Why you can’t assess auditing software just the same way as accounting software.
As a representative of a popular audit software product, I often get asked by audit practitioners whether I could avail them with a demo copy of the software so that we can ‘play around with it’.
Since financial audit and accounting are related, how different can the respective software be? The self-check procedures accountants use to decide whether an accounting system is working are quite simple and straightforward in their design: You put in a piece of data at one end and check to see if the information that has been crunched through the system and that comes out at the other end meets your expectations. A simple example of such a procedure would be taking a pocket calculator and adding up the column of numbers your assistant gave you to see if it agrees with the total at the bottom of his schedule.
However procedures like these only tell you whether the accounting softwareis able to properly process information that has been fed into it according to the rules that you specify. It’s the sort of procedure where because you know in advance, what the results should be, you can test it quite easily using that input vs. output model.
The real job of an accountant however, is not merely entering a transaction in the records but rather of knowing how to classify transactions. For example, which engineering items are repairs and which ones should be treated as new fixed assets instead? Is the value of the motor car as shown in the accounts still valid or does it need to be marked down – or even up? The accountant is also responsible for summarising the transactions in the way that most suits the people who need the information and presenting it in a way that makes sense. Seen in this light, it is not possible to create “accounting” software as these accounting judgement roles cannot be played by a computer program. What we refer to as accounting software should really be referred to as bookkeeping software.
Auditing, on the other hand, is the checking process. Confirming that data going in at one end of the system comes out the way it should at the other end, is just one audit objective and frankly, it isn’t even the most important one. The most important objectives of audit are to determine whether the financial statements (a) contain all the information they should contain, (b) contain only the information they should contain and (c) are reported in a way that conforms to a pre-agreed standard.
It does involve the arithmetical accuracy checking that most accountants do in the first place. However it also involves checking that the basis of classifying and summarising information was properly done – a test of judgement(because so-called accounting programs will execute incorrect instructionsto summarise or classify information just as faithfully as they will correct ones.)It also involves checking that there is no information missing - another judgement test.It also involves checking that the information is not overstated – also a matter of judgement. That’s not all however. International Standards on Auditing now actually pay attention to the process that was used to evaluate the accountant and it requires certain mandatory steps to be taken and documented, no matter how certain the auditor may be of the correct situation.
This leads to an interesting question then; is it possible to create software that can meet all of these requirements of the audit? Data interrogation and sample selection software could go through the accounting information and try to extract information that makes sense but could it tell if the classification method used by the accountant was wrong? How would it decide if the evidence provided was acceptable? This is a trickier proposition and indeed, nobody has yet been able to design software that actually “audits”, much in the same way that nobody has been able to design software that does “accounting.”
What does this mean for a practitioner thinking about buying audit software? Audit software doesn’t have transactions that you can insert at one end and click to see if they have been properly classified at the other end. Instead it provides what amounts to very a long and sophisticated checklist (or series of checklists) of the all the procedures an auditor needs to carry out to determine the three objectives and comply with the mandatory procedures mentioned above. These are extensive and run, at present to nearly 800 separate mandatory procedures in the International Standards on Auditing. And that’s not counting the steps in the audit programmes in each section of the audit file. There is only one way to tell if this collection of checklistsworks properly; carry out an audit with it and submit the results of the audit to an independent quality reviewer to determine if the work was done properly.
People who aren’t skilled enough to know how to use the checklist will not be able to gauge whether they failed or passed the quality review due to an inadequacy of their checklist or due to their failure to use it properly.
Also, although the ISAs prescribe the approach to the audit to which all auditors should conform and in some instances even stipulate the exact tests to be carried out, they are not precise enough about how to do it. For example, there are more than a dozen ways to develop a sampling frame that produces a truly random sample. Which one is most appropriate? What’s a reasonable maximum or minimum sample size? If your sample contains an error, by how much should you extend your tests if at all? What’s the best way to calculate materiality? How many levels of review should there be in a particular assignment? The ISAs just don’t say.
Audit software helps by providing handy computation tools for sample design and selection and guidance on developing materiality. They even provide specific program steps for various areas of the audit. They also nudge you, (by blocking access to particular file areas and questionnaires), into using the work flow sequence that is most efficient or effective. These features, in the aggregate, comprise the methodology of particular audit software.
Without training by a person with proper experience on the specific methodology of a particular piece of audit software, it could be difficult to understand how all the questionnaires, computing tools and checklists work together to achieve efficient compliance with the ISAs.
For these reasons, taking a demo copy of audit software to try it out is unlikely to be helpful unless you are also willing to undergo not just “demo” training in the methodology but also a “demo” quality review – all lengthy and costly steps.
I would suggest that a more reassuring route would be to work through a presentation with an experienced user and ask to be shown all the features that you consider to be key in your existing methodology to ensure that they are present. Another, perhaps more important source of reassurance would be to look at the number of other practitioners relying on the same software to carry out their work successfully. The more there are, the more likely that it is the right product for you.