GTAG-3 presentation (PPT, 110KB)
Global Technology Audit Guide (GTAG) series
Guide to the Assessment of IT Risk (GAIT) series
IT Audit Guidance main page
Guide 3: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment
Download (members only): English (PDF, 1.2 MB); Spanish (880KB); French (710KB)
Purchase from The IIA Research Foundation Bookstore
Rate this guide
An evolving regulatory environment, increased globalization of businesses, market pressure to improve operations, and rapidly changing business conditions are putting increased pressure on chief audit executives (CAEs) and their staff to provide more timely and ongoing assurance that controls are working effectively and risk is being mitigated.
Continuous auditing changes the audit paradigm from periodic reviews of a sample of transactions to ongoing audit testing of 100 percent of transactions. This guide focuses on assisting CAEs with identifying what must be done to make effective use of technology in support of continuous auditing and highlights areas that require further attention.
TABLE OF CONTENTS
1. Summary for Chief Audit Executive
Continuous Auditing
The Need for a Continuous Auditing/Continuous Monitoring: An Integrated Approach
The Roles of Internal Audit Activity and Management
The Power of Continuous Auditing
Implementation Issues
2. Introduction
Continuous Auditing: A Brief History
Today's Audit Environment
COSO Enterprise Risk Management (ERM) Framework
The Roles of the Internal Audit Activity and Management
Benefits of Continuous Auditing and Monitoring
3. Key Concepts and Terms: The Need for Clarity
Continuum of Continuous Auditing
4. Relationship of Continuous Auditing to Continuous Assurance and Continuous Monitoring
Continuous Assurance
Continuous Monitoring
Continuous Auditing
5. Areas for the Application of Continuous Auditing
Applications for Continuous Control Assessment
Applications for Continuous Risk Assessment
Development of Audit Plan
Support to Individual Auditing
Follow-up on Audit Recommendations
Conclusion
6. Implementing Continuous Auditing
Continuous Auditing Objectives
Continuous Control and Risk Assessment - Relationship
Manage and Report Results
Challenges and Other Considerations
7. Conclusion
8. Appendix A - Example of Continuous Auditing Applied to Accounts Payable
9. Appendix B - Related Standards
10. Appendix C - Continuous Auditing Self Assessment
Author
David Coderre, Royal Canadian Mounted Police
Subject matter experts
John Verver, ACL Services Ltd.
J. Donald Warren Jr., Center for Continuous Auditing, Rutgers University
Questions about this guide for the author? E-mail guidance@theiia.org.