What controls make audit analytics reliable enough to use in fieldwork?
Reliable audit analytics need controls over source data, transformation, exception logic, access, and review. The auditor should reconcile source extracts to control totals where practical, document filters and joins, review calculations, define thresholds before looking for exceptions, restrict who can edit the dashboard, and retain the version used for the audit.
In a fieldwork setting, a dashboard that identifies duplicate payment risks should show the population, date range, duplicate logic, excluded records, and validation performed. If the analytic joins vendor master data to payment data, the reviewer should check whether the join created missing records or duplicates.
The CIA framing is straightforward: analytics can improve coverage, but the auditor still needs competent evidence that the analytic is complete, accurate enough, and relevant to the audit objective.
Master CIA Part 2 with our CIA Course
45 lessons · 90+ hours· Expert instruction
Related Questions
What should an auditor do if a supervisor weakens a supported finding?
How should auditors prepare for a technical exit meeting?
When should audit quality concerns be escalated beyond the engagement team?
How does business knowledge affect internal audit quality?
Where should an auditor begin a full-company internal control audit?
Join the Discussion
Ask questions and get expert answers.