Data analytics continue to make their mark on the audit world as they can help auditors find actionable audit insights throughout their work. The rise of audit analytics software is also making it easier for auditors to analyze large data sets and generate data analytics on their own, rather than relying on data scientists or other related experts to do so.
In this article, we’ll explore some of the top benefits of data analytics for internal audit, including:
Attempting to manually review an organization’s data simply isn’t feasible. It doesn’t matter if you’re trying to analyze accounting practices to spot financial risks, IT records to identify cybersecurity risks, red flags that indicate potential fraud, or anything else related to data. Because of this, the number one benefit of using data analytics for internal audit is that it can improve risk management throughout an organization.
When an auditor relies on limited data sampling methods to compensate for what would otherwise be information overload, that can leave gaps in risk management. Within a full data set, there might be unrealized, yet important, outliers. Data analytics for internal audit can help you spot and understand these risks by quickly reviewing large quantities of data.
For example, examining an entire data set could identify supplier risk. If auditors evaluated the spend across suppliers — and specifically suppliers used to make a particular product or product line — internal audit could help identify supply chain disruption risk, either by product or product area.
Looking at trends over time is another way to identify risks and anomalies. For example, increases or decreases in spend over time can help to identify risks and, potentially, even fraud. Increases in events, such as customer calls to a helpline or negative reviews of a company or product, can identify an increase with potential quality issues.
Auditors that use TeamMate Analytics are better prepared to look for unusual combinations across data sets. For example, specific diagnoses in healthcare will involve expected sets of treatment plans. Healthcare auditors can review treatment plans that may be considered “unusual” for each diagnosis. This can also lead to identifying under or over billing situations that may involve system issues, clerical errors, fraud, or other indicators.
Other examples of unusual data sets may include journal entries posted to an unexpected combination of accounts; sales transactions that have gone through a rare or complicated combination of processing steps; or an uncommon combination of user access roles. Each of these data identifiers allow internal audit to zero in on potentially high-risk items by the very nature of their rarity.
In addition to focusing on improving risk management, another benefit of data analytics for internal audit is that it can be used for greater overall assurance. Data analytics can provide a more systematic and complete review of business processes that make it easy to identify whether findings across different departments or business units are in alignment.
For example, an internal audit team might use data analytics to review financial data, such as transaction logs, to look for any anomalies across the organization. These results can easily be shared with other departments, such as enterprise risk management (ERM) and compliance, to further review and verify if the findings are in sync.
When sharing information between risk and assurance it is helpful for each team to be able to readily identify where the other risk and assurance functions have been and what they have done. If an organization does not use the same system they should, at a minimum, share a common plan, both past and future, and communicate regularly.
Having analytics that “speak for themselves” is also a valuable process to the audit workflow. It refers to analytics tests that are well documented and easy to verify, allowing someone not familiar with the testing that may have already occurred to readily see and understand the tests that were performed. Additionally (and just as important), the individual reviewing these tests for the first time should also be able to immediately understand why the tests were performed in the first place and what the results actually mean.
Common tools and a shared approach to analytics testing can help organizations better understand the work that individual teams may have already completed. As such, it is also beneficial to look for and utilize those tools that make the documentation process easier and more complete.
Case in point. The primary job of business leaders is to run their part of the business well. Leveraging the work between risk and assurance functions leads to greater efficiency across teams, while also helping to avoid compliance burnout by the business. While these leaders may understand the need for oversight and the value of a “second set of eyes,” they also want to avoid unnecessary or repetitive interruptions from risk and assurance functions that take their focus away from their primary responsibilities.
Using software specifically designed for internal audit makes it particularly easy to visualize and compare results. In contrast, with sampling or other more manual and limited processes, something might be missed that would otherwise indicate whether the audit findings align with ERM’s results.
Not only can data analytics for internal audit improve risk management and assurance, but they can also save time. Reviewing hundreds of thousands of data entries in Excel, for example, can be incredibly time-consuming, to the point that the analysis may never be completed, or even attempted.
Additionally, audit analytics software like TeamMate Analytics is capable of reviewing more than one million rows of data and has a library of over 150 tests built-in and ready to be run instantly. The data analytics findings can also be easily presented in a visual format to the stakeholders and the audit committee. Altogether, an internal auditor can use audit analytics software to improve their efficiency in terms of planning, conducting, and presenting an audit.
As an example, the task that auditors abhor the most is finding documentation to tie back to transactions on a spreadsheet. Imagine a spreadsheet of 50 transactions, a stack of hundreds of invoices and purchase orders, and being tasked with linking each invoice and purchase order with each individual transaction. Of course, the auditor would reasonably think — “Is this what I went to college for?” — as they begin the mind-numbing work of searching through all that paperwork. Rather than conducting value-added work that requires critical thinking skills, many hours are wasted on these manual-intensive tasks.
This is where efficiency is needed the most and a tool like the TeamMate Document Linker can be applied. As suggested in the above example, stacks of invoices and purchase orders can be scanned and quickly converted into individual PDF files. Using Optical Character Recognition (OCR), the TeamMate Document Linker can consume all of that information and match the documents to the records in less than a minute, freeing up the auditor to focus on providing greater value by using the critical thinking skills they were originally hired for.
We have also entered the age of technological advancement. Artificial Intelligence (AI) and Generative Artificial Intelligence (GenAI) are being relied on to complete the more mundane tasks of internal audit, providing the auditor with a head start or helping them to apply the finishing touches on their work. Auditors can now use GenAI to help identify risks, controls, or tests in a given business area, as well as summarize documents or clean up their writing. These tools can (and are) being used in many ways to help auditors become more efficient and improve the overall quality of their work.
However, when it comes to the use of AI, auditors should consider and keep in mind two very important thoughts. The first is to confirm with their organization how they can use GenAI tools in a manner that is both secure and in compliance with their organization’s data security requirements. And secondly, auditors still need to be responsible for their work. They need to verify and double-check for completeness with anything these AI tools may suggest or provide.
Internal auditors are faced with the difficult task of communicating their findings via lengthy tables and wordy explanations that often overwhelm the intended audience. But with the right data analytics audit software, the audit function can create data visualizations, such as charts and graphs, and clearer reports for senior management, the audit committee, or other stakeholders, to ensure they are getting the most out of each presentation.
TeamMate Analytics works within Excel, an environment every auditor is likely familiar with. More importantly, it’s a tool designed specifically for auditors. It provides easy-to-use visualization capabilities that create a seamless workflow, making it much easier for auditors to present the analytics story through visualizations that paint a clearer, more informative, and to-the-point picture.
Overall, data analytics supports each stage of the audit process, leading to improved audit quality as a whole. From audit planning and testing, to reporting and eventually wrap-up, internal auditors can use data analytics to better understand their work and find greater opportunities to collaborate with other stakeholders. More specifically, data analytics can be used to systematically and efficiently conduct audit procedures that include Benford’s testing, stratification, Monetary Unit Sampling, and gap and duplicate detection.
But it’s important for auditors to understand the difference between “generic” analytics tools, and tools that are designed specifically for internal audit. Generic tools, such as Microsoft Power BI, Tableau, Alteryx, and others, are good options for analytics, but they are not audit analytics tools. As an example, the most commonly used function of TeamMate Analytics is the Random Sample. It quickly allows auditors to identify and incorporate the exact number of records they need in their sample. All from the press of a button.
Internal audit and compliance teams frequently work with random samples for a variety of reasons. Generic analytics tools may provide a random function, but not the ability to pull a random sample. In this scenario, the auditor would likely need to write a specific script to use that random function to then pull a random set of records. These generic analytics tools lack the specific capabilities auditors need when completing their work, such as Regression Analysis, Completeness and Accuracy checks, combining tests to find high-risk transactions, unusual combinations, and a library of ready-to-use tests.
As the above list demonstrates, incorporating data analytics into your audit workflow can provide several benefits to your internal audit function, both in terms of optimizing your audit methodology and improving your overall audit results. Ideally, internal audit teams should be using audit analytics software to get the most out of data analytics, rather than using a more general analytics option that may not necessarily align with the specific audit methodologies and processes of an organization.
Audit analytics software like TeamMate Analytics is designed to help audit teams easily generate data analytics that provide these same types of benefits. Running on Microsoft Excel, TeamMate Analytics helps audit teams generate audit analytics that follow familiar workflows, rather than leaving analytics solely in the hands of data science experts.
