REASONS YOU NEED TO STOP USING SPREADSHEETS FOR AUDIT ANALYSIS

AUDIT SOLUTION

WHY WE LOVE SPREADSHEETS

• Constant use = familiarity• Easy to share • Database-like features• Data import, analysis, and report generation functions

PROBLEMS WITH SPREADSHEETS

Definition: A program in which users enter numerical values or data into rows and columns, and use these entries for calculations, graphs, and statistical analysis.

Data values can easily be altered – even accidentally

VLOOKUP and other formulas break easily but not always easily detected

SPREADSHEETS ARE RISKY

Despite familiarity, spreadsheets lack data integrity

Difficult to replicate analytics

Difficult to “debug”

Difficult for someone new to take ownership

I’m afraid I accidentally copied last years spreadsheet numbers into this

years annual report.

Soo…. Are they close?

DATABASES

A data management system that is able to handle larger data volumes than spreadsheets and provide robust data exchange

Complicated User Interface

Complex scripting knowledge required

No point and click solutions available

CAAT

• Computer Aided Audit Tools • Offers comprehensive approach compared to traditional

audit sampling methods• Facilitates more granular analysis of data • Delivers more definitive results because the entire

population of data can be tested

CAAT: BEST OF BOTH WORLDS AND MORE

ATTRIBUTE SPREADSHEETS DATABASES CAATS

Familiarity High Low Low

Ease of learning Medium High Medium

File size Small Large XLarge

Speed Slow Fast Fast

Data Integrity Accidental or intentional data changes

Imported data more secure

Imported data always secure

Routine audit analysis Build it yourself Build it yourself Pre-built

Audit trail Create manually Create manually Automatic

Pull in PDF reports Painful Painful Simple

Data matching None None Many

AUDIT ANALYTICS

CAATs

Timeliness

Secure

Read-Only Data

Access

100% Data Coverage

Pre-Built Analytics

Automate Processes

DATA ACQUISITIONCaseWare IDEA helps you import and export data from and into a multitude of formats – including files originating from mainframe computers and accounting software (ODBC Connection to JDE) (SAP Import tool)IDEA

WORKING WITH IDEA

Pivot Tables

Reports

Charts

Exports

History

Project Overview

Automate

Import from virtually any source – from PDF to ERP

Extract • Sort • Search • Group Calculated Fields • Stratify • Summarize

Age • Gaps • Duplicates • Sample Statistics • Join • Append • Compare

1. Import Data 2. Perform Analysis 3. Review Results

PRE-BUILT ANALYTICS

• Aging• Duplicate Detection• Benford’s Law• Summarization• Stratification• Gap Detection• Advanced Statistical Methods• Multiple Sampling Methods

PRE-BUILT ANALYTICS: AGING

Use the Age Band column as the column field in the Pivot Table.

The oldest (i.e., first) date should be older than the oldest record. For simplicity, use “1” (1/1/1900) as the date. This will represent the “X days +” band.

• Complicated equations• No data integrity

• User friendly interface• Data integrity • Enter a few values,

receive results

PRE-BUILT ANALYTICS: BENFORD’S LAW

Frequencies predicted by Benford’s Law for First Digit, Second Digit, and First Three Digit tests.

• Not intuitive• Can easily override values• No drill down feature• No custom graph

• User friendly • Read-only access• Drill down feature• Custom graph

AUTOMATIC AUDIT TRAIL

IDEA automatically records all changes made to a file (database) and maintains an audit trail of all operations carried out, including the import and each audit test

CAATS IMPROVE AUDIT EFFICIENCY

Before Audit Analytics- Painful data collection and prep- Data corruption may not be

detected- Analysis difficult to repeat

consistently- Limited to sampling with large

data sets- Manually documented

With Audit Analytics

✔ Easily collect & prepare data

✔ No risk of data corruption

✔ Easily repeat analysis consistently

✔ Easily review 100% of data

✔ Automatically self-document

Inefficient, Incomplete, Unreliable Automated, Extensive, Reliable

HOW TO DETERMINE RISK

Before Audit AnalyticsRandom/Stratified Sample

With Audit AnalyticsExamine 100% of data

Risk missing key insightsData quality issueUnreliable results

✔ Quantify exact risk✔ Quickly dig deeper into data if

merited✔ No risk of data corruption

TEST FREQUENCY

Before Audit Analytics1 to 3 times per year

With Audit AnalyticsUnlimited (Monthly, Weekly, Daily)

Missed opportunitiesLack-luster reports

✔ Timely remediation✔ Insights into strategic risks

WHERE CAATS HELPArea SpecificsRevenue • Billing • Order to Cash

Expense• Purchase to Pay • Travel & Expense• Vendor terms

• Purchasing cards• Compensation

Working capital • Payment timing• More accurate forecasts

IT• Segregation of Duties • Authorized access only• Server configuration for performance & security

Compliance• AML (financial services)• FCPA• Evidence of proper controls

IMPEDIMENTS TO 100% DATA INSPECTION

Existing tools not up to the job New tools too difficult

“businesses also tend to have expensive “shelfware” that no one uses”

- Data Analytics, ISACA

Excel data limits Data impurities Shelfware

FINDING DUPLICATES

• IDEA clients find duplicate payments even when ERP “won’t allow” them

Area Control Data Analysis

Purchasing of Goods

Application should not allow duplicate payments.

Obtain purchase order dataValidate that no duplicate payments were processed.

POs older than 3 months will not be processed.

Obtain a list of all POs processed. Determine if POs older than three months were processed.

Creator of PO can’t release/approve same PO

Obtain a list of all POs created (by originator)Obtain a list of all POs released or approvedDetermine any inappropriate segregation of duties (SOD)

Payment

Application should not allow duplicate payments.

Obtain list of all payments made to vendors in last 12 months. Determine duplicate payments, for example: Same vendor ID, amount but different invoice number Same vendor ID, invoice number but different amounts Different vendor ID with same bank account detail.

Segregation of duties (SOD) Obtain a list of who has processed payment & who created the PO. Determine if inappropriate SODs existed.

INTERNAL CONTROLS ANALYTICS

SUMMARY

CAATs• Can import infinite amount of data• Meet Industry standards• Commands are simple & audit purpose built• Provide the ability to perform discovery and in-depth

analysis

CLOSING THOUGHTS

“CaseWare IDEA complemented our staff very well as running the analysis did not involve having any programming knowledge. Our team was able to leverage their domain expertise and get results very quickly.”

Chief Audit ExecutiveUS Higher Education Institution

LEARN MORE ABOUT CASEWARE IDEAContact us at salesidea@caseware.com

REASONS YOU NEED TO STOP USING SPREADSHEETS FOR AUDIT ANALYSIS

AUDIT SOLUTION

Visit casewareanalytics.com Email salesidea@caseware.com