1) Why do we do this?
a. CAAT’s are designed to automate an audit step to provide ether
i. Faster audit test and/or more extensive audit test. ii. Testing the automated process that cannot be done manually.
1. Recreate or re preform
2) Why does ISA write and preform CAAT’s
a. ISA is the center of knowledge for ACL.
b. Most financial auditors do not have the knowledge and experience of how to write and use the complex scripts. This gets its origin from when the office used the Main Frame for data analysis. The office wanted to create a consistency to the creation of and us of CAAT’s.
3) When should it start and complete?
a. ASAP when the request comes in when reasonable.
i. Complete before the auditor needs …show more content…
1981 (with ACL ~ 2000) Prior to ~2000 all DR (and CAATs) were done on the Main Frame. IDA was 3 people in 1981 and there was a dedicated DR person with help during peak times. Mostly EasyTreve and Main Frame
b. In the late 1980’s there was a separate unit in OSA doing DR’s (precursor to MIS) they were not auditors. ISA would help as needed. ISA was 5 or 6 people and 2 to 3 of them would help during peak times. The MIS person retired in the early 1990’s and DR/CAAT’s came back to ISA. ISA had one dedicated person just for DR (not CAAT’s)
c. When OSA first got ACL (~2000), it had software keys and the office only had ~8 keys. These keys would be checked out from Mike Burch but Mike had problems getting people to turn the keys back in because ACL was so popular. The office bought several more keys. During Mike’s absence (worked for Cherry Bekaert for a couple of years) the office switched to an office wide license of ACL ~ the time that BANNER went online. The intent was always that ISA would do the heavy lifting in ACL and in ~2008 the office bought and started using Audit …show more content…
Audit Exchange was looked at as a repository for what was developed in the field but the office did not want undocumented ACL scripts being put onto AX.
i. Users were supposed to submit a summary and description to ISA and get approval to load a script into AX. This never happened mostly because the financial auditors were not writing scripts.
e. One project was a data imitative project (like GDAC). The idea was to collect data from across the state and run proactive data analysis looking for posable audit topics (and fraud) Beth ended that project when she took over.
6) What are the successes and challenges?
a. The biggest challenge is identifying where the data is, and how to get it and if what we get is the correct data. What data do we need to meet the financial auditor’s needs? Getting the data that the financial auditor’s actually need, not what they think they need. This is precisely why the people getting the data (DR or CAAT) need to know auditing. When they know auditing they know how to ask the correct