Note on ‘Mapping’ CAAT Audit technique with 3 practical examples

1. 1
2021
Topic- Note on ‘Mapping’
CAAT Audit technique with
3 practical examples
NAME : RUTVI SHAH
REGISTRATION NO. : WRO0682196
CENTER NAME : VASAI BRANCH
BATCH NO. : ITT BATCH NO. 7
BATCH TIMIMG : 8AM TO 2PM
BATCH COMMENCEMENT 28/01/21 TO
DATE AND END DATE : 13/02/21

2. CAAT
From RUTVI SHAH 1
REASONS FOR SELECTING THE TOPIC 2
INTRODUCTION 3
THE ALL-ENCOMPASSING ELECTRONIC DATA 5
WHY USE CAATS? 6
AUDITORS AND CAATs 9
NEED FOR CAATs 11
KEY CAPABILITIES OF CAATs 12
PRECAUTIONS IN USING CAATs: 13
CATEGORIES OF CAAT 14
ADVANTAGES OF CAATs 16
DISADVANTAGES OF CAATs 18
STEP BY STEP METHODOLOGY FOR USING CAATs 21
EXAMPLES OF TESTS PERFORMED USING CAATs 22
PRACTIAL CASES OF AUDIT WHERE CAAT IS USED 24
CASE STUDY 1: 24
CASE STUDY 2 27
CASE STUDY 4 45
SUMMARY 48
BIBLIOGRAPHY 49

3. CAAT
From RUTVI SHAH 2
REASONS FOR SELECTING THE TOPIC
My unmistakable fascination for the field of Audit caused me to pick the above
theme. CAAT was another audit technique for me which expanded my interest to
learn and comprehend about it and how could this be valuable for my profession. The
above task will assist me with learning one of new review strategies that is utilized by
many Chartered Accountants.
The above point is very much related with auditors which expanded my insight
about the audit techniques utilized in different enterprises. The expanding utilization
of innovation and Digitalization makes me mindful of the way that IT industry is the
developing area and the Audit of the IT sector is expanding in coming years and how
it tends to be advantageous to direct the Audit of IT organizations effectively utilizing
CAAT.
This assisted me with seeing more about what is CAAT, in which explicit
industry it is utilized, how it is utilized by auditors and what are the focal points and
inconveniences of the review method. It additionally assisted me with understanding
why the auditors picked CAAT techniques specifically. The functional models made
me clearer about the usage of the above procedure and how it tends to be altered by
requirements of the audit. I likewise needed to find out about the given point so I can
execute in my field and what are the things that ought to be remembered while
leading the review utilizing that technique and how I can help my associates with
respect to the above topic.

4. CAAT
From RUTVI SHAH 3
INTRODUCTION
(ICAI, 2021)
uditors deal with information in myriad ways encompassing the
reas of accounting, assurance, consulting and compliance and most
of this information is now available in electronic form. This is true not only in
case of large and medium enterprises but even in small enterprises. In case
there are enterprises who have still not adapted the digital way, then it is an
opportunity for auditors to help such enterprises to ride the digital wave.
Hence, it has become critical for Auditors to understand and use information
technology as relevant for the services we provide. It is rightly said: “One cannot
audit data which is flying in bits and bytes by using the ancient method of riding
on a horse back”. We are living in a knowledge era where the skill sets are keys
to harnessing the power of technology to be effective as knowledge workers.
Computer Assisted Audit Techniques (CAATs) refers to using technology for
increasing the effectiveness and efficiency of auditing. This above project
provides an overview of the process, approach and techniques which could be
used across various technology platforms and in diverse enterprises.
Computer-assisted audit tool (CAATs) or computer-assisted audit tools
and techniques (CAATs) is a growing field within the IT audit profession. CAATs
is the practice of using computers to automate the IT audit processes. CAATs
normally includes using basic office productivity software such
A

5. CAAT
From RUTVI SHAH 4
as spreadsheet, word processors and text editing programs and more advanced
software packages involving use statistical analysis and business intelligence tools.
CAATTs and CAATs are used interchangeably. While CAATs has emerged as the
more common spelling, CAATTs is the more precise acronym. The acronym CAATTs
solves one of the two problems with defining the acronym. CAATs means:
Computer Aided (or Assisted) Audit Techniques (or Tools and Techniques)
The first "A" and the "T" can have two different meanings depending on who
uses the term. By using the term CAATTs, one is clearly incorporating both "Tools"
AND "Techniques."

6. CAAT
From RUTVI SHAH 5
THE ALL-ENCOMPASSING ELECTRONIC DATA
A great blessing in ancient times was: “May you live in exciting times”. Indeed,
we are living in exciting times without even being aware of it. We are experiencing
how technology innovations are making our life and living simpler by bridging global
boundaries and bringing global information on our finger tips. For enterprises as well
as professionals, the question is no longer what technology can do for us but what
we can do with technology. The question “do I need to use technology” is no longer
relevant instead the relevant decision is about “how do I use technology to remain
relevant”.
Information technology is all pervasive and more so as the government and
regulatory agencies also are using technology platform to provide services to citizens
and compelling information to be filed in electronic form. The government at all levels
has drawn up ambitious plans to implement e-Governance initiatives to improve
speed, access and transparency of services. The Information Technology (IT) Act 2000
with IT Amendment Act 2008 and IT rules 2011 provide the regulatory framework and
mechanism for recognizing electronic records and electronic transactions thereby
facilitating ecommerce and also identifying cybercrimes and providing penalties and
compensation for them. Hence, we can expect IT usage to only keep growing in the
near future impacting all areas of life more so in our work as professionals. we use
computers and communication technology for providing services to our clients.

7. CAAT
From RUTVI SHAH 6
WHY USE CAATS?
Although CAATs have been around for
years, accountants are finding it easier to
use these techniques now to analyse large
volumes of data for anomalies. And with
advances in technology, it is simpler to
obtain data files and have access to many of the improved tools on the market.
The average accountant no longer needs to know how to do computer
programming to be able to identify, request and import the data for analysis. The
accountant simply needs to be in a position to select the appropriate data files and
then rely upon core skills to perform specific tests on that data. Selecting the
appropriate data file may sometimes be a little tricky. Generally, a meeting with the
client, the client’s internal or external technology personnel and the addition of a
Certified Information Technology Professional (CITP) credential holder to your audit
team can definitely help with the appropriate data file identification process.
Once you obtain the appropriate data files and import them into your CAATS
tool, it is time for the analytics. Many of the tools on the market today include
automated routines that perform common queries. In addition to the “included”
routines, CAATS user groups are pretty common and can be found all over the
Internet. Data file structures and audit procedures generally tend not vary much from
year to year.

8. CAAT
From RUTVI SHAH 7
OTHER USES OF CAATS
In addition to using data analysis software, the auditor uses CAATs throughout the
audit for the following activities while performing data analysis:
1. Creation of electronic work papers
Keeping electronic work papers on a centralized audit file or database will allow the
auditor to navigate through current and archived working papers with ease. The
database will make it easier for auditors to coordinate current audits and ensure they
consider findings from prior or related projects. Additionally, the auditor will be able
to electronically standardize audit forms and formats, which can improve both the
quality and consistency of the audit working papers.
2. Fraud detection
CAATs provides auditors with tools that can identify unexpected or unexplained
patterns in data that may indicate fraud. Whether the CAATs is simple or complex,
data analysis provides many benefits in the prevention and detection of fraud.
CAATs can assist the auditor in detecting fraud by performing and creating the
following,
3. Analytical tests
Evaluations of financial information by studying plausible relationships among both
financial and non-financial data to assess whether account balances appear
reasonable (AU 329). Examples include ratio, trend, and Benford's Law tests.

9. CAAT
From RUTVI SHAH 8
4. Data analysis reports
Reports produced using specific audit commands such as filtering records and joining
data files.
5. Continuous monitoring
Continuous monitoring is an ongoing process for acquiring, analysing, and reporting
on business data to identify and respond to operational business risks. For auditors
to ensure a comprehensive approach to acquire, analyse, and report on business
data, they must make certain the organization continuously monitors user activity on
all computer systems, business transactions and processes, and application controls.
6. Curb stoning in surveys
Curb stoning is the term for instances where a surveyor completes a survey form by
making up data. Because some of the data should conform with Benford's law, this
practice can be detected using CAATTs which provide the capability of performing
such tests.

10. CAAT
From RUTVI SHAH 9
AUDITORS AND CAATs
As auditors, we come across computers and communication technology as the
most common denominator among our clients, both large and small. In today’s
complex and rapidly changing technology environment, it is important to master the
right techniques which could be used across enterprises and across various
technology platforms. Typical of an IT environment are the speed of processing, large
capacity of storage, lack of the paper-based trails, the radically different way of
information processing, the ease of information access, internal controls being
imbedded and the ever-present risk of failure of IT and loss of data. All these factors
make it imperative for auditors to harness power of technology to audit technology
environment by taking into consideration the risks, benefits and advantages. CAATs
enable auditors to do more with less and add value through the assurance process
which is more robust and comprehensive. CAATs empower auditors with the key
survival techniques which effectively used in any IT environment. CAATs are not
specialist tools designed for use by specialist IT auditors but these are common
techniques which can be easily mastered to audit in a computerized environment for
tax audit and statutory and internal audit, as also for providing consulting services.
CAATs are tools for drawing inferences and gathering relevant and reliable
evidence as per requirements of the assignment. CAATs provide direct access to
electronic information and empower auditors not only to perform their existing
audits more efficiently and effectively but also facilitate them in knowing how to
create and execute new type of IT related audit assignments. CAATs provide a
mechanism to gain access and to analyse data as per audit objective and report the

11. CAAT
From RUTVI SHAH 10
audit findings with greater emphasis on the reliability of electronic information
maintained in the computer system. There is higher reliability on the audit process as
the source of the information used provides a greater assurance on audit findings and
opinion. CAATs are available in specific general audit software designed for this
purpose but the techniques of CAATs can be applied even by using commonly used
software such as MS Excel and by using query/reporting features of commonly used
application software. CAATs can be used to perform routine activities which can be
done using computers, allowing the auditors to spend more time on analysis and
reporting.
Now more than ever before, these tools are being used throughout the
industry to assist internal auditors in their search for irregularities in data files, to help
internal accounting departments with more detailed analysis and to support the
forensic accountant with extrapolating large amounts of data for further analysis and
fraud detection.
Simply put, CAATS are used to simplify or automate the data analysis process.
There is not a CPA firm today that does not use some form of CAATS on the traditional
accounting and auditing. Firms that have taken the use of CAAT’s, have realized the
many benefits of using these tools.

12. CAAT
From RUTVI SHAH 11
NEED FOR CAATs
In a diverse digital world of clients’ enterprises, the greatest challenges for an
Auditor are to use technology to access, analyse and audit this maze of electronic
data. CAATs enable auditors to move from the era of ticks of using pencil or pen to
the era of clicks by using a mouse. CAATs will help auditors to change focus from
time-consuming manual audit procedures to intelligent analysis of data so as to
provide better assurance to clients and also mange audit risks. Some of the key
reasons for using CAATs are:
1. Absence of input documents or lack of a visible paper trail may require the use
of CAATs in the application of compliance and substantive procedures.
2. Need for obtaining sufficient, relevant and useful evidence from the IT
applications or database as per audit objectives.
3. Ensuring audit findings and conclusions are supported by appropriate analysis
and interpretation of the evidence
4. Need to access information from systems having different hardware and
software environments, different data structure, record formats, processing
functions in a commonly usable format.
5. Need to increased audit quality and comply with auditing standards.
6. Need to identify materiality, risk and significance in an IT environment.
7. Improving the efficiency and effectiveness of the audit process.
8. Ensuring better audit planning and management of audit resources.

13. CAAT
From RUTVI SHAH 12
KEY CAPABILITIES OF CAATs
CAATs refer to using computer for auditing data as per audit objectives. This
requires understanding of the IT environment and most critically the core applications
and the relevant database and database structure. CAATs could be used by using the
relevant functionalities available in general audit software, spreadsheet software or
the business application software. However, broadly the key capabilities of CAATs
could be categorized as follows:
1. File access: This refers to the capability of reading of different record formats
and fi le structures. These include common formats of data such as database,
text formats, excel fi les. This is generally done using the import/ODBC function.
2. File reorganization: This refers to the features of indexing, sorting, merging,
linking with other identified files. These functions provide auditor with an
instant view of the data from different perspectives.
3. Data selection: This involves using of global filter conditions to select required
data based on specified criteria.
4. Statistical functions: This refers to the features of sampling, stratification and
frequency analysis. These functions enable intelligent analysis of data.
5. Arithmetical functions: This refers to the functions involving use of arithmetic
operators. These functions enable performing re-computations and re-
performance of results.

14. CAAT
From RUTVI SHAH 13
PRECAUTIONS IN USING CAATs:
CAATs have distinct advantages for Auditors and enable them to perform
various types of tests. However, it is important to ensure that adequate precautions
are in taken in using them. Some of the important precautions to be taken by
Auditors are:
● Identify correctly data to be audited
● Collect the relevant and correct data files
● Identify all the important fields that need to be accessed from the system
● State in advance the format the data can be downloaded and define the
fields correctly.
● Ensure the data represent the audit universe correctly and completely.
● Ensure the data analysis is relevant and complete.
● Perform substantive testing as required.
● Information provided by CAATs could be only indicators of problems as
relevant and perform detailed testing as required.

15. CAAT
From RUTVI SHAH 14
CATEGORIES OF CAAT
(Kalpan Financial Knowledge Bank, 2021)
There are two broad categories of CAAT:
1. Audit software; and
2. Test data.
Audit software
Audit software is used to interrogate a client's system. It can be either packaged, off-
the-shelf software or it can be purpose written to work on a client's system. The main
advantage of these programs is that they can be used to scrutinise large volumes of
data, which it would be inefficient to do manually. The programs can then present
the results so that they can be investigated further.
Specific procedures they can perform include:
● Extracting samples according to specified criteria, such as:
o Random;
o Over/Below a certain amount;
o At certain dates.
● Calculating ratios and select indicators that fail to meet certain pre-defined
criteria (i.e., benchmarking);
● Check arithmetical accuracy (for example additions);
● Preparing reports (budget vs actual);
● Stratification of data (such as invoices by customer or age);
● Produce letters to send out to customers and suppliers; and
● Tracing transactions through the computerised system.

16. CAAT
From RUTVI SHAH 15
Test data
Test data involves the auditor submitting 'dummy' data into the client's system
to ensure that the system correctly processes it and that it prevents or detects
and corrects misstatements. The objective of this is to test the operation of
application controls within the system.
To be successful test data should include both data with errors built into it and
data without errors. Examples of errors include:
● codes that do not exist, e.g., customer, supplier and employee;
● transactions above pre-determined limits, e.g., salaries above
contracted amounts, credit above limits agreed with customer;
● invoices with arithmetical errors; and
● submitting data with incorrect batch control totals.
Data maybe processed during a normal operational cycle ('live' test data) or
during a special run at a point in time outside the normal operational cycle
('dead' test data). Both has their advantages and disadvantages:
● Live tests could interfere with the operation of the system or corrupt
master files/standing data;
● Dead testing avoids this scenario but only gives assurance that the
system works when not operating live. This may not be reflective of
the strains the system is put under in normal conditions.

17. CAAT
From RUTVI SHAH 16
ADVANTAGES OF CAATs
CAATs allow the auditor to:
✓ Independently access the data stored on a computer system without
dependence on the client;
✓ Test the reliability of client software, i.e., the IT application controls
(the results of which can then be used to assess control risk and design
further audit procedures);
✓ Increase the accuracy of audit tests; and are cost- effective.
✓ CAATs facilitate the auditors to test a huge volume of data, or the
operation of the controls in a system, precisely and rapidly.
✓ CAATs lessen the level of human error in testing and facilitate a very
high level of audit evidence to be derived.
✓ The application of CAATs frees up expensive human capital that would
otherwise be engaged in key areas to concentrate on judgmental
areas.
✓ Computer Assisted Sampling permits the use of random statistical
sampling, which tends to be more accurate and saves time in those
instances in which it is appropriate.
✓ Once data integrity is verified, the auditor can produce various reliable
reports from the overall data population.

18. CAAT
From RUTVI SHAH 17
✓ Other advantages-
CAATs offer the following other advantages:
o Reduced level of audit risk.
o Greater independence from the auditee.
o Broader and more consistent audit coverage.
o Faster availability of information.
o Improved exception identification.
o Greater flexibility of run-times.
o Greater opportunity to quantify internal control
weaknesses.
o Enhanced sampling.

19. CAAT
From RUTVI SHAH 18
DISADVANTAGES OF CAATs
✓ CAATs can be expensive and time consuming to set up, the software must
either be purchased or designed (in which case specialist IT staff will be
needed);
✓ Client permission and cooperation may be difficult to obtain;
✓ Potential incompatibility with the client's computer system;
✓ The audit team may not have sufficient IT skills and knowledge to create the
complex data extracts and programming required;
✓ The audit team may not have the knowledge or training needed to
understand the results of the CAATs; and
✓ Data may be corrupted or lost during the application of CAATs.
✓ CAATs are too costly to setup and necessitate the support of the client. It is
usually necessary for a continuing audit relationship to be present before it
is worth committing the audit resources.
✓ Major changes in client systems often necessitate major changes in CAATs,
which is costly. If the audit fee is based on the assumption that the prior
year’s CAATs can be used, and a change is made without warning, the client
may have unlikely expectations about the level of service that can be
provided for the fee.

20. CAAT
From RUTVI SHAH 19
TRADITIONAL AUDIT VS CAATTs ON SPECIFIC RISKS
(Wikipedia, 2021)
CAATTs allows auditors to test for specific risks. For example, an insurance
company may want to ensure that it doesn't pay any claims after a policy is
terminated. Using traditional audit techniques this risk would be very difficult to test.
The auditor would "randomly select" a "statistically valid" sample of claims (usually e
if any of those claims were processed after a policy was terminated. Since the
insurance company might process millions of claims the odds that any of those 30–
50 "randomly selected" claims occurred after the policy was terminated is extremely
unlikely.
Using CAATTs the auditor can select every claim that had a date of service after
the policy termination date. The auditor then can determine if any claims were
inappropriately paid. If they were, the auditor can then figure out why the controls
to prevent this failed. In a real-life audit, the CAATTs auditor noted that a number of
claims had been paid after policies were terminated. Using CAATTs the auditor was
able to identify every claim that was paid and the exact dollar amount incorrectly paid
by the insurance company. Furthermore, the auditor was able to identify the reason
why these claims were paid. The reason why they were paid was because the
participant paid their premium. The insurance company, having received a payment,
paid the claims. Then after paying the claim the participant's check bounced. When
the check bounced, the participant's policy was retrospectively terminated, but the
claim was still paid costing the company hundreds of thousands of dollars per year.

21. CAAT
From RUTVI SHAH 20
Which looks better in an audit report:
"Audit reviewed 50 transactions and noted one transaction that was processed
incorrectly"
OR
"Audit used CAATTs and tested every transaction over the past year. We noted XXX
exceptions wherein the company paid YYY dollars on terminated policies."
However, the CAATTs driven review is limited only to the data saved on files in
accordance with a systematic pattern. Much data is never documented this way. In
addition, saved data often contains deficiencies, is poorly classified, is not easy to get,
and it might be hard to become convinced about its integrity. So, for the present
CAATTs is complement to an auditor's tools and techniques. In certain audits CAATTs
can't be used at all. But there are also audits which simply can't be made with due
care and efficiently without CAATTs.

22. CAAT
From RUTVI SHAH 21
STEP BY STEP METHODOLOGY FOR USING CAATs
CAATs are very critical tools for Auditors. Hence, it is important to formulate
appropriate strategies to ensure their effective use. Some of the key strategies for
using CAATs are:
Identify the scope and
objectives of the audit.
Based on this, auditor can
decide about the need and
the extent to which CAAT
could be used.
Identify the critical data
which is being audited
as per audit scope and
objectives.
Identify the sources of data from
the enterprise information
system/application software.
These could be relating to
general ledger, inventory,
payroll, sundry debtors, sundry
creditors.
Identify the relevant personnel
responsible for the data and
information system. These
personnel could be from the IT
department, vendors,
managers, etc.
Obtain and review documents
relating to data/information
systems. This should provide
information about data
types/data structures and data
flow of the system.
Understand the software by
having a walk-through right
from user creation, grant of
user access, configuration
settings, data entry, query
and reporting features.
Decide what techniques
of CAATs could be used
as relevant to the
environment by using
relevant CAAT software
as required.

23. CAAT
From RUTVI SHAH 22
EXAMPLES OF TESTS PERFORMED USING CAATs
CAATs can be used for compliance or substantive tests. As per the audit plan,
compliance tests are performed first as per risk assessment and based on the results
of the compliance tests; detailed compliance tests could be performed. Some
examples of tests which can be performed using CAATs are given below:
1. Identify exceptions: Identify exceptional transactions based on set criteria.
⬥ For example, cash transactions above Rs. 20,000.
2. Analysis of Controls: Identify whether controls as set have been working as
prescribed.
⬥ For example, transactions are entered as per authorized limits for
specified users.
3. Identify errors: Identify data, which is inconsistent or erroneous.
⬥ For example, account number which is not numeric.
4. Statistical sampling: Perform various types of statistical analysis to identify
samples as required.
5. Detect frauds: Identify potential areas of fraud.
⬥ For example, transactions entered on weekdays or purchases from
vendors who are not approved.
6. Verify calculations: Re-perform various computations in audit software to
confirm the results from application software with the audit software.

24. CAAT
From RUTVI SHAH 23
⬥ For example, TDS rate applied as per criteria.
7. Existence of records: Identify fields, which have null values.
⬥ For example, invoices which do not have vendor name
8. Data completeness: Identify whether all fields have valid data.
⬥ For example, null values in any key field such as date, invoice number or
value or name.
9. Data consistency: Identify data, which are not consistent with the regular
format.
⬥ For example, invoices which are not in the required sequence.
10.Duplicate payments: Establish relationship between two or more tables as
required.
⬥ For example, duplicate payment for same invoice.
11.Inventory obsolescence: Sort inventory based on data of purchase or
categories as per specified aging criteria or period and identify inventory which
has become obsolete.
12.Accounts exceeding authorized limit: Identify data beyond specified limit. For
example, transactions entered by user beyond their authorized limit or
payment to vendor beyond amount due or overdraft allowed beyond limit.

25. CAAT
From RUTVI SHAH 24
PRACTIAL CASES OF AUDIT WHERE CAAT IS USED
(Auditor, 2021)
CASE STUDY 1:
The following is based on a real-life scenario faced by an internal audit team in the
financial services sector. As part of a regulatory requirements review of the
“Depositor Guarantee Scheme” it was identified that there would be an opportunity
to use CAATs to analyse a critical business data file.
The internal audit team took the decision to analyse the data file using CAATs after
being informed that checks performed by the business had been sample based. By
leveraging CAATs, a 100% check would be achievable and the results would deliver
greater assurance to the business.
Through conversation with the business, it was identified that the file needed to
contain key requirements set out by the Financial Services Compensation Scheme
(FSCS)/Prudential
Regulation Authority (PRA):
❖ Header record – contained information such as creation date, society identifier,
total number of records and number of records in specific criteria
❖ Body records – containing individual details and key identifier to allow records
to be segregated appropriately
❖ Footer record – identifies the end of the file

26. CAAT
From RUTVI SHAH 25
Using the business knowledge of the file layout and expected content, a mind
mapping session was held which focused on matching the data requirements to a test
which would verify their appropriateness. This process identified the following tests.
i. Total number of records in the file matches the total recorded in the file
header record.
ii. A count of the number of records flagged with a specific criteria identifier
matches the totals for each criteria recorded in the header record.
iii. Check for negative balance.
iv. Check for multiple entries e.g., society head office address is being used as
the customer address.
v. Check for anomalies such as missing post code or date of birth or date of
birth greater than 150 years.
vi. Perform keyword matches to return groups of records which can be
analysed further. E.g., the records returned by a search for the word
'solicitor' are checked to ensure they have been allocated to the correct
criteria.
In this instance the team decided to use a data analytics tool called IDEA due to the
number of records (rows) involved (approx. 750,000). However, testing would have
been achievable using Excel 2007* and above. The team were able to interrogate the
data file and identify a list of issues which were reported back to the business in
person and used to pass on knowledge and experience of CAATs. Alongside this the

27. CAAT
From RUTVI SHAH 26
team highlighted the need for the business to investigate the possible root cause
around data capture procedures and a lack of quality control.
Examples of Excel functions which could have been used during the process:
=COUNTIF (Cell Range, Criteria cell or text)
Count the rows containing a specific criteria type, eg =COUNTIF($A$1:$A$5,”
Criteria123”)
=VLOOKUP (What to match, Cell Range, Display Column, Match type)
Find blanks in ColA and return ColB, e.g., =VLOOKUP(“”,$A$2:$B$5,2,FALSE)
* The maximum number of rows supported by Excel 97, 2000, 2002 and 2003 is
65536. For Excel
2007, 2010 and 2013 it is 1,048,576 rows.

28. CAAT
From RUTVI SHAH 27
(Marilena Zuca, 2021)
CASE STUDY 2
TENNIS S.R.L. is a company that mediates the sale of sports items, especially in the
field of tennis - tennis rackets, balls, equipment. The merchandise is purchased from
various vendors and then sold exclusively on the internet. The company sells about
200 kinds of tennis rackets, each identified by a unique product code.
Customers' orders are made directly online, most of them for a racket or two. The
software that receives the orders automatically checks the order details, customer
address, and credit card information before the merchandise is ready and shipped.
The integrity of the command system is regularly checked by an independent Internet
service company.
As an external financial auditor of TENNIS S.R.L., you have just begun planning the
audit of the company's sales system. You've decided to use tests to verify the entry
of customer data into the sales system. This test will include making false orders to
the company's online system.
Here is a list of the types of tests that will be performed in the client's financial
statements audit to confirm the accuracy and integrity of the entry of the data
entered into the sales system:
✓ Enter an order for a negative number of tennis rackets. Reason: to ensure that
the system only accepts a quantity expressed in positive numbers, although the
company cannot deliver a negative product anyway;

29. CAAT
From RUTVI SHAH 28
✓ Enter an order for 10 tennis rackets. Reason: The system must perform a check
to identify possible errors. A warning message should appear on the screen,
requiring the client to confirm once more a command that exceeds a certain
limit,
for example, more than 2 rackets;
✓ Enter a command without completing the payment details. Reason: to make
sure those orders are paid before the merchandise is shipped. This limits the
number of bad payers;
✓ Enter a wrong article code. Reason: to make sure the system detects the wrong
code and issues an error message rather than picking up a similar code and
accepting the order;
✓ Enter incorrect data from the customer's credit card. Reason: to make sure the
system detects the wrong data, so orders are paid before the goods are shipped.
This limits the number of bad payers;
✓ Enter your customer's address in the wrong way. Reason: to ensure that the
online system has access to a database of
✓ correct addresses and codes. Any error should display an error message. The
merchandise will be shipped to a valid address.
Audit tests that can be programmed on TENNIS S.R.L.'s Audit Software for the Sales
and Inventory System are the following:
✓ Checking the calculations from the daily sales situation. Reason: to ensure that
the daily sales situation is properly implemented and checks the balance of the
balance sheet;

30. CAAT
From RUTVI SHAH 29
✓ Analysing the age of the commodity in the inventory register. Reason: to make
sure that it detects old commodity, which must be recorded as a net inventory
value, not as a sales price;
✓ Selecting an inventory sample at the end of the year as part of a physical
inventory check. The reason: to compare the goods from an effective sample
of goods registered as available in the online system and to faster examine it,
compared to a manual system;
✓ Selecting a sample of invoices issued to verify your shipping documents.
Reason: to analyse the integrity and accuracy of the documents recorded in an
effective sample and to examine it more quickly than a manual system does;
✓ Verification of numbers on invoices. Reason: to make sure the chronological
order of numbering and registration in the sales log is correct;
✓ Controlling receipts for all the invoices issued. The reason of the test: all orders
are paid online; therefore, unpaid invoices would be a violation of system rules
and the auditor should investigate them;
✓ Checking the provision for the customers. Reason for the test: to identify why
the merchandise is returned, as returns may be caused by errors in the control
system. By investing in provisions, the auditor checks the system itself.
Below we will illustrate how the spreadsheet helps the financial auditor to identify
duplicates of invoices issued to customers, a common practice in audit practice, as it
responds to a situation where the auditor finds himself quite frequently: upon receipt
of a large list (invoices issued), the auditor should ensure that there are no duplicate
records (multiple accounting records of the same invoice). Even if duplicates are

31. CAAT
From RUTVI SHAH 30
allowed (if several payments are recorded on the same invoice) it may be necessary
to analyse in detail the cause of the duplication and the accuracy of the records.
Figure 1. Details of Original data set (own projection)
Figure 1 presents the set of data containing the list of invoices issued during
the period January - March 2013 by the audited entity, a set of data for which
it is necessary to identify possible duplicates (invoices registered several times).
As it can be seen, each invoice is accompanied by the name of the customer to
whom it was issued and the total amount of the
invoice.

32. CAAT
From RUTVI SHAH 31
The new features of the 2013 version of Microsoft Excel allow the duplicate
records to be identified by a quick and simple method. This involves going
through the following steps:
Step 1 - selecting the cell range containing the invoice numbers (in this case from A3
to D32), followed by choosing the Conditional Formatting command from the Home
menu section of the main menu. Within this command (which is also organized as a
menu), select the Highlight Cell Rules option, then the Duplicate Values option. The
command results in a dialog box through which the user can choose one of the
highlighted variants (by choosing background and text colour). The whole process is
presented systemically in Figure 2.
Figure 2. The first stage of the identification process (own projection)

33. CAAT
From RUTVI SHAH 32
Step 2 - Since the duplicate invoice numbers have been highlighted (by different
colours), it is now only necessary to bring them to the top positions in the list so that
the auditor does not have to go through the entire list in order to observe all
suspicious records. Making this re-ordering, involves selecting one of the different
coloured cells from the list of invoice numbers (selecting a duplicate invoice number),
followed by the Sort order option in the dropdown menu (right-click), and within it,
selecting Put Selected Font Colour on Top (places the first cells with this colour). The
process is synthetically presented in Figure 3
Figure 3. Second stage bringing duplicates on the first positions (own projection).

34. CAAT
From RUTVI SHAH 33
(Egrove, 2021)
CASE STUDY 3
The case study involves the CPA firm of Smith and Co., CPAs, and a potential
audit client, Fawn Exercise Products, Inc. Smith and Co. is a local CPA firm with more
than thirty accounting professionals. Their clients consist mostly of local and regional
businesses, a few of which have been very successful and grown from closely held
companies to companies listed on national stock exchanges. However, most of their
audit clients remain smaller, closely held businesses.
Fawn Exercise Products, Inc. was founded twelve years ago by three
individuals who are currently its chief executive officer, president, and chief
financial officer. Although Fawn did have one public stock offering, the three founders
still have a sufficient percentage of ownership to maintain effective control over the
corporation.
Fawn’s growth has been internally generated except for one acquisition three
years ago that was funded through stock and debt offerings. Through this acquisition,
Fawn expanded its customer base to forty states. Foreign sales are infrequent and are
not significant in amount.
Fawn Company Background
Fawn has two major competitors and an ever-increasing number of smaller
competitors. Fawn had been gaining market share until this year, when a
competitor’s product became increasingly price-competitive and consequently
reduced Fawn’s market share from 21 percent to 19 percent.
Revenues, however, have continued to rise.

35. CAAT
From RUTVI SHAH 34
Fawn’s product line is centred around exercise equipment, including
rowing machines, treadmills, weight machines, and stationary bicycles. Although the
total number of items marketed historically has been less than 1,000, this past year it
increased to 1,250. Inventory obsolescence has been a factor in prior years because
of product enhancements and changing consumer preferences.
Fawn markets its products to wholesalers and major retailers of health and
fitness products. Substantially all of Fawn’s sales are derived from a direct sales force
or telephone orders from existing customers. Although Fawn does not manufacture
any of its products, it does hold exclusive long-term purchase contracts with product
manufacturers. All of these suppliers are located in the Caribbean basin, with the
exception of one domestic supplier located in Burley, Idaho.
Assets consist primarily of cash, accounts receivable, inventories, and property,
plant, and equipment. Fawn uses a spreadsheet to perform cash reconciliations, and
the bank accounts typically have a large number of outstanding checks. Inventory is
a major component of total assets, and a complete physical inventory is taken each
December 31 (the last day of Fawn’s business year). Liabilities include accounts
payable and a line of credit as well as payroll taxes payable and income taxes payable.
Fawn has computerized its information systems, purchasing industry specific,
off-the-shelf software for major applications. The company has an IBM A/S 400 with
both disks and nine-track tapes. The company’s data files have fixed-length records
and an Extended Binary Coded Decimal Interchange Code (EBCDIC) data format. The
system also has the capability to bring data file information down to microcomputers
in ASCII, dBase, DIF, and a number of other data formats. The data files that would be
beneficial for the auditor’s use are the following:

36. CAAT
From RUTVI SHAH 35
NAME NO. OF RECOEDS RECORD LENGTH
Accounts receivable master file 10000 250
Inventory master file 25000 460
Fixed asset master file 500 100
Disbursement master file 4000 190
General ledger master file 1000 220
Initial Client Meeting
A little over two months before Fawn’s year end, John Smith, audit partner with
Smith and Co., and James Worthing, an audit manager, had an initial client conference
with the Board of Directors of Fawn Exercise Products, Inc. (Fawn does not have an
audit committee.) The board consists of the three founders (the CEO, the President,
and the CFO) as well as a vice president and three outside directors. The board
members expressed their concerns about the lack of computer expertise on the part
of the predecessor auditor. They requested that Smith and Co. include in their
proposal a detailed description of how the computer would be used on the audit. At
this meeting, Smith explained the need to make an inquiry of the predecessor and
requested permission to do so. The Board agreed and directed the President to send
a letter to the predecessor authorizing the predecessor to respond fully to the
successor’s inquiries.
Meeting with the Predecessor Auditor
A meeting was arranged with the predecessor and both Smith and Worthing
attended. The meeting lasted less than two hours and consisted of specific inquiries
of the predecessor regarding matters such as facts that might bear on the integrity of

37. CAAT
From RUTVI SHAH 36
management, disagreements with management about accounting principles, and
disagreements over auditing procedures. Smith inquired about the predecessor’s
understanding of the reasons for the change of auditors. Smith and Worthing also
reviewed the predecessor’s working papers.
The meeting with the predecessor confirmed the information given to Smith
and Worthing by the board of directors. Apparently, there were no disputes over
generally accepted accounting principles (GAAP) and the predecessor said nothing
that would indicate any concerns about the integrity of management. The
predecessor believed that Fawn’s concerns about his lack of computer expertise were
unfounded, since all of his auditors had portable computers and were very good at
using electronic spreadsheets. “In fact,” stated the predecessor, “we even put the
working trial balance and several of the supporting schedules on a spreadsheet.”
Preparing the Proposal
After meeting with the predecessor auditor, Worthing and an audit senior
returned to Fawn Exercise Products, Inc. and spent the day with Fawn’s CFO gathering
the information necessary to prepare a formal audit proposal. Smith had directed
Worthing to be particularly cognizant of areas in which the computer could be used
on the audit. In response to Smith’s request, Worthing drafted the memo presented
in exhibit 2.1 before preparing the final proposal:

38. CAAT
From RUTVI SHAH 37
Exhibit 2.1
Sample Interoffice Memorandum
TO : John Smith, Audit Partner
FROM : James Worthing, Audit Manager
SUBJECT : Computer Auditing Procedures for Fawn Exercise Products, Inc.
DATE : November 12, 20XX
At your request I have prepared a list of computer audit procedures that would be
useful in a financial audit of Fawn Exercise Products, Inc. Although I made a concerted
effort to consider every possible opportunity to use computer-assisted audit
techniques, the enclosed list is really nothing more than we would do on any similar
audit.
Suggested CAAT Techniques
Proposal Preparation
● Use Engagement Manager to estimate the cost of the engagement.
Engagement Acceptance
● Use word processing software to prepare client acceptance documentation
and the engagement letter.

39. CAAT
From RUTVI SHAH 38
Engagement Planning
● Use Engagement Manager to convert the estimated cost from the proposal to
an engagement budget by staff person.
● Use our in-house LAN-based scheduling and E-mail software to determine the
availability of staff, to schedule their time for the audit, and to notify them of
the schedule.
● Use Audit Program Generator to prepare audit programs using the library of
audit programs that our firm had developed from past audits.
● Use our working trial balance software in combination with our generalized
audit software to electronically import the trial balance from the client’s
general ledger program as well as the past four years’ final adjusted trial
balance figures.
● Use our working trial balance software to assist in the performance of
analytical procedures, as required by SAS No. 56, in planning the nature, timing,
and extent of other auditing procedures.
● Access, via modem, an external database such as Dow Jones News, Total, or
CompuServe and download industry averages and statistics on Fawn’s key
competitors. This information will be used to perform analytical procedures to
help spot potential problem areas and thereby assist in determining the nature,
timing, and extent of audit procedures. The information will also be useful in
making recommendations to Fawn on how they can improve operations.

40. CAAT
From RUTVI SHAH 39
Fieldwork
● Use our generalized audit software package to access cash disbursements
transactions files and prepare a listing of all transactions with known related
parties. The printed report should group transactions by related party in
descending order according to the size of the transaction.
● Obtain a copy of the 12/31/XX cash reconciliations on diskette. Using
spreadsheet software, re-foot the numerous outstanding checks, deposits, and
other adjustments to the reconciliation. Use this information, along with our
firm’s standard proof of cash spreadsheet template and the bank statements,
to prepare a proof of cash. Print the proof of cash schedule along with a
complete listing of outstanding items and distribute these printouts to the
appropriate staff auditor for use in performing the proof of cash audit
procedures.
● Use our generalized audit software package to compare the dates and amounts
of the outstanding items from the year-end reconciliations to the client’s
transaction files.
● Use our generalized audit software package to access and analyse accounts
receivable information on Fawn Exercise Products, Inc.’s A/S 400. Perform the
following:
1. Foot the file.
2. Age the receivables.
3. Plan a statistical sample (monetary or attribute).
4. Select receivables for confirmation.

41. CAAT
From RUTVI SHAH 40
5. Scan the file for account balances more than $100 in excess of credit
limits and print a listing of these accounts in descending order
according to the size of the excess.
6. Compute statistics to help evaluate the sample results.
● Use spreadsheet software along with the aging schedule prepared above to
compute the adjustment required for the reserve for bad debts. Because our
generalized audit software can export information to a spreadsheet, the
process can be completed without having to re-key any of the numerical
information.
● Export information about the accounts receivable accounts selected for
confirmation to our database software. Use this database software in
conjunction with the mail merge feature of our word processing software to
prepare and print positive confirmation requests.
● Use our generalized audit software to access and analyse inventory prior to the
December 31 physical inventory. The following procedures should be
performed:
1. Foot and extend the inventory cost.
2. Select a sample of inventory items to be test-counted during the
observation of inventory.
3. Prepare a listing of all inventory items with balances over $1,000
where transactions for that item during the year have been less than
75 percent of the year-end account balance. Investigate these items
to determine if they are obsolete and should be written down or off.

42. CAAT
From RUTVI SHAH 41
● After the physical inventory has been taken and the inventory master file has
been updated to reflect appropriate changes, use our generalized audit
software once again to access and analyse inventory. The following procedures
should be performed:
1. Foot and extend the inventory cost.
2. Select a sample for price testing.
3. Extract and audit all inventory items with negative quantities.
4. Extract and investigate all inventory items with quantity on hand but
no unit cost.
● Use our generalized audit software to extract depreciable asset and
depreciation information for the client’s accounting software and then use the
AICPA Depreciation Software to test the current-year depreciation on all
assets.
● Extract all cash disbursements in the thirty-day period following year end that
exceed $1,000 and vouch them to receiving documents or invoices to ascertain
whether they represent unrecorded liabilities.
● Use our generalized audit software to extract all accounts payables that have a
year-end account balance of $—0— when the annual transaction total for that
account exceeds $10,000 and four or more transactions took place in the
account during the year. Send positive confirmation requests to these vendors.
● Use our loan amortization software to recompute current and noncurrent
portions of long-term debt.
● Summarize sales transactions by customer or sort sales for year by customer in
descending order to identify client’s major customers.

43. CAAT
From RUTVI SHAH 42
● Use our generalized audit software to extract all sales transactions, if any, with
a sales invoice date subsequent to year end.
● Use our working trial balance software to record and post any necessary
adjusting, reclassifying, or potential journal entries.
● Use our working trial balance software to prepare a draft of the financial
statements.
● Use our working trial balance software to prepare and post federal and state
tax journal entries that will reconcile the GAAP financial statements with the
federal and state tax returns.
● Export the final trial balance amounts to our in-house tax return package.
Post Fieldwork
• Use our working trial balance software to assist in the performance of
analytical procedures based on the final audited account balances, as required
by SAS No. 56, Analytical Procedures, in overall review of the financial
information in the final review stage of the audit.
• Export the financial statements to our word processing software to allow for
proportional fonts and other desktop publishing enhancements.
• Use the grammar-checking and spell-checking capabilities of our word
processing software to test the footnotes for grammatical accuracy.
• Use word processing software along with Practitioner’s Publishing Company’s
Guideware to prepare the auditor’s report.
• Review Engagement Manager results to document adequate supervision.
• Use the Audit Program Generator checklist to review completeness of financial
statement disclosures.

44. CAAT
From RUTVI SHAH 43
Conclusion
As you can see from the above listing, we typically use a number of software packages
on audit engagements. Those software packages include—
a) Engagement management software for—
i) Estimating the cost of the engagement,
ii) Managing the engagement, and
iii) Documenting adequate supervision.
b) Working trial balance software to—
i) Maintain the working trial balance,
ii) Perform analytical procedures,
iii) Record adjusting, reclassifying, tax, and potential journal entries,
iv) Export information to tax software, and
v) Prepare financial statements.
c) Generalized auditing software to—
i) Examine client records for overall quality and completeness,
ii) Rearrange data and perform analysis,
iii) Select audit samples,
iv) Compare data on separate files, and
v) Compare results of audit procedures with client records.
d) Spreadsheet software for—
i) Analysis of accounts,
ii) Recomputation of client balances and allocations, and
iii) Preparation of schedules.
e) Database software to—

45. CAAT
From RUTVI SHAH 44
i) Sort, resequencing, and summarize data, and
ii) Interface with word processing for mail merge of confirmations.
f) Network scheduling and E-mail software (also known as groupware) to—
i) Schedule staff and
ii) Communicate during the audit.
g) Word processing software to—
i) Prepare engagement letter and confirmation requests,
ii) Grammar and spell-check all final reports and statements, and
iii) Prepare the audit report and the footnotes.
h) External electronic databases to—
i) Research accounting and auditing issues and
ii) Obtain industry statistics for analytical procedures.
i) Depreciation software to recompute client depreciation.
j) Tax software to prepare the corporate tax returns.
Please let me know if you have any other suggestions for computer-assisted auditing
techniques for use on this engagement. I will await your response before preparing
the final draft of the audit proposal.
James Worthing
Audit Manager

46. CAAT
From RUTVI SHAH 45
CASE STUDY 4
ILLUSTRATION (IDEA) Problem:
a. To Test the validity of invoices.
b. To Test for duplicate invoice numbers.
Solution: -
IDEA has two key functions to identify exceptions, irregularities and errors.
These are: Duplicate Detection and Gap Detection.
These functions assist the user to examine large volumes of data and help
identify specific duplicate entries or specific missing entries. These also help the
user obtain an assurance on all data reviewed by it.
Step by Step Procedure for Duplicate
Ensure that Sales Transaction-Sales Trans is the active database.
1) Analysis > Duplicate Key > Detection
2) The Duplicate Key Detection dialog box appears.

47. CAAT
From RUTVI SHAH 46
3) Leave the output Duplicate records option selected.
4) Click Fields and select INVOICENO, INVDATE and USERID.
5) Click Key. The Define Key Dialog box appears.
6) In the Field Column, select INVOICENO and leave the direction as Ascending.

48. CAAT
From RUTVI SHAH 47
7) Click OK to return to the Duplicate Key Detection dialog box.
8) In the File name box, enter Duplicate.
9) Click OK to run the task.
Duplicate Result
a. In the resultant database of 10 transactions with DATE, INVOICENO and USERID
duplicate values are investigated.
b. Duplicate file is opened as current active database.
c. The given result is sorted based on INVOICENO field in ascending direction.

49. CAAT
From RUTVI SHAH 48
SUMMARY
(Marilena Zuca, 2021)
In the computerized modern age in which we live and work, financial auditors
increasingly turn to PC tools, even special financial audit programs, in order to make
their work more efficient, but especially to be able to formulate the most pertinent
and secure audit opinions. Most financial auditors use only the tools provided by the
computer to perform the financial audit. The modern computerized environment,
where every business creates new opportunities but also new risks, additional rules
for security, fairness and acceptable margin of error, thus permanently influencing
the work of auditors. When using computer-assisted auditing techniques, the auditor
finds that his work is improved and much more efficient because he has many
advantages over the traditional system of documentary and financial statement
verification. The auditor must consider the IT environment in designing audit
procedures to reduce the auditor's risk to a low acceptable level, and the auditor's
specific objectives do not change if the accounting data is processed manually or by
computer.
CAATs provide auditors access to data in the medium in which it is stored,
eliminating the boundaries of how the data can be audited. As auditors start using
CAATs, they will be in a better position to have a considerable impact on their audit
and auditee as more time is spent on analysis and less time on routine verification. It
is important to understand the client IT environment and chart out which techniques
of CAAT could be used. The audit plan and tests need to be updated based on changes
in the IT environment as relevant.

50. CAAT
From RUTVI SHAH 49
BIBLIOGRAPHY
⮚ Auditor, C. I. (2021, February 09). Retrieved from Computer assisted audit
techniques (CAATs) - Chartered: https://www.iia.org.uk/resources/delivering-
internal-audit/computer-assisted-audit-techniques-caats/?downloadPdf=true
⮚ Egrove. (2021, 02 10). Retrieved from Auditing procedure study:
https://egrove.olemiss.edu/cgi/viewcontent.cgi?article=1038&context=aicpa
_guides
⮚ ICAI. (2021, February 08). Retrieved from ICAI Bangalore:
http://bangaloreicai.org/images/icons/ITT/5.%20Computer%20Assisted%20A
udit%20Technique%20(CAAT).pdf
⮚ Kalpan Financial Knowledge Bank. (2021, 2 10). Retrieved from
https://kfknowledgebank.kaplan.co.uk/audit-and-assurance/audit-
evidence/computer-assisted-audit-technique
⮚ Marilena Zuca, A. Ț. (2021, 02 10). Retrieved from The Contribution of
Computer Assisted Auditing Techniques (CAAT) and of the Business:
http://oaji.net/articles/2017/2047-1521733393.pdf
⮚ Wikipedia. (2021, 2 10). Retrieved from
https://en.wikipedia.org/wiki/Computer-aided_audit_tools