1) The document discusses continuous monitoring and auditing techniques using data analytics. It provides definitions and examples of continuous monitoring, auditing, and assurance. 2) Continuous monitoring involves ongoing management oversight of controls while continuous auditing involves independent testing by internal auditors. The relationship between the two is also discussed. 3) Implementing continuous monitoring and auditing can provide benefits like early detection of issues and fraud reduction but also faces challenges like obtaining the right data and tools.

1. 4/1/2019
1
Data Analytics - 4
Analysis and Monitoring
based on Data Analytics for
Internal Auditors
by Richard Cascarino
About Jim Kaplan, CIA, CFE
 President and Founder of AuditNet®,
the global resource for auditors (now
available on iOS, Android and
Windows devices)
 Auditor, Web Site Guru,
 Internet for Auditors Pioneer
 Recipient of the IIA’s 2007 Bradford
Cadmus Memorial Award.
 Author of “The Auditor’s Guide to
Internet Resources” 2nd Edition
Page 2
1
2

2. 4/1/2019
2
About AuditNet® LLC
• AuditNet®, the global resource for auditors, is available on the
Web, iPad, iPhone, Windows and Android devices and features:
• Over 3,000 Reusable Templates, Audit Programs,
Questionnaires, and Control Matrices
• Training without Travel Webinars focusing on fraud, data
analytics, IT audit, and internal audit
• Audit guides, manuals, and books on audit basics and using
audit technology
• LinkedIn Networking Groups
• Monthly Newsletters with Expert Guest Columnists
• Surveys on timely topics for internal auditors
• NASBA Approved CPE Sponsor
Introductions
Page 3
The views expressed by the presenters do not necessarily represent
the views, positions, or opinions of AuditNet® LLC. These materials,
and the oral presentation accompanying them, are for educational
purposes only and do not constitute accounting or legal advice or
create an accountant-client relationship.
While AuditNet® makes every effort to ensure information is
accurate and complete, AuditNet® makes no representations,
guarantees, or warranties as to the accuracy or completeness of the
information provided via this presentation. AuditNet® specifically
disclaims all liability for any claims or damages that may result from
the information contained in this presentation, including any
websites maintained by third parties and linked to the AuditNet®
website.
Any mention of commercial products is for information only; it does
not imply recommendation or endorsement by AuditNet® LLC
3
4

3. 4/1/2019
3
About Richard Cascarino, MBA,
CIA, CISM, CFE, CRMA
• Principal of Richard Cascarino &
Associates based in Colorado USA
• Over 28 years experience in IT audit
training and consultancy
• Past President of the Institute of
Internal Auditors in South Africa
• Member of ISACA
• Member of Association of Certified
Fraud Examiners
• Author of Data Analytics for Internal
Auditors
5
Today’s Agenda
 Data analysis and Continuous Monitoring
 Monitoring Tools
 Implementing continuous monitoring
 Potential benefits
 Continuous Auditing
 Implementing continuous auditing
 Structuring the implementation
 Perceived downside
 Obtaining and maintaining support
 Financial Analysis
 Analyzing Financial Data
 Use of ratios
 Horizontal and vertical analysis
 Subsidiary ledgers
 Financial database analysis
Page 6
5
6

4. 4/1/2019
4
Continuous Transaction
Monitoring
 Continuous monitoring defined
 CM initiation and planning
 Controlled monitoring selection
 CM testing
 CM Monitoring
7
 Monitoring: Method and processes to ensure that crucial
policies/processes/internal controls are adequate and are
operating effectively
 Used by operational/financial management
 Internal Audit independently evaluates the adequacy of
management activities.
 Auditing: The process by which the Internal Audit
team independently confirms that the internal controls are
working as intended.

 Assurance: The confidence that results, due to
management’s daily oversight on all internal controls and
risks, that sets the stage for achievement of the
organization’s mission and goals.
First, Some Definitions …
8
7
8

5. 4/1/2019
5
Why Continuous Monitoring?
 Advances in technology and increased business dynamics enable
businesses to change ever more rapidly,
 Traditional audits and controls are no longer adequate
 Key drivers
 Past few years’ events (9/11, malfeasance crisis, complex and creative business
models)
 Subsequent regulations (HIPAA, SOX, Patriot Act, Basel II, MiFID, etc.)
 Business needs, competitive development of controls to be matched
 Benefits
 Immediate notification to management of problems, timely correction
 Fraud reduction and improved risk management
 Extensibility across multiple IT systems
 Independence from operative management
9
Why Continuous Monitoring?
Growth through acquisitions wide variety of disparate IT systems
Data consolidation became a major challenge; multi-terabytes of
historical and real time data such as transaction logs, document files,
spreadsheets and financial reports stored on databases.
Security administrators were finding it impossible to monitor these
vast reservoirs of data in order to detect suspect usage patterns and
identify possible fraud before it was too late.
Non-intrusive solution needed to coexist with other IT systems
Independence from other processes to ensure impartial oversight
‘Events of interest’ are hidden across several system logs and
multiple log entries
Identification of suspicious behavior requires establishing profiles and
patterns (ex. multiple account of the same person)
10
9
10

6. 4/1/2019
6
Required of Continuous
Monitoring
 Able to access and normalize disparate data from across the
enterprise
 Offer comprehensive range of tests to effectively address
control objectives
 Provide flexibility of tests as control opportunities change
 Provide timely testing of data and reporting of results
 Handle large transactional volumes with no negative impact
on operational system performance
 Provide variable parameters for tests
 Provide for alert notifications
 Maintain security and integrity of tests and results
11
A Dramatic Change in the
Audit model
 1. The continuous assurance model has many clients
 2. The continuous assurance model had different Independence
considerations
 3. The continuous assurance model has a different justification
 4. The continuous assurance model is an element of the strategic
monitoring
 5. The Continuous assurance model will turn the audit process into audit by
exception
 6. A new set of analytics guides strategic monitoring
 7. The continuous assurance model covers a wider set of quantitative and
qualitative non-financial data
 8. The continuous assurance model has alternative materiality
considerations
 9. The continuous assurance opinion has some futurity implied in it
11
12

7. 4/1/2019
7
Deficiencies of Traditional
Approach
 Retrospective view
analysis frequently occurs long after transaction
has taken place, too late for action
 Lack of timely visibility into control risks and
deficiencies
 Alternatively
Independently test all transactions for
compliance with controls at, or soon after, point at
which they occur
13
Analytic Monitoring
Transaction
Monitoring
Rule
verification
Estimate
verification
Judgment
assurance
Rule based
evaluation
Rule heuristics Upstream /
downstream
verification
Exogenous
data
Continuity
reconciliations
Continuity
Equations
Continuity
Equations
Continuity
Equations
Transparent
markers
Structural
Knowledge
Value chain
relationships
Expert Systems
Confirmatory
extranets
Time-series /
Cross-sectional
analysis
Time-series /
Cross-sectional
analysis
Time-series /
Cross-sectional
analysis
13
14

8. 4/1/2019
8
Four levels of CA
Auditor
Process 1 Process 2 Process 3 Process 4
Process 6Process 5
MC Layer
Transaction monitoring
Object and info. flows
Rules of measurement interpretation
Formal spec
evaluation at all
points
Audit of judgments and facts
 Transaction assurance
 Rule assurance
 Estimate assurance
 Judgment assurance
Using Scripts for Continuous
Auditing
 Continuous control assessment
Identification of control deficiencies
Identification of fraud, waste, abuse
 Continuous risk assessment
Examination of consistency of processes
Development of enterprise audit plan
Support to individual audits
Follow-up on audit recommendations
15
16

9. 4/1/2019
9
Fraud Prevention &
Compliance
 Key Drivers
 Laws and Regulations
 Direct P&L impact to prevent losses from fraud
 Indirect P&L impact – business reputation, client
retention and acquisition
 Continuous Monitoring Requirements
 To detect fraudulent, unauthorized or money
laundering activities, operational systems need to be
monitored on an ongoing basis
 All systems produce activity/transaction logs, but
differing formats
 Centralized Monitoring Dashboard gives clear view
across all business transaction and IT systems
Evolution of Continuous
Monitoring
Manual Processing - Full User Intervention
Required (Retrospective Testing and Sampling)
Individual Macros - Some User
Intervention Required (Periodic
Testing of Selected Areas)
Menu Based Applications
- Limited User
Intervention Required
(Regular Testing Of
Identified Risk Areas)
Automated Testing /
Continuous Monitoring –
No User Intervention Required
(Frequent Testing for Leading
Indicators of Problems)
Most Organizations
Most groups
are stuck
here.
$ $ $
17
18

10. 4/1/2019
10
Obstacles to Continuous
Monitoring
1. Obtaining the data easily on a systematic basis
2. Standardizing the analysis process by identifying
key risk areas and leading indicators
3. Identifying a “champion” to spearhead creation of
custom analysis routines and allocating time to
complete the work
4. Avoiding the use of multiple applications to
produce the desired output
5. Moving to proactive monitoring from historic focus
on periodic retrospective testing
Caseware Monitor 5
 Continuous controls monitoring solution
 Pre-built solutions for industries that readily
monitor key controls
 Auto-generate or custom build dashboards,
visualizations and reports
 Captures KPIs such as root cause, money
 saved and regulatory impact
 Triggers an alert sent to users via email,
SMS or as notifications in apps
19
20

11. 4/1/2019
11
ACL Continuous Monitoring
Solution
 http://www.acl.com/solutions/continuous_mo
nitoring.aspx
flexible and independent control review
mechanisms
management can review the exposures of
business risk
receive timely notification of control breaches
obtain summary reports
21
Infor Approva
 http://www.infor.com/product-
summary/fms/approva-continuous-
monitoring/
continuous control monitoring software
 management can execute repeatable processes
can handle transaction monitoring across
applications and platforms
can automate testing, track the results and
enables investigation
22
21
22

12. 4/1/2019
12
Infogix Enterprise Data
Analysis Platform
 http://www.infogix.com/products/
family of software modules
enabling the organization to automatically validate
operational and financial information utilizing
standardized user-defined business rules
rule-based exception research, resolution and reporting
information from disparate reporting systems can be
centralized and personalized for individual
management requirements
23
Oversight Systems
 http://www.oversightsystems.com/solutions
continuous transaction monitoring software
acts as a virtual analyst aimed at the detection of
operational variance
statistical, behavioral, Boolean, and time-based
Analytical capabilities
24
23
24

13. 4/1/2019
13
 Role of continuous auditing
dependent on management’s
role in continuous monitoring of
controls
Inverse relationship: the greater
the role of management, the
less of a direct role of Internal
Audit.
 True continuous assurance
 Depends on effective monitoring
by management of internal
controls and Audit’s independent
assessment of that function.
Relationship of Continuous
Auditing/Monitoring/Assurance
25
Continuous Auditing
Owned and performed by Internal Audit
Primarily detective in nature (may also be
corrective)
Internal Audit is responsible for evaluating
continuous monitoring activities
Continuous Monitoring
Owned and performed by management
Can be preventative, detective, and/or
corrective in nature
Qualifies as an internal control
Summary of the Differences
26
25
26

14. 4/1/2019
14
Continuous Auditing
 Required of auditors:
 Ability to implement and understand IT
at an in depth level
 Accumulate sufficient evidence to
communicate current status of risk-
control objectives
What is Continuous
Auditing?
Continuous auditing is a type of auditing
which produces audit results simultaneously
with, or a short period of time after, the
occurrence of relevant events.
It would be more accurate to call this type of
auditing instant rather than continuous.
Instant is not necessarily frequent.
27
28

15. 4/1/2019
15
Without Continuous
Monitoring
 Management must:
Maintain an activity audit trail
Enforce access-control standards
Ban standardized administrator passwords
Enforce change management
Facilitate independent inspection of
infrastructure-management records
 Auditors’ knowledge must stay current
The Auditing Process
• Traditional
• Engagement definition
• Audit planning
• Internal control
evaluation
• Substantive testing
• Opinion formulation
• Reporting
• Continuous
• MC architecture
• Analytic monitoring
structuring
• Discrepancy based audit
monitoring
• Continuous model
building and gathering
• Alarming and informing
• Discrepancy analysis
• Multilevel opinions
Continuous Auditing
29
30

16. 4/1/2019
16
Analytical Procedures in CA
 Analytical procedures used in the planning, substantive
testing, and reviewing stages of an audit. We focus on
substantive testing.
 In conventional auditing first apply analytical procedures to
identify potential problems, Then, focus detailed transaction
testing on the identified problem areas.
 In CDA the sequence is reversed:
Use automated general transaction tests to all the transactions and
filter out identified exceptions for resolution.
Apply automated analytical procedures to the filtered transaction
stream to identify unforeseen problems.
Alarm humans to investigate anomalies.
31
Anomolies in Auditing
 False positive error (false alarm, Type I error): A non-
anomaly mistakenly detected by the model as an anomaly.
Decreases efficiency.
 False negative error (Type II error): An anomaly failed to
be detected by the model. Decreases effectiveness.
 Detection rate is used for clear presentation purpose: The
rate of successful detection of seeded errors.
 A good analytical model is expected to have good anomaly
detection capability: low false negative error rate (i.e. high
detection rate) and low false positive error rate.
32
31
32

17. 4/1/2019
17
6 Steps of Implementation
33
2. Rule
5. Follow-up
1. Priority
Areas
6. Action and
Reaction
4. Parameterization
3. FrequencyAudit Control Panel
Perceived Downside to CA
 Audit access to live data
 Availability of appropriate audit tools
 Untrained or unqualified auditors
 The perception that continuous auditing is a
technical area
34
33
34

18. 4/1/2019
18
Obtaining and Maintaining
Support for CA
 Some support has come from the Public
Company Accounting Oversight Board
(PCAOB)
 Roles assignment to appropriate individuals
is fundamental to success
Technical specialists to deal with the issues of
data access or designing a complex analytic
Non-technical auditor for the business design of
the tests regarding specific audit and control
objectives tests
35
Obtaining and Maintaining
Support for CA
 Critical area for gaining acceptance of the
whole concept is the manner in which false
positives are dealt with
(common during the start-up phase of continuous
auditing)
reporting can be tailored to summarize values
without specifically addressing individual minor
anomalies
36
35
36

19. 4/1/2019
19
Benefits may be in Terms of
 Reduction of risk
 Improvements in corporate reputation
 Improved customer satisfaction
 Improved profitability
 Reduction in the likelihood of fraud
occurrences
37
38
Financial Statements
Balance Sheet
Income Statement
Managers and Analysts Use Financial Statements to Conduct:
- Cash Flow Analysis
- Performance (Ratio) Analysis
37
38

20. 4/1/2019
20
39
Four Key Financial
Statements
1. Balance sheet
2. Income statement
3. Statement of retained earnings
4. Statement of cash flows
Implications of Finance
ELEMENTS OF BUSINESS UNIT STRATEGY
Value chain
Pro-R&D Pur- Sales
chasing duction
Where to  ___  ___  ___  ___
compete  ___  ___  ___  ___
 ___  ___  ___  ___
 ___  ___  ___  ___
When to Actions
compete
How to
compete
Source: Adapted from Kevin P. Coyne et al. (2000), Gaining advantage over competitors, McKinsey Quarterly
39
40

21. 4/1/2019
21
Inter-relationships
BUSINESS UNIT STRATEGY
Where to compete How to compete When to compete
Geogra-
phic
markets SustainableValue competitivepropositionCusto- advantageChannelsmers
RelationshipRelationship with otherSupply with share-chain Products suppliers holdersstages
Source: Adapted from Kevin P. Coyne et al. (2000), Gaining advantage over competitors, McKinsey Quarterly
Key Performance Indicators
 Return on assets (ROA): General
assessment of profitability (all capital
providers point of view)
ROA assesses net profitability of operating
activities per dollar of average investment,
which is a measure of how profitable a
company is regardless of how the
company’s assets are financed.
41
42

22. 4/1/2019
22
Calculated by
ROA =
Net income + Interest expense, net of income taxes
Average total assets
ROA =
Net income + Interest expense (1-t)
Average total assets
where “t” = effective (or statutory) tax rate
Ratios Used to Assess
Profitability
 Return on Common Equity (ROCE):
Assessment of profitability from the viewpoint of
common stockholders
ROCE assesses net profitability, after preferred
dividends, per dollar of common stockholders’
investment
 Earnings Per Share (EPS)
Reflects net income, after preferred dividends,
available to an average common share of stock
43
44

23. 4/1/2019
23
Thus
ROCE =
ROA
Common Earnings
Leverage Ratio
Capital
Structure
Leverage Ratio
Net income + [interest
expense  (1-t) ]

Net income –
preferred stock
dividends

Average total
assets
Average total assets Net income +
[interest expense 
(1–t)]
Average
common
stockholders’
equity
And
ROA subcomponents: Net profit margin
ratio and asset turnover ratio.
The net profit margin ratio measures the
prefinancing income per dollar of sales.
Net profit margin ratio =
Net income + [interest expense x (1-t)]
sales
45
46

24. 4/1/2019
24
Ratios Used to Assess
Profitability
 EBIT
Earnings before Interest and Tax
 EBITA
Earnings before Interest, Tax and Amortization of Goodwill
 ROI
Return on Investment
 MVA
MVA = Market Value of the Firm - Book Value of the Firm
Market Value = (# shares of stock) (price per share) + Value of
debt
Book Value = Total common equity + Value of debt
If the market value of debt is close to the book value of debt, then
MVA is:
 MVA = Market value of equity – book value of equity
Funds Analysis, Cash-Flow
Analysis, and Financial Planning
Funds Analysis, Cash-Flow
Analysis, and Financial Planning
 Flow of Funds (Sources and Uses)
Statement
 Accounting Statement of Cash Flows
 Cash-Flow Forecasting
 Range of Cash-Flow Estimates
 Forecasting Financial Statements
 Flow of Funds (Sources and Uses)
Statement
 Accounting Statement of Cash Flows
 Cash-Flow Forecasting
 Range of Cash-Flow Estimates
 Forecasting Financial Statements
47
48

25. 4/1/2019
25
Types Of Financial Ratios
49
Liquidity Ratios
Current Ratio
Quick Ratio
Turnover Ratios
Collection/Payment Period
Debt-to-Equity Ratio
Times Interest Earned Ratio
Gross Margin
EPS
P/E Ratio
Market-to-Book Ratio
Activity Ratios
Debt Ratios
Profitability Ratios
Market Ratios
Liquidity Ratios
50
seitilibailcurrent
assetscurrent
=ratioCurrent
seitilibailcurrent
inventoryassets-current
=ratioQuick
49
50

26. 4/1/2019
26
Activity Ratios
51
inventory
soldgoodsofcost
=turnoverInventory
assetsfixednet
sales
=overasset turnFixed
Profitability Ratios
52
sales
taxes&interestbeforeEarnings
=marginprofitOperating
sales
profitsGross
=marginprofitGross
sales
incomeNet
=marginprofitNet
51
52

27. 4/1/2019
27
Profitability Ratios
53
=shareperEarnings
goutstandinstockcommonofsharesofnumber
incomeNet
assetsTotal
incomeNet
=assetson totalReturn
equityrs'Stockholde
incomeNet
=equitycommononReturn
Market Ratios
54
shareperearnings
stockcommonofshareperpricemarket
=ratio(P/E)ingsPrice/earn
goutstandinstockcommonofsharesofnumber
equitystockcommon
=sharepervalueBook
stockcommonofsharepervalueBook
stockcommonofsharepervalueMarket
ratio(M/B)kMarket/boo 
53
54

28. 4/1/2019
28
Financial Ratios For Cross-
Sectional and Trend Analysis
55
 Cross-Sectional Analysis: Comparing
Different Firms’ Financial Ratios at the
Same Point in Time
Compared to firms in same industry
Benchmarking - compares a company’s ratio
values to those of competitors that company
wishes to emulate
 Trend Analysis - Performance Evaluation
Over Time
Developing trends can be seen using multiyear
comparison
Financial Statements and
Financial Ratios
56
Balance Sheet
Income Statement
Liquidity Ratios
Activity Ratios
Debt Ratios
Profitability Ratios
Market Ratios
55
56

29. 4/1/2019
29
Strategies for Future
Shift to proactive monitoring
 Automate any tests that can be run without user
intervention
start with the weekly file maintenance tests
 Using information from exiting audit tests, identify
additional leading indicators of potential problems
Create/adapt test to search for these events on a more frequent
basis
 Use the results from the automated tests in the risk
assessment process to help determine the focus of on-
going audit activities.
Questions?
Any Questions?
Don’t be Shy!
57
58

30. 4/1/2019
30
AuditNet® and cRisk Academy
If you would like
forever access to this
webinar recording
If you are watching
the recording, and
would like to obtain
CPE credit for this
webinar
Previous AuditNet®
webinars are also
available on-demand
for CPE credit
http://criskacademy.com
http://ondemand.criskacade
my.com
Use coupon code: 50OFF
for a discount on this
webinar for one week
Thank You!
Jim Kaplan
AuditNet® LLC
1-800-385-1625
Email:info@auditnet.org
www.auditnet.org
Follow Me on Twitter for Special Offers - @auditnet
Join my LinkedIn Group –
https://www.linkedin.com/groups/44252/
Like my Facebook business page
https://www.facebook.com/pg/AuditNetLLC
Richard Cascarino & Associates
Cell: +1 970 819 7963
Tel +1 303 747 6087 (Skype Worldwide)
Tel: +1 970 367 5429
eMail: rcasc@rcascarino.com
Web: http://www.rcascarino.com
Skype: Richard.Cascarino
Page 60
59
60