Abstract
In the current organizational context, in which there is a fierce competitiveness and a constant need for more timely, relevant and reliable information to support the decision making and achieve the strategic and operational objectives, Continuous Assurance has assumed an important role as a management goal and in ensuring improved effectiveness of organizations. This works provides the concept of Continuous Assurance, its objectives and components, and a model which allows both to evaluate information systems with Continuous Assurance services and to help design the requirements of new ones. Finally, some implementations are also presented providing a comprehensive understanding the state-of-the-art and the benefits of Continuous Assurance.
TopBackground
Continuous Assurance is defined as the application of emerging information and communication technologies to the standard techniques of auditing, both mandatory periodic auditing and internal auditing. In that view, Continuous Assurance is a new step in the evolution of transactional auditing from manual techniques to automated methods. The term “continuous” does not mean real time, but to be effective considering, respecting and being consistent with the pulse and rhythm of each organizational transaction and process (Vasarhelyi et al., 2010).
Furthermore, Continuous Assurance emerges as a set of services which aims to restore the credibility of auditing, simultaneously allowing organizations to meet the requirements of regulations. Hence, it can diagnose the company's viability and allegations of fraud and illegal acts, assessing the economy, efficiency and effectiveness of organizations (Murcia, Souza & Borba, 2008; Vasarhelyi et al., 2010).
In 2006, a survey (PricewaterhouseCoopers, 2006) concluded that Continuous Assurance triggered corporate sensitivity to its adoption because in 2005 only 35% had a continuous auditing or monitoring processes in place or were planning to develop one, and this value increased to 50% in 2006. It is interesting to observe that 56% of respondents said their continuous auditing processes include both manual and automated elements, 41% indicated their processes are entirely manual, and 3% reported having fully automated processes.
Another study by Institute of Internal Auditors and ACL (2006) also showed similar results: 36% of surveyed organizations confirmed they implemented a Continuous Assurance approach in all their business processes or simply in some selected areas, and 39% intended to implement in the near future. However, it also states that regardless of the reasons that organizations may have had to neglect the continuing auditing in the past, the recent regulations, the stimulus for real-time monitoring and reporting of financial information and the ability to automate the traditional audit methods have strongly encouraged its adoption.
Key Terms in this Chapter
Continuous Monitoring: Process responsible for the management of internal control mechanisms in order to ensure their effectiveness, allowing to obtain timely information about transactions.
Continuous Assurance: Set of services which, making use of technology, uses the information immediately and produces audit results simultaneously or within a short period of time after the occurrence of relevant events.