Audit Tools Adapt to Changes
By Jeff Stimpson
(Aug. 1, 2007) - With the recent audit regulatory actions, tax and accounting professionals are experiencing one of the most significant changes in decades. The new risk assessment and documentation standards have many firms concerned that complying means a significant increase in work and a decrease in productivity and profitability.
"The implementation of the new audit standards, viewed from a non-technical perspective, simply creates a need for a firm to bring about organizational change," says Jeff Hodinko, senior VP-program delivery of Reston, Va.-based AuditWatch. "Firms need to drive new behaviors and actions from their auditors. One key component in a successful organizational change program is the evaluation and implementation of new tools and job aids. The various vendors to the profession face the challenge of proactively providing useful tools and job aids to support firms with this significant change process."
Auditors can choose from a myriad of auditing tools to automate the audit process, according to CaseWare, with the trend being towards a more paperless environment. Data-mining tools are also increasing the efficiency and the extent of coverage in the audit process, especially when the data analysis procedures are embedded within the applicable audit program steps.
"Fraud and internal control have increased the demands on auditors. Audit professionals are challenged to stay abreast of current standards and re-engineer how they conduct audits while ensuring both effectiveness and profitability," says Brian Steinert, product manager for CCH, in Riverwoods, Ill.
"Auditors must also now dig deeper into internal controls for private companies, even though they may have chosen not to rely upon them in the past," he also points out.
Says Roger Hodskins, vice president of alliances and marketing at Lumigent, "These issues have created an increased sense of urgency on the part of organizations to implement systems which form the basis of a sustainable and continuous process for auditing and compliance. Unfortunately, many of the product offerings on the market are merely point solutions that focus on only one component of the entire process. This often leaves the practitioner with the unenviable task of trying to organize and correlate disparate information."
Thomson Tax & Accounting offers the estimation that meeting new standards may add up to a 25 percent increase in time dedicated to audits. Heavier workloads and professional staff shortages will drive more firms to technology to assist them in re-defining and streamlining audit workflow.
"I don't think that fraud or the need for internal controls have changed," says Linda Wolosz, senior compliance advisor from QUMAS. "What has changed is the impact of failure to control risks, and board-level actions in light of the increased impact. For example, the impact of financial misstatement/fraud has manifested itself in the possibility of unrecoverable reputational damage or worse. Another driver is profitability. Many financial organizations have adopted internal models for the calculation of capital requirements. Most regulators perform in-depth reviews of the internal controls required to assure accuracy of information and processes underlying the calculations. Internal models can free up significant amount of capital for use for business purposes and potential increased revenue."
"Senior management might well begin or continue evaluating the cost of ongoing human support as compared to the implementation of automation to perform repeatable functions," Wolosz predicts. "Within the audit function specifically, automation has matured to assist in performing risk assessments, building audit plans, writing audit procedures, documenting work papers, publishing reports, and tracking issues for successful remediation. The completion of this cycle is the updating of the risk assessment for examination results and business-line changes."
"We can expect to see more 'audit-process platform' offerings," adds Hodskins. "More-comprehensive solutions provide the ability to collect audit information from more sources, and to provide an integrated view of the compliance process. More time will be spent on verification of the controls than the technical issues related to data gathering. That is, we will see more offerings that attack the business process problem associated with fraud prevention and internal controls."
Here's how some vendors and providers are helping practitioners in the auditing process.
CASEWARE IDEA
caseware-idea.com
The latest innovation in IDEA is the availability of an optional component, IDEA Smart Analyzer, a collection of key data analysis tests on major financial statement items, providing firms with a standardized approach to all audits. Tests include coverage of journal entries, accounts receivable and payable, inventory and fixed assets. The tests are integrated with imports from a number of common accounting packages, making it even easier to be used by non-technical auditors.
IDEA has also updated its collection of data analysis tools with three advanced statistical methods designed to, among other things, assist accountants in their compliance with the provisions of SAS No. 99, Consideration of Fraud in a Financial Statement Audit, which requires auditors to design audit procedures to identify fraud risks with special attention being required for analytical procedures performed on revenue accounts. The Correlation test can be used to measure the degree of association between revenue accounts and other related accounts such as raw materials usage, packaging purchases, and sales commissions. The Trend Analysis test can be used to make forecasts based on past data, and these forecasts can then be compared to actual data for the year under review. The Time Series test is also designed for forecasting, taking into account trends and seasonal fluctuations in the past data.
CCH PROSYSTEM FX ENGAGEMENT
CCH.com
CCH recently launched ProSystem fx Knowledge Tools to help auditors address the new AICPA Risk Assessment Standards. ProSystem fx Knowledge Tools integrates with fx Engagement and provides an easy-to-follow audit methodology, and the Knowledge-Based Audit (KBA) was developed in partnership with AuditWatch, and allows auditors to "zero in" on areas of risk and customize a response plan.
Each title of Knowledge Tools includes a methodology overview, audit programs, practice aids, correspondence templates, and templates, which contain a variety of sample auditor's opinions on audited financial statements.
The new Internal Control Library on Accounting Research Manager will also provide guidance on understanding elements of the internal control.
CPA2BIZ
cpa2biz.com
AICPA Resource offers, in addition to a search engine, document referencing, and frequent updates, A&A literature that includes the Institute's professional standards, technical practice aids, and A&A manual. Also included are PCAOB standards and related rules; accounting trends and techniques; current AICPA A&A guides; current audit risk alerts; and current checklists and illustrative financial statements.
The FASB Library on the Resource includes FASB statements, interpretations, technical bulletins, and concepts statements; ARBs 43-51; APB opinions and statements; and AICPA accounting interpretations and terminology bulletins. Also offered are all currently effective AICPA and FASB pronouncements as they've been amended, and staff special reports and other published implementation guidance on various FASB statements, as well as FASB staff positions issued on various pronouncements and EITF Issues.
Also offered are the general standards, industry standards, and the current text sections that have been superseded but are still applicable due to a significantly delayed effective date.
EITF abstracts includes the full text of each abstract for every issue discussed by the Emerging Issues Task Force since 1984. The comprehensive topical index is for the amended, current text, and EITF infobases, and derivatives codification is provided as an aid to implementing FASB Statement 133, which presents Statement 133 as amended through May 2003, including amendments from Statements 137, 138, and 149. It also includes the full text of issues related to the implementation of Statement 133 that were discussed by the Derivatives Implementation Group and cleared by the FASB prior to February 10, 2004.
INTACCT CORPORATION
Intacct.com
Among recent product innovations is Smart Events, a system for flagging events and sending notices to reviewers when those events are triggered. For example, a controller or CFO may want an automatic notification when a user creates a vendor invoice exceeding $10,000. A "Smart Event" could send an e-mail to the controller containing key information about the vendor invoice, together with a PDF containing the actual invoice. Users may also create rules and conditions for these events. Smart Rules uses these same conditions to prevent events that violate controls from executing. Intacct exposes some 3,500 unique activities in the system for access control, and controls for separation of duties are easy to implement. Finally, ad hoc reporting and dashboards facilitate identifying out-of-control transactions, as Intacct solutions memorize these queries and publish live results to a user's dashboard. Users may also include information in the results about the person who authored the transaction.
LUMIGENT TECHNOLOGIES
lumigent.com
Lumigent Technologies has a new version of its flagship Audit DB product that delivers a database security and compliance system that supports all three common methods of data collection in a single platform. The app facilitates capturing traffic as it flows across the network, analyzing log files of actual database transactions, and relying on the database's native auditing capabilities.
QUMAS
qumas.com
Qumas delivers a software-based closed-loop compliance model that standardizes and integrates the common elements of compliance tasks across the organization. The Qumas Policies & Procedures Suite provides financial services companies with a solution for policies and procedures management.
It is the first in a series of pre-configured suites that Qumas has introduced this year, and which addresses such important issues as coordinated policies and procedures, thereby simplifying compliance issues that are related to documentation not current or easily accessible to employees.
THOMSON TAX & ACCOUNTING
CS.Thomson.com
Thomson Tax & Accounting products, Engagement CS and PPC guidance, have a number of new benefits, among them integration between Engagement CS and PPC SMART e-Practice Aids-Risk Assessment and the e-Tools ensures compliance. From within the Engagement CS workspace users can access work papers, trial balance, reports, and PPC e-Tools Suite and SMART e-Practice Aids-Risk Assessment tools. Diagnostic tools expedite the auditor's workflow process. Users can also access RIA tax and audit research via the Checkpoint platform.
PPC developed the SMART audit suite in response to a need to ensure compliance with standards. The e-Practice Aids-Risk Assessment automates the risk assessment and planning portion of an audit, and generates tailored audit programs based on unique risk assessment needs. The suite also provides Excel- and Word-based practice aids and work papers to streamline set up, documentation, and the completion process.
Engagement CS offers tools to streamline workflow, including functionality to enable more than one staff member to work in an engagement at the same time. Integration with Excel and Word enables linking of work paper balances to the trial balance.
Also featured: the ability to allow firms to add documents to engagement folders, and review tools enabling the examining, sign-off, and addition of review notes to documents without opening them in the native application.
Built in to Engagement CS is wrap-up functionality. When an engagement is complete, the application guides professionals through the final steps of the engagement.
Engagement CS locks final documents by making them read-only, and the system offers security features to control access to the wrap-up function.