Implementation of Continuous Auditing in Softengi

Continuous auditing is the use of automated tools to audit financial and non-financial data in the company.

Automated control is done with the help of IT solutions or tools programmed to identify exceptions, errors, analyze content in files and to monitor other activities.

At some point we at Softengi understood that manual checking of time tracking by team members, business plan accuracy or manual compliance audit to internal standards is not an option for us – too expensive and too many business processes. How did we tackle the issue? Read it below.

Why is there a need for continuous auditing?

The company uses its own quality management system, and follows international standards for project management and quality control.

The more business processes in the company – the more difficult is to audit them.


Traditional auditing is outdated:

  • History proves that it is impossible to avoid audit mistakes
  • The audit cost may be surprisingly high
  • Getting results may take some time

Facing the fact that manual continuous auditing is too expensive and too hard, we started to search for solutions on the market. There are lots of continuous auditing solutions on the global IT market, but all of them, unfortunately, are tailored to the requirements of local regulators in the EU and the US, where continuous audit is required by law and audited processes are predefined.

Where one can find a tool which would be tailored to the individual processes in your company? Develop it by yourself.

Initially the process of continuous auditing was called PUT – process unit test by the name of a tool which we used for continuous auditing. On the basis of this tool we created and implemented business rules for continuous auditing.

PUT is included in the GRC systems concept (Governance, Risk Management and Compliance), where “Governance” is the management of IT, personnel, financial, legal activities in the company; “Risk” is risk management, and “Compliance” – compliance management with standards, best practices, and regulators.

How does it all work?

With the help of continuous audit we cover business processes by automated testing, thus eliminating the routine processes. It is also an ongoing audit and monitoring of the current state.

Example:

The project manager is responsible for time logging by his team members. He should open time tracking system, for example, Atlassian Jira, and check who has not logged time, and if everything is correct. With continuous auditing tools the project manager and the team member receive a message that the time is not logged or it is done incorrectly.

At the moment, the continuous auditing system covers more than 100 processes. It helps to get rid of the routine processes taking too much time of the employees:

  • Time tracking;
  • Filling the fields correctly;
  • Maintain and synchronize MS Project fields

And other processes. Each company has its own unique set of business processes, which may be automated and monitored with continuous auditing system.

Example:

The financial department of X Company sent a request for continuous auditing. According to their business processes by the 11 o’clock in the morning a cell in the Excel file should always be set to 0, and income and expenses should be posted. With the help of continuous auditing tool, the unit test verifies the value of the cell, and the analyst receives a message at 10:50 by email that the cell has not zero value. So there is time to correct the error before the deadline.

How to implement it in other companies?

To implement continuous auditing in the company:

  • Must be analyzed business processes, evaluated those which can be automated
  • Developed automated testing to verify these processes
  • Introduced a system of continuous auditing.

Not all processes can be automated and in some cases a manager has to monitor what should be done manually.

Who will get 100% ROI with continuous auditing?

  • Banks;
  • Insurance companies;
  • IT companies;
  • Recruitment companies / personnel departments;
  • Auditing companies;
  • Businesses working with issue-tracking or time-tracking systems, electronic document management, enterprise social networks;
  • Companies with a large number of business processes, rules, a large volume of documents and number of employees over 50.

Based on our experience, we understand that, taking into account the number of regulated activities, risks, regulatory requirements (especially if the company is international), permanent competition, the use of continuous auditing systems will help to survive under challenging market conditions, as well as to establish a stable development of the company.

Source: Softengi