Adoption of generalised audit software (GAS) by external auditors in the UK

Ahmi, Aidi

January 2012

This research is motivated by the interest in understanding the usage of the Generalised Audit Software (GAS) by external auditors within public accounting firms. GAS is a tool used by auditors to automate various audit tasks. It helps auditors to analyse accounting data electronically where it is quite impossible to do so manually. GAS is claimed to be the most influential Computer Assisted Audit Tools and Technique (CAATTs) that can facilitate the audit objective. However, research has found that there is little evidence that auditors have extensively adopted GAS. Even greater benefits have been promoted since the existence of GAS, but auditors do not really seem to be interested in this tool. Most previous studies have focused on either internal auditors, large accounting firms, other countries or merely adopters of GAS. However, there is little evidence that the study of GAS has been conducted on external auditors, especially in small and medium sized accounting firms in the United Kingdom (UK). This study helps to fill this gap by exploring the use of GAS among them, and covers both adopters and non-adopters of GAS. Through an online survey using both close and open-ended questions, this issue has been investigated among registered statutory auditors. The primary aim of this study is to explore the current usage of GAS and to understand the factors that influence the use of GAS as well as the perceptions and expectations of using GAS. The views are gathered from both auditors who are already implementing GAS and those who are not using GAS. A framework was developed to identify a range of relevant factors which are important when considering the application of GAS. Responses from 205 statutory auditors across the UK were then mapped against the framework. Of the 14 variables used to test the factors that influence the use of GAS, only six of them are found to be significant from logistic regression analysis. These are firm size, experience of auditors in computerised auditing, organisational influence, client factor, audit engagement allocation and perceived usefulness. The findings show that the utilisations of GAS is unusually low among audit firms in the UK. Almost 73% of external auditors make no use of GAS, due to the limited perceived benefit of using GAS for auditing small clients. While some respondents recognised the advantages of GAS, they were put off by what they believed to be high implementation costs; the significant learning curve and adoption process; and lack of ease of use. Some auditors expressed their awareness of GAS, but most of them showed a preference for using traditional auditing methods instead. A few problems have also been identified in causing the limitation of GAS usage. This study contributes to the literature on suggestions to improve the use of GAS that can be used by small and medium sized public accounting firm, which is lacking in existing research related to this group. In sum, this study has deepened current understanding of the GAS usage among small and medium sized audit firms in the UK, and has provided useful insights for audit professionals, software developers, vendors, standards setters, academicians and researchers. This study has also opened up the possibilities for further study on GAS or related areas either in the UK or other places in the world.

657

Comparative Analysis of Benchmarking and Audit Tools

January 2011

abstract: Among the various end-use sectors, the commercial sector is expected to have the second-largest increase in total primary energy consump¬tion from 2009 to 2035 (5.8 quadrillion Btu) with a growth rate of 1.1% per year, it is the fastest growing end-use sectors. In order to make major gains in reducing U.S. building energy use commercial sector buildings must be improved. Energy benchmarking of buildings gives the facility manager or the building owner a quick evaluation of energy use and the potential for energy savings. It is the process of comparing the energy performance of a building to standards and codes, to a set target performance or to a range of energy performance values of similar buildings in order to help assess opportunities for improvement. Commissioning of buildings is the process of ensuring that systems are designed, installed, functionally tested and capable of being operated and maintained according to the owner's operational needs. It is the first stage in the building upgrade process after it has been assessed using benchmarking tools. The staged approach accounts for the interactions among all the energy flows in a building and produces a systematic method for planning upgrades that increase energy savings. This research compares and analyzes selected benchmarking and retrocommissioning tools to validate their accuracy such that they could be used in the initial audit process of a building. The benchmarking study analyzes the Energy Use Intensities (EUIs) and Ratings assigned by Portfolio Manager and Oak Ridge National Laboratory (ORNL) Spreadsheets. The 90.1 Prototype models and Commercial Reference Building model for Large Office building type were used for this comparative analysis. A case-study building from the DOE - funded Energize Phoenix program was also benchmarked for its EUI and rating. The retrocommissioning study was conducted by modeling these prototype models and the case-study building in the Facility Energy Decision System (FEDS) tool to simulate their energy consumption and analyze the retrofits suggested by the tool. The results of the benchmarking study proved that a benchmarking tool could be used as a first step in the audit process, encouraging the building owner to conduct an energy audit and realize the energy savings potential. The retrocommissioning study established the validity of FEDS as an accurate tool to simulate a building for its energy performance using basic inputs and to accurately predict the energy savings achieved by the retrofits recommended on the basis of maximum LCC savings. / Dissertation/Thesis / M.S. Architecture 2011

Architectural engineering

Energy

Sustainability

Audit tools

Benchmarking

Energy Star

FEDS

Portfolio Manager

Prototype models

Nastroje a techniky v auditu / Tools and techniques in audit

Heringová, Eva

January 2012

The goal of the thesis is to explain tools and techniques used in the field of audit and compare their use in the context of internal and external audit. The theoretical part states firstly different features of both types of audit, issues of professional ethics and legal framework. Next, tools and methods of external audit are stated, as well as its goals and nature. In the subsequent chapter, the same aspects are explained for internal audit and finally, we discuss the cooperation between and comparison of the two types of audits. The practical section is focused on usage of the techniques in practice and their benefit in the form of practical experience. Real company data are used to demonstrate usage of the described techniques in practice in external and internal audit. In the final chapter, comparison of the results of both audits are stated, i.e. the auditor opinion and internal audit report which include suggestions for improvement in the audited fields.

Využití softwarových nástrojů v oblasti detekce podvodných jednání / Using software tools to detect fraud

Sobkuliaková, Lucia

January 2012

The subject of this Master thesis is an application of fraud detection softwares. Except computer assisted audit tools and techniques and fraud management systems thesis deal with new methods like using neural network model or logistic regresion model.The thesis also contains comparison of the best softwares for fraud examinations.

資料外洩稽核工具之設計與實作 / Design and implementation of an audit tool for data leakage

高華志, Kao, Hua Chih

Unknown Date

隨著國內法令規範對於隱私政策更加重視，國內外企業組織因應鉅額罰款與政策的施行，再加上個人資料外洩事件頻傳，各企業無不擔心客戶資料的保護與落實內部資料控制。而大型政府機關或企業，由於服務範圍廣大，應用系統繁多，針對資料外洩的保護與落實，將更加的複雜。大部份的組織針對實體文件、安全性儲存設備管制、使用採購防火牆設備等，皆有進行相關的管理與設備的採購，但上述機制未能解決應用系統的資料外洩問題。對稽核人員而言稽查應用程式是否有資料外洩之虞，由應用程式原始程式碼相當實為不易，而新制定一套更安全存取控管的介面更需投入相當高的成本與時間。 / 本研究在設計與實作資料外洩稽核工具，參考國際標準ISO27002與ISO 13569資訊安全作法，摘選出應用系統資訊安全指引，並根據實務經驗與金融產業的系統特性，找出資料外洩存取規則(Rules)。除此之外需搭配資料庫執行指令記錄器(DB Logger)，由大量的資料庫指令紀錄中快速產生稽核報表，藉以協助稽核人員查核資料外洩的線索並督促組織內部問題的改善，以落實內部資料控管政策與外部法令要求。 / The rapid spread of information technologies into every facet of our life results in a surge in attention to privacy recently. Bills are enacted and a comprehensive privacy policy becomes a sign of a responsible corporation. However, the complexity and diversity of application systems of information makes it very difficult to ensure that the information systems conform to all the privacy regulations and polices. Although most corporations have established some privacy policies for controlling physical documents and various hardware devices, the main problem for data leakage is at application layer. Application developers could retrieve sensitive data by exploiting application flaws. This poses great challenges to information system auditors. Firstly, it is rather difficult for auditors to review the code to spot the flaws. Secondly, it is impractical to make a new coding standard and re-write the legacy applications accordingly. Thirdly, application developers lack the motivation to improve the protection level of existing systems. / This thesis argues that a database audit tool can partly address the above difficulties faced by auditors. Specifically, we design and implement a tool for data leakage auditing. We derive right rules for identifying the potential sources of data leakage by referencing to information security practices such as ISO27002 and ISO 13569, and our practical experience in financial industry. Our tool makes good use of the database logger to produce an audit report based on those rules. The audit reports provide not only useful hints for auditors to detect possible data leakage, but also good evidence for urging developers to enhance their applications for privacy protection.

資料外洩

稽核工具

資訊安全

隱碼攻擊

ISO27002

ISO 13569

Data Leakage Prevention

Audit Tools

Information Security

ISO27002

ISO 13569

Injection Flaws

SQL Injection

DLP

Användningen av revisionsverktyg : en kvantitativ studie om faktorer som påverkar användningen av revisionsverktyg i Sverige / The usage of Computer Assisted Audit Tools (CAATs) : a quantitative study about factors that influence the usage of Computer Assisted Audit Tools in Sweden

Capin, Mario, Nyman, Olle

January 2019

Digitaliseringen av revisionsbranschen har varit ett omdiskuterat ämne, vilket beror på att branschen har genomgått stora förändringar under de senaste åren. Digitaliseringen har påverkat hur uppgifter utförs och hur problem tas an, vilket har och kommer innebära en förändring av samhällets olika delar. Sedan tidigare har det forskats på vilka faktorer som påverkar användningen av revisionsverktyg bland revisionsbyråer och revisorer, däremot mindre ur en svensk synvinkel. Syftet med denna studie är således att identifiera och bekräfta eller dementera tidigare forsknings funna faktorer som påverkar användningen av revisionsverktyg, samt testa dessa faktorers tillämpbarhet i Sverige. För att undersöka studiens syfte har en kvantitativ ansats använts med hjälp av en webbaserad enkät som har skickats ut till svenska revisionsbyråer. Hypoteserna i studien är baserade på den redan existerande forskningen. Studien utgår från Technology-Organization-Environment ramverkets tre kontexter, den tekniska, organisatoriska och miljömässiga. Faktorerna som undersöktes under respektive kontext var IT-kunskap, uppmuntran och standarder. Resultatet indikerar att det finns faktorer som påverkar användningen av revisionsverktyg även i en svensk kontext. Studien kan påvisa att uppmuntran och standarder har en signifikant påverkan på användningen. Det finns emellertid ett fortsatt behov av att forska vidare på ämnet då följande studies förklaringsgrad visar på en liten variation i användningen av verktygen. / The digitalisation of the audit profession has been a discussed topic due to the major changes in the industry in recent years. The digitalisation has affected how tasks are performed and how problems are addressed, which has caused changes in different parts of society. Factors that influence the use of Computer Assisted Audit Tools (CAATs) have previously been researched, but less in a Swedish context. The purpose of this study is to identify and confirm or deny previous factors found to affect the use of CAATs as well as the applicability of those factors in Sweden. To examine the purpose of the study a quantitative approach was used with the help of a web-based survey, sent out to Swedish auditing firms. The hypotheses in this study are based on previous research in the field. The study is based on the three contexts of the Technology-Organization-Environment framework, the technical, organisational and environmental context. The factors that were examined under each context were IT-knowledge, encouragement and standards. The result indicates that there are factors that affect the use of CAATs in a Swedish context. The study proves that encouragement and standards have a significant impact on the use of the tools. However, there is a continuing need to research the subject further as the degree of explanation in the analysis shows a small variation in the use of the tools.

Computer assisted audit tools

IT-adoption

auditor

accounting firm

IT-knowledge

encouragement

standards

Revisionsverktyg

IT-införande

revisor

revisionsbyrå

IT-kunskap

uppmuntran

standarder

Business Administration

Företagsekonomi

Acessibilidade aos pontos de ônibus : estudo de caso em São Carlos

Antunes, Juliana Carmo

06 May 2010

Made available in DSpace on 2016-06-02T20:00:33Z (GMT). No. of bitstreams: 1 3122.pdf: 12589573 bytes, checksum: 4b6f8dd25295daa6d34d98679abba8e3 (MD5) Previous issue date: 2010-05-06 / This work is the result of a research which subject is the accessibility to public transit at medium cities, being the case study applied at São Carlos-SP and its structures of access to the urban public transportation. It is an applied research, which aims to generate knowledge related to transportation and urban mobility studies. Taking into consideration aspects of exploratory and quantitative natures, it aims to provide familiarity to walking and pedestrian issues, and its relationship to public transit traveling. The finding results bring the main transit user s characteristics, and indicate the security issue as the one of most perception and relevance to people s choice, indicating that the creation of accessible routes is not related only to aspects of walking path, but also to urban design and social dynamics. / O presente trabalho é resultado de uma pesquisa que tem como tema a acessibilidade ao transporte coletivo em cidades médias, sendo o estudo de caso aplicado na cidade de São Carlos-SP e em sua estrutura de acesso ao seu sistema de transporte coletivo urbano. Trata-se de uma pesquisa aplicada, que busca gerar conhecimentos específicos para estudos de transportes e mobilidade urbana. De cunho quantitativo e caráter exploratório, visa proporcionar maior familiaridade com a questão dos pedestres e sua relação com as viagens em transporte coletivo, objetivando identificar aspectos relativos à percepção dos pedestres, distâncias de caminhada e fatores que influenciam as escolhas dos trajetos. Os resultados da pesquisa indicam o perfil dos usuários de transporte coletivos, e apontam para a questão da segurança pessoal como o de maior percepção e relevância na escolha dos trajetos,dando indícios de que a criação de rotas acessíveis não está ligada somente aos aspectos relativos às características do passeio, mas também a aspectos do desenho urbano e dinâmica social.

Engenharia urbana

Acessibilidade

Transportes -planejamento

Transporte coletivo

Pedestres

Coleta de dados

Instrumentos de auditoria

Instrumentos de coleta de dados

Entrevistas

Accessibility

Public transit

Pedestrian

Data collection

Audit tools

Data survey instruments

Interviews

ENGENHARIAS