The Motley Fool Discussion Boards

Previous Page

Financial Products & Services / Sageworks


Subject:  Using CAATTs in Preliminary Analytical Review Date:  2/4/2008  4:34 PM
Author:  mdascola Number:  2 of 2

The new risk assessment standards are requiring firms to adjust their audit approach to a risk-based methodology. This can be a daunting challenge for firms who have become accustomed to traditional substantive audit approaches for their small business clients. Developing a basis for making your risk assessment becomes paramount to performing a high quality risk-based financial statement audit. The risk assessment standards require that auditors perform risk assessment procedures during planning such as, preliminary analytical review and obtaining an understanding of the entity, including internal controls. Computer Assisted Audit Techniques and Tools (CAATTs) can play a role in enhancing the effectiveness and efficiency of performing risk assessment procedures. The key to effectively and efficiently leveraging software applications in assessing risk is to use the software to improve the quality of the audit evidence used as the basis of the auditor’s judgments about the financial statement risk assertions.

Traditional CAATTs have largely been in the realm of data extraction software that allows the auditor to efficiently manage large sets of data and effectively stratify that data for testing. These CAATTs are primarily used in performing substantive tests, tests of details and for responding to specific risks. However, business analytics software can now play a significant role in the audit engagement when used to assist the auditor in performing the preliminary analytical review in the risk assessment process. Comprehensive analytics can provide one of the best sources of audit evidence to support the auditor’s risk assessment. The result of the risk assessment process will drive the overall audit approach; consequently, effective risk assessment procedures are the foundation for performing a high quality financial statement audit. Effective analytics help identify audit areas that may present higher risk for certain audit assertions.

Comprehensive analytics typically include developing expectations from multiple sources to help identify unusual or unexpected relationships. These expectations may include period-on-period variance analysis, regression analysis, ratio analysis, industry comparisons, budget-to-actual and other predictive tests. A good CAAT should make it easy for the auditor to develop these expectations by automating the calculations and comparisons so that the auditor can focus on evaluating the relationships. These analytics are used for identifying both inherent and control risks in the engagement. For example, if actual sales are significantly greater than the calculated trend and gross margin percentage exceeds the typical industry range then the auditor would likely identify these as flags for an inherent revenue recognition risk, such as a bill and hold scheme and as a risk of ineffective internal controls over cutoff procedures.

Business analytic software is initially used to develop the auditor’s expectations. This process is greatly enhanced by CAATTs because they remove much of the subjec