MindBridge named in the 2024 Technology Fast 50™ awards program
Read more
Logo of MindBridge
Sign in
Book a demo

Month: January 2021

ISA 315 revised: What it means for risk assessment procedures, and data analytics

by
Two characters discuss the benefits of data analytics in light of ISA 315 revisions.

ISA 315 (revised) and Data Analytics: Risk assessment procedures reimagined

The revised standard has been published as of December 2020, and you might be wondering what impact it has on your firm’s risk assessment procedures and how you can address the requirements. There are many useful sources of information on the changes, notably the IAASB’s Introduction to ISA 315. IFAC also published a helpful flowchart for ISA 315 during the work programme, which walks through the various steps required to assess risk of material misstatement.

There are a number of improvements to the standard, including an enhanced focus on controls (particularly IT controls), stronger requirements on exercising professional scepticism and documentation, and considerations around the use of data analytics for risk assessment. The new standard comes into effect from 15th December 2021, so now is the time to start planning how you will address the changes in your audit. Below we discuss some key considerations on how analytics can support a strong risk assessment.

A chart explaining risk assessment and data analytics as part of the ISA 315 revision by IFAC.

Credit: https://www.ifac.org/system/files/publications/files/IAASB-Introduction-to-ISA-315.pdf

So how can data analytics support your risk assessment according to ISA 315? The areas identified above in red show the different procedures that can be supported by the use of these techniques. A key element of the revised standard is that this should be an iterative process conducted throughout the audit. This means using data analytics tools that can be easily refreshed with the latest information will better support this requirement than more traditional approaches.

Identifying risks of material misstatement at the financial statement level

Data analytics can support the risk assessment procedures laid out in ISA 315 by analysing previous and current accounting data to the financial statement level. This allows the auditor to see the material balances in the accounts, and if machine learning is applied, where the concentration of risky transactions lies. This is where the knowledge gained in the blue boxes above can be brought to bear. Comparing understanding gained through observation to the data is a powerful way to sense check and identify areas for further investigation.

Identifying risks of material misstatement at the assertion level

Specific analyses can target assertion risks and show where there are particular problems with an assertion. To do so effectively, several different analytics tests can be applied and combined to develop a good indicator of an assertion risk, for example accuracy. These can then be applied in an automatic way to give the auditor the information needed for their risk assessment.

Determine significant classes of transactions, account balances or disclosures (COTABD)

Combining assertion analytics with the ability to profile similar transactions can help auditors identify significant classes of transactions or balances. Analytics can help to produce similarity scores, but also to identify sets of transactions that are unusual. This can indicate previously unknown business processes that may require a separate assessment of their control environment.

Assess inherent risk by assessing likelihood and magnitude

Following identification of risk, the audit can guide their assessment by understanding the level of unusualness. Data analytics can provide finer grain evaluations of risk rather than simply risky or not. This can help support assessments aligned with the spectrum of inherent risk as defined in the standard.

Assess control risk

Data analytics such as process mining or automated testing of segregation of duties can help to inform or test control risk. These analytics can provide more comfort around the controls risk assessment and help to identify deviations in the control environment that require further examination.

Material but not significant COTABD

Where COTABD has been determined as material but not significant, recurring analytics can ensure that this assessment remains valid. Anomaly detection methods can be particularly helpful here, allowing the auditor to regularly check that nothing unusual has occurred since the initial assessment was undertaken.

Next Steps: ISA 315 and Data Analytics

Audit methodologies will need to reflect the revised workflow, with particular emphasis on the iterative nature of the risk assessment and ensuring that auditors are prompted to exercise professional scepticism and document it at every stage. Data analytics can help to ensure that the information used to continuously conduct risk assessment is timely, appropriate and relevant.

These improvements to the standard will result in a stronger audit approach and an advancement towards industry adaption data and analytics technologies. With AI audit software, accountants and auditors can gain deeper insights into their client’s financial data, in less time. Overall, the audit software can increase the efficiency of their processes, so they can focus on delivering better results, in time for the ISA 315 (revised) December 15th, 2021 deadline. 

Want to learn more about the benefits of AI auditing software? Read our article on “Assessing audit risk during engagements” to learn more. 

Want to learn more about how auditors are using AI?

Watch the on-demand webinar now

Digital auditing tools and AI in auditing practice: A conversation

by
Illustrations of digital auditing tools
Picture of INTERVIEW WITH

INTERVIEW WITH

Stephen McIntosh
Tax consultant, auditor, INTARIA AG

In July of 2020, MindBridge took another step in the journey to global expansion. Partnering with Regensburg-based startup, 5FSoftware, MindBridge’s software solution is now being distributed to firms in the German and Austrian markets. 

This is a major development that will allow more firms to expose anomalies, intentional or not, during their annual financial statement audits as efficiently as possible.

We sat down with Stephen McIntosh, an auditor and tax consultant for Intaria AG in Munich. Intaria is the first firm in Germany to use MindBridge, and we wanted his perspective on the importance of AI for audits, and what the future of the industry holds.

Stephen sat down with Marco Bogendörfer, co-founder of 5FSoftware.

For more information on MindBridge’s partnership with 5FSoftware, check out our release here, or check out the full interview from 5FSoftware here

Without further ado, enjoy this excerpt.

This interview has been translated into English from German.

Marco Bogendörfer: Let’s start with a look at the audit profession in general: How far have we come in the digital transformation of the auditing practice in Germany and Austria – and what impact does it currently have on existing processes in an annual audit? 

Stephen McIntosh: That’s not easy to answer and depends crucially on which audit firm you look at. The Big Four have invested several billion euros in digital technologies for years now to create their own solutions. Of course, small and medium-sized audit firms do not have this financial strength. 

Data such as requirement notification, order, receipt of goods or payment are still too often left unused during the annual audit.

But beyond that, in my opinion, it is a matter of fundamental affinity for digital solutions and a willingness to invest in the auditing practice or its management. If it is the case that firms possess this willingness, the digital transformation can and will continue to advance in medium-sized and smaller auditing firms as well. 

Marco Bogendörfer: How can digital tools make audits more efficient and higher quality?

Stephen McIntosh: An increase in efficiency is usually achieved when digital audit tools can take over recurring tasks. When employees no longer have to manually print, envelope, send and evaluate balance confirmations, they can focus more on important issues. 

With digital audit tools – the International Standards on Auditing (ISA) refer to them as Automated Tools and Techniques (ATT) – I can seamlessly analyze 100 percent of the business transactions of a fiscal year for specific anomalies. A human being would take far too long to do this. Increasing audit quality by using digital tools such as these is our top priority. We can review certain areas without any gaps, while in other areas digital audit tools enable us to take samples of even better quality, as we can consciously select items with a greater risk of error.

Marco Bogendörfer: Currently, what are the biggest obstacles or challenges for the widespread use of data analytics tools?

Stephen McIntosh: From a technical point of view, the biggest challenge is to get the data first and then to import it quickly and completely into the respective data analysis tool. There are simply so many different ERP or accounting systems that the process of exporting data is never the same and the information contained in each is very different.

Within the auditing practice, the auditing process must be adapted. The analyses must be used from the beginning of the audit planning and then until the end of the audit. Only then can the integration of the software lead to increased efficiency. However, this also requires that the audit teams have IT competence in addition to accounting and auditing knowledge. This in turn means that training is required for the employees concerned. 

Marco Bogendörfer: How does MindBridge add value during a final audit? 

Stephen McIntosh: In many ways. The first, very significant improvement compared to our previous tool is that MindBridge generates the balance sheet and profit and loss statement from the imported data. We can therefore immediately check the data received from the client for completeness and accuracy. 

MindBridge carries out a risk assessment of all transactions in a fiscal year. For each individual transaction, the system is transparent in showing how it arrived at the risk assessment. In particular, the AI-based machine learning algorithms can identify those transactions that are unusual or conspicuous compared to all others.

We can immediately check the data received from the client for completeness and correctness with MindBridge.

But beyond that, in my opinion, it is a matter of fundamental affinity for digital solutions and a willingness to invest in the auditing practice or its management. If it is the case that firms possess this willingness, the digital transformation can and will continue to advance in medium-sized and smaller auditing firms as well. 

Marco Bogendörfer: How can digital tools make audits more efficient and higher quality?

Stephen McIntosh: An increase in efficiency is usually achieved when digital audit tools can take over recurring tasks. When employees no longer have to manually print, envelope, send and evaluate balance confirmations, they can focus more on important issues. 

With digital audit tools – the International Standards on Auditing (ISA) refer to them as Automated Tools and Techniques (ATT) – I can seamlessly analyze 100 percent of the business transactions of a fiscal year for specific anomalies. A human being would take far too long to do this. Increasing audit quality by using digital tools such as these is our top priority. We can review certain areas without any gaps, while in other areas digital audit tools enable us to take samples of even better quality, as we can consciously select items with a greater risk of error.

Marco Bogendörfer: Currently, what are the biggest obstacles or challenges for the widespread use of data analytics tools?

Stephen McIntosh: From a technical point of view, the biggest challenge is to get the data first and then to import it quickly and completely into the respective data analysis tool. There are simply so many different ERP or accounting systems that the process of exporting data is never the same and the information contained in each is very different.

Within the auditing practice, the auditing process must be adapted. The analyses must be used from the beginning of the audit planning and then until the end of the audit. Only then can the integration of the software lead to increased efficiency. However, this also requires that the audit teams have IT competence in addition to accounting and auditing knowledge. This in turn means that training is required for the employees concerned. 

Marco Bogendörfer: How does MindBridge add value during a final audit? 

Stephen McIntosh: In many ways. The first, very significant improvement compared to our previous tool is that MindBridge generates the balance sheet and profit and loss statement from the imported data. We can therefore immediately check the data received from the client for completeness and accuracy. 

MindBridge carries out a risk assessment of all transactions in a fiscal year. For each individual transaction, the system is transparent in showing how it arrived at the risk assessment. In particular, the AI-based machine learning algorithms can identify those transactions that are unusual or conspicuous compared to all others.

We can immediately check the data received from the client for completeness and correctness with MindBridge.

Additional added value is provided by the visualization of financial results and the many possibilities to dive directly into the trends and ratios for further evaluation. These are very helpful for understanding account performance during the course of the year, and for discussing the causes of these developments with clients.

Marco Bogendörfer: How does MindBridge actually work for auditing practice and what kind of data sets can be analyzed with the help of MindBridge? 

Stephen McIntosh: MindBridge analyzes all postings of a fiscal year at the general ledger level. For this purpose, we usually have our clients provide us with the “export tax audit”, formerly also called GdPdU data. MindBridge also offers the possibility of carrying out analyses for the subsidiary ledgers of debtors and creditors. We do not currently use these yet, as we are focusing on the introduction and use of the analyses at the general ledger level.

Marco Bogendörfer: How was the use of MindBridge in your office received by employees? Clients?

Stephen McIntosh: All employees who have seen MindBridge or its analyses were impressed by the visual presentations and the possibilities of evaluating and analyzing the existing data in greater depth. There is also great interest in seeing and questioning the risk assessment.

During an audit, I showed my client MindBridge and we looked at the higher risk transactions together. We also questioned why the AI-based algorithms classified these transactions as “high risk”. For all transactions, we were able to understand the “assessment” of the algorithms, even if in the end there was no booking error or even a fraud issue behind it. But first and foremost, it was all about identifying anomalies, so-called outliers, and that worked. My client took a very positive view of the software and also the use of the software during our audit. 

Marco Bogendörfer: How can the audit evidence obtained through new technologies be documented appropriately? 

Stephen McIntosh: Basically, there are no concrete regulations on how the use of the technologies, and the results and audit evidence obtained must be documented. As a result, it must be possible for a knowledgeable outside third party to understand what was done with which results and on what basis and what conclusions were drawn from them. 

MindBridge, for example, provides a standard report that explains the analyses carried out by way of example, as well as graphically depicting the risk classification of all transactions and the risks per balance sheet and P&L item with the respective employees making book entries – and summarizing the quantitative analysis results per analysis (control point). This report can be supplemented with comments via editable text fields, so that the conclusions drawn in each case and/or the further audit procedures can be documented centrally in this report. In my opinion, this report is a good basis for documentation.

Marco Bogendörfer: What skills and mindset should auditors bring to the successful digitization of an annual audit? 

Stephen McIntosh: They should be open to current digital developments, recognize the relevance of digital transformation in their own auditing practice and be willing to invest. It is also very helpful if auditors have a certain amount of knowledge about the basic nature and structure of the financial data to be analyzed.

They should be open to current digital developments, recognize the relevance of digital transformation in their own practice and be willing to invest.

We are in the middle of the nationwide implementation of MindBridge and the investments have been kept within reasonable limits. The intensive work on digitization regularly leads to further exciting topics and questions, so there are already other topics that I would like to tackle next.

Want to learn about how to drive efficiency with data-driven audit planning?

Watch the on-demand webinar now
footer-logo

80 Aberdeen Street Suite 400      Ottawa ON K1S 5R5 Canada

+1 (613) 667-1236

Linkedin X-twitter Facebook Instagram Youtube
Sign in
Platform​
Solutions
Resources
Support
Company
Copyright © 2024 MindBridge. All rights reserved.