APPLICATION CONTROL REVIEWS
& DATA ANALYTICS
Service Summary
The application controls review allows the business owners to address the specific risks associated with a particular system or business process. This detailed analysis allows the management to optimize their business processes and improve the systems security in the high risk areas of the business.
Our data analytics services provide a deep down analysis of all the transaction data covering specific risks associated with a business process or an application system. This service line provides our clients with detailed transaction reports for all anomalies that have occurred during the audit period. Often we resort to the use of CAATs in various incident response procedures and computer forensic investigations.
Process Description
Application controls refer to the scope of individual business processes or application systems, including data edits, separation of business functions, balancing of processing totals, transaction logging, and error reporting. The general application controls review consists of:
These controls are used mainly to check the integrity of data entered into a business application.
These controls provide an automated means to ensure processing is complete, accurate, and authorized.
These controls address what is done with the data and should compare output results with the intended result by checking the output against the input.
These controls monitor data being processed and in storage to ensure it remains consistent and correct.
The audit trail enables the identification of transactions and events from their source to their output by reverse tracing.
The deliverable consists of a detailed report on the application capabilities compared to the business process controls allowing the management to recognize the control weaknesses and giving them clear recommendations on how to proceed to have a more efficient and secure processing environment.
In the event that specific risks are discovered we will propose the use of data analytics to analyze all the transaction data and establish weather any internal fraudulent activity has taken place during the time-frame under review. The most well-known data analytics involve the use of Computer Assisted Audit Techniques (CAATs) which are comprised in the following categories: testing data techniques, integrated test, parallel simulation, revising the program logics, programs developed upon request, generalized audit software, utility programs and expert systems.
A Computer Assisted Audit Techniques review stands out through its analytical capabilities which allow:
- assurance of data integrity (through COUNT, TOTAL, VERIFY functions)
- fraud detection using Benford algorithm
- a classification of important information (through Stratify, Age, Classify commands)
- sequential tests (Sequence, Gaps, Duplicates)
- a crossed control of data from different files (Invoices, Purchase Orders, Document Plata)
- selection of samples (Sampling)
CAATs are generally used in forensic investigations and assist the business to identify symptoms early in the lifespan of a fraud. This can be a once off service or can be included in the audit approach if the client has an area of specific risk concern.
The deliverable consists of a detailed report including all transaction groups that fall in the various risk categories predefined for the client's needs. This allows our clients to detect any fraudulent activity and gives them clear evidence and precise transactions on how this has occurred.