Page 483 - ITGC_Audit Guides
P. 483
GTAG — Implementing Continuous Auditing
categorization or misleading comments entered by an Following are examples of continuous auditing techniques
employee could go undetected. The effectiveness of the that were used to identify control deficiencies, anomalies,
rules-based system was dependent upon: and red flags indicating potential fraud and abuse. Although
not quantified here, internal auditors reportedly reduced
• The accuracy and honesty of the employee entering the hours previously needed to acquire data, perform data
the expense item. analysis, and vet and review results, compared to previous
• The willingness and ability of managers to accurately electronic expense system audits.
review and approve or deny the expense timely.
Questionable Spending Metrics
Faced with these challenges, the internal auditors tried Identification of all questionable spending summarized by
to find the best way to test the validity of expense merchant code, employee, and establishment.
transactions.
Questionable Spending at Restricted Establishments
The Continuous Auditing Solution Identification of all expense activity for restricted
In summary, internal auditors determined: establishments billed back as an employee expense.
Restricted establishments were identified by indicators
1. Credit card transaction detail was available from the card such as legal supplier names, address match, sites with a
issuer, and comparing the electronic expense system data mix of expensed and personal activity, split high dollar
with the card issuer’s data could provide a better picture transactions, and restricted keywords (e.g., kids, hospital,
of the validity of the expenses. nightclub, gentleman, casino, premium, and upgrade).
2. Once the card issuer report data was matched with Incorrect Categorization Summary
the electronic expense system data by employee Identification of all non-meal expenses (e.g., clothing
number, charge date, and charge amount, the expense expense) incorrectly categorized as a meal or entertainment.
categorization and comments could be compared to the
transaction merchant code and transaction description.
For example, a transaction with a merchant code for a
shoe store, but categorized in the expense record as a
meal, could be identified.
3. The card issuer provided “questionable reports” that
could be customized to target specific merchant classes
and run on a monthly or quarterly schedule.
Questionable Spend Frequency Questionable Spend Total Charge
by Merchant Code by Merchant Code
6,000
500,000.00
5,000 450,000.00
400,000.00
4,000 350,000.00
300,000.00
3,000
250,000.00
200,000.00
2,000
150,000.00
1,000 100,000.00
50,000.00
0 0.00
Alcohol/Tobacco/Duty Free Department Stores Jewelry/Bags and Leather Goods Personal Services Alcohol/Tobacco/Duty Free Department Stores Jewelry/Bags and Leather Goods Personal Services
Furniture/Electronics/Appliances
Drugs/Medical Services
Clothing/Shoe Stores
Entertainment
Cosmetics/Beauty and Barber Services
Non-standard Transportation
Furniture/Electronics/Appliances
Entertainment
Non-standard Transportation
Drugs/Medical Services
Cosmetics/Beauty and Barber Services
Clothing/Shoe Stores
18
