In an article under FOCUS, Lim Ju May, Terence Lam and Wang Zhumei explained how data analytics can be innovative and effective during audits even with complex businesses and large volume of transactions.
The article states that data analytics is defined as the science and art of:
- discovering and analysing patterns,
- identifying deviations and inconsistencies, and
- extracting other useful information in the data, for the purpose of planning or performing the audit.
The types of data analytics used in performing risk assessment procedures and further audit procedures
- descriptive analytics which asks “What happened?”. This is characterised by traditional business intelligence and visualisations with the usage of bar charts, pie charts, line graphs, generated narratives and tables.
- diagnostic analytics examines “Why did it happen?”. This is characterised by techniques such as data discovery, drill-down, correlations and data mining.
Prior to use of data analytics
An inappropriate use of technological resources may increase the risk of over-reliance on the information produced for decision purposes, it may introduce threats to complying with relevant ethical requirements. Consequently, policies and procedures have to be in place to ensure that such technological resources are used appropriately.
- quality management
- data security and confidentiality
- human resources
- preparing data for use, and
- considering the relevance and reliability of data.
Usage of Data analytics
Data analytics techniques can be used to perform risk assessment procedures or further audit procedures if they can provide sufficient audit evidence that a risk of material misstatement has been addressed. The following factors are to be considered:
- the purpose of the process is whether data analytics is directly responsive to the identified risk of material misstatement, and
- the level of precision in the procedure, for example, whether the expectation is sufficiently precise to locate a misstatement.
Auditors can focus on outliers and exceptions to identify the riskiest areas of the audit by employing data analytics. Data analytics techniques can analyse entire populations of transactions.
Identification of exceptions
The use of data analytics in performing substantive procedures may lead to the identification of a vast number of exceptions. The auditor can group and filter the exceptions into sub-populations, where applicable. Further analysis and additional procedures must be performed to determine if these exceptions are:
- false positives
- possible misstatements that are inconsequential for which no further investigation is required, and
- possible misstatements that are not inconsequential for which further investigation is needed.
The ISCA’s Exposure Draft of the AGS on Data Analytics in a Financial Statement Audit is expected to be issued for public consultation soon.
Source: ISCA Journal, 9 October 2020, accessed 14 October 2020.