual Edition 2015/16. Retrieved from http://anticorruzione.eu/wp-content/uploads/2015/09/Kroll_Global_Fraud_Report_2015low-copia.pdf
Li, Y. (2010). The case analysis of the scandal of Enron. International Journal of Business and Management, 5(10), 37-41. https://doi.org/10.5539/ijbm.v5n10p37
Manara, M., & Cavalleri, A. (2011). 100 Things You Should Know About Authorizations in SAP. Galielo Press Inc., Boston.
McCulloch, W. S., & Pitts, W. (1943). A logical calculus of the ideas immanent in nervous activity. The bulletin of mathematical biophysics, 5(4), 115-133. https://doi.org/10.1007/BF02478259
MIT. (2016). AI drives better business decisions. Retrieved from https://www.technologyreview.com/s/601732/aidrives-better-business-decisions/
Mohapatra, R. P. (2015). Debugging for functional consultants. Retrieved from https://blogs.sap.com/2015/05/26/debugging-for-functional-consultants/
Nillson, N. J. (1998). Artificial intelligence: a new synthesis. Morgan Kaufmann, San Mateo, California.
Norvig, P., & Russell, S. J. (2005). Mesterséges Intelligencia Modern Megközelítésben, Második, átdolgozott, bővített kiadás. Panem Kiadó, Budapest.
Palmas, E. (2011). IT General and Application Controls: The Model of Internalization. ISACA Journal, 5, 1-4.
Raschka, S. (2015). Python machine learning. Packt Publishing, Birmingham.
Statista. (2017a). Ransomware makes up small share of growing malware threat. Retrieved from https://www.statista.com/chart/10045/new-malware-specimen-and-share-of-windows-based-malware/
Statista. (2017b). Revenue of the Big Four accounting / audit firms worldwide in 2017 (in billion U.S. dollars). Retrieved from https://www.statista.com/statistics/250479/big-four-accounting-firms-global-revenue/
Szatmári, J., Mucsi, L., Nagyváradi, L., Szabó, Sz., Barta, K., Bugya, T., Czigány, Sz., Pirkhoffer, E., Rábay, A., Tobak, Z., Boudewijn, L., Bartus, M., & Szatmári, J. (2013). Modellek a geoinformatikában. TÁMOP-4.1.2.A/1- 11/1 MSc Tananyagfejlesztés.
The Guardian. (2014). Tesco loses £2bn in value as investigation of profit overstatement begins. Retrieved from https://www.theguardian.com/business/2014/sep/22/tesco-loses-2bn-value-250m-profit-over-statement-investigation
The Telegraph. (2017). Petya cyber attack: everything to know about the global ransomware outbreak. Retrieved from https://www.telegraph.co.uk/technology/2017/06/27/petya-cyber-attack-everything-know-global-ransomware-outbreak/
EY. (2016). Insights-Driven digital innovation. Retrieved from http://www.ey.com/Publication/vwL UAssets/EY-insightsdriven-digital-innovation/$FILE/EY-insights-driven-digital-innovation.pdf
Gartner. (2017a). Hype cycle for artificial intelligence, 2017. Retrieved from https://www.gartner.com/document/3770467?ref=solrAll&refval=193456093&qid=063144043355fa4bde62ca5985043d81#
Gartner. (2017b). Predicts 2018: artificial intelligence. Retrieved from https://www.gartner.com/document/3827163/meter/charge
Haugeland, J. (1985). Artificial intelligence: the very idea. MIT Press, Cambridge, Massachusetts.
IFAC. (2009). International Standard on Auditing 200. Overall objectives of the independent auditor and the conduct of an audit in accordance with internation standards on auditing. Retrieved from http://www.ifac.org/system/files/downloads/a008-2010-iaasb-handbook-isa-200.pdf
ISACA. (2004). IT control objectives for Sarbanes-Oxley. The importance of IT in the design, implemen-tation and sustainability of internal control over disclosure and financial reporting. Retrieved from http://www.isaca.org/knowledge-center/research/documents/sox-appendix_res_eng_0504.doc
Issa, H., Ting, S., & Vasarhelyi, A. M. (2017). Research ideas for artifical intelligence in auditing. The formalization of audit and workforce supplementation. Journal of Emerging Technologies in Accounting, 13(2), 1-20.
KPMG. (2017). Digitalisation in accounting. Study of the Status Quo in German Companies. Retrieved from https://home.kpmg.com/content/dam/kpmg/de/pdf/Themen/2017/digitalisation-in-accounting-en-2017-KPMG.pdf
KPMG. (2016). The impact of cognitive technology on business and financial reporting. Retrieved from https://assets.kpmg.com/content/dam/kpmg/pdf/2016/05/game-changer-impact-of-cognitive-technology.pdf
Kroll. (2015). Global Fraud Report. Vulnerabilities on the Rise. Annual Edition 2015/16. Retrieved from http://anticorruzione.eu/wp-content/uploads/2015/09/Kroll_Global_Fraud_Report_2015low-copia.pdf
Li, Y. (2010). The case analysis of the scandal of Enron. International Journal of Business and Management, 5(10), 37-41. https://doi.org/10.5539/ijbm.v5n10p37
Manara, M., & Cavalleri, A. (2011). 100 Things You Should Know About Authorizations in SAP. Galielo Press Inc., Boston.
McCulloch, W. S., & Pitts, W. (1943). A logical calculus of the ideas immanent in nervous activity. The bulletin of mathematical biophysics, 5(4), 115-133. https://doi.org/10.1007/BF02478259
MIT. (2016). AI drives better business decisions. Retrieved from https://www.technologyreview.com/s/601732/aidrives-better-business-decisions/
Mohapatra, R. P. (2015). Debugging for functional consultants. Retrieved from https://blogs.sap.com/2015/05/26/debugging-for-functional-consultants/
Nillson, N. J. (1998). Artificial intelligence: a new synthesis. Morgan Kaufmann, San Mateo, California.
Norvig, P., & Russell, S. J. (2005). Mesterséges Intelligencia Modern Megközelítésben, Második, átdolgozott, bővített kiadás. Panem Kiadó, Budapest.
Palmas, E. (2011). IT General and Application Controls: The Model of Internalization. ISACA Journal, 5, 1-4.
Raschka, S. (2015). Python machine learning. Packt Publishing, Birmingham.
Statista. (2017a). Ransomware makes up small share of growing malware threat. Retrieved from https://www.statista.com/chart/10045/new-malware-specimen-and-share-of-windows-based-malware/
Statista. (2017b). Revenue of the Big Four accounting / audit firms worldwide in 2017 (in billion U.S. dollars). Retrieved from https://www.statista.com/statistics/250479/big-four-accounting-firms-global-revenue/
Szatmári, J., Mucsi, L., Nagyváradi, L., Szabó, Sz., Barta, K., Bugya, T., Czigány, Sz., Pirkhoffer, E., Rábay, A., Tobak, Z., Boudewijn, L., Bartus, M., & Szatmári, J. (2013). Modellek a geoinformatikában. TÁMOP-4.1.2.A/1- 11/1 MSc Tananyagfejlesztés.
The Guardian. (2014). Tesco loses £2bn in value as investigation of profit overstatement begins. Retrieved from https://www.theguardian.com/business/2014/sep/22/tesco-loses-2bn-value-250m-profit-over-statement-investigation
The Telegraph. (2017). Petya cyber attack: everything to know about the global ransomware outbreak. Retrieved from https://www.telegraph.co.uk/technology/2017/06/27/petya-cyber-attack-everything-know-global-ransomware-outbreak/