I wanted to draw your attention to an article that recently appeared on CFO.com about continuous auditing, mainly because the topic is one which is as misun­der­stood as it is trendy.

Continuous auditing is generally held to be an automated approach. Increas­ingly it is assumed to mean examining all data relevant to the audit being performed, rather than the historical norm of examining supposedly repre­sen­tative samples.

On top of this, the IIA defines it as “any method used to perform audit-related activ­ities on a more continuous or continual basis.”

Rutgers University professor Miklos Vasarhelyi, calls it “an audit that happens immedi­ately after or closely after a particular event.”

The article describes some examples of companies which have attempted to implement continuous auditing. The conclusion one reaches is that no one really audits contin­u­ously, but a few companies have managed to put in place some automatic testing using software like ACL that can reduce the work they have to perform on those trans­ac­tions when they perform their “non-continuous” audits or highlight areas to inves­tigate further.

This, I think, is good enough and valuable in its own right. Letting machines handle the menial tasks and freeing up audit staff to focus on bigger issues is a pattern as old as the indus­trial revolution.