Kansas Elsas Top-Cycle

1,232 views

Published on

P.I. Elsas & J. Gangolly: Enterprise-level Process Documentation incorporating Automatic Audit Analytics, Biennial Deloitte / University of Kansas Auditing Symposium, Lawrence, Kansas, USA, May 2008 (invited keynote)

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,232
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
9
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • 0. Good morning, my name is Philip Elsas from ComputationalAuditing.com. 1. I would like to start by thanking Professor Ed O’Donnell for organizing this Symposium & inviting me. Thank you, Ed. 2. And I would like to excuse Professor Jagdish Gangolly, who is not able to attend, for his co-operation preparing a paper where the presented material is treated in more depth. Thank you Jagdish. Please feel free to ask your questions during the presentation at special points (21x)
  • Smart Audit Support - Build & Apply - Industry Templates - for the Audit Planning Process. International & National - Build is done by auditors only - no ITers involved. Dutch Tax Office, Center for Process & Product Development, report “Optimizing Audit Decisions” in fiscal audit; an approach relying on audit documentation; relevant for audit oversight approaches. Personally at Deloitte - first half Internal Audit Staff - second half External Management Consultant Intermezzo late nineties at Bakkenist Management Consultants as consultant & shareholder - sold to Deloitte
  • First 8: set the stage & check to see if we are all on the same page
  • Professor Ira Solomon’s March interview arguing Massive Overhaul of Auditing Practices: financial statement fraud tend to rise during economic downturns + Increasing irritation in North-America’s Corporate Management: Weakening of US international competitive position due to overhead caused by Sarbanes-Oxley; Value/Cost ratio of audits is declining as perceived by corporate management (lower added value, higher cost). “ Irritation, and not necessity, is the mother of invention”, Henry Petroski: The Evolution of Useful Things, introducing a convincing theory of technological innovation as a response to perceived failures of existing products or services.
  • Financial Statement Level Risk
  • Relevant issues are active, and has to be touched upon. Anything else is inactive and omitted. Relevant issues can not be missed (to avoid blunders). Anything else cannot be accessed (to avoid waste of time). Issues: questions, forms, sections, tables, tasks in the audit plan, etc. etc. Any active question can be chosen for answering. As a prefab consequence of answering a multiple-choice question, the set of active questions may grow or shrink (as predefined). The decisions about what to consider and not to consider as a consequence of a possible answer are conditionally predefined in the guidance model.
  • The template for the document shown earlier. The decisions about what to consider and not to consider are conditionally predefined in this guidance model. The Player is the operational semantics of the specification in the Builder. In the Builder the specification is structured data that is analyzed on desirable properties (e.g. cycle freeness). In the Player the specification is also data but interpreted in a different way: as code to be executed. More details on the difference between data, code, interpreters, models, etc. Also applying to diagrams as sentences.
  • Audit Support Objectives stated in Deloitte’s reaction to SEC S7-11-06 Criteria for guidance & support: system bridging theory & practice . Flowchart: schematic representation of a process.
  • X-Raying: expert level (letter SRA -> CaseWare). Schematic representation of a process: Flowchart & Petri net. Petri nets are currently very successfully applied in business workflow. How to make a start with getting an understanding of Dutch auditing theory? Chapter 2 of CA. How to make a start with getting an understanding of Petri net theory? Wikipedia, start at flowchart, refers to petri net.
  • State, Buffer, Place or Stock are all synonyms for the Static Primitive: a container of units: typed business values Transactions occur, even concurrently; occurrences are registered at transactions Event: synonym to transaction occurrence Buffer sign ‘+’: Asset; ‘-’: Liability Value Cycle Structure is synonym for Supercycle Structure; ‘Structure’, or its synonym ‘Definition’, is often omitted An arrow is either from a buffer to a transaction: inflow/consume; or from a transaction to a buffer: outflow/produce; never directly to the same type; the arc weight indicates amount of units involved, with default 1, that may not be shown. When a transaction occurs it consumes the weighted amounts of units from all its inflow and produces on all its outflow. Diagram that is an abbreviation, short-hand notation for a pair of more complex underlying diagrams (Soll & Ist). Smart Flowchart. Schmalenbach diagram. Mental model coinciding with Executable model. The block arrows are just comments, just as the call-out text balloons. A unit buffer may either contain physical units (money, goods, etc.) or non-physical units (debt, credit, etc.), accompanied by zero or more mutually independent (SoD) registrations. A Sales results on one hand in a Sales Order and on the other hand in a $2 Debtor. A Purchase results in a $1 Creditor and a Purchase Order. Etc. Interpretation from transaction perspective versus interpretation from buffer perspective (dual). The mnemonics, S & T, are handy to remember that States are represented by circles and Transactions are represented by boxes. Turbo add-on to American cycle-oriented audit approach.
  • The Flow of Money is presented above the horizontal line “from right to left”. The Flow of Goods/Services is below and “from left to right”. Animation. Not for simulation: real data. Diagram of the value cycle for a commercial business in a format the computer can understand and analyze. A sales results on one hand in a sales order and on the other hand in a $2 debtor. A purchase results in a $1 creditor and a purchase order. Section I contains money due FROM others (debts of others, other companies, to this company; the debtors, the company’s accounts receivable); Section II , contains money due TO others (other companies; the creditors, the company’s accounts payable). Section III contains goods/services due FROM other companies, and Section IV contains goods/services due TO other companies, or private individuals. The two Sections N show the company’s possessions in cash and goods. The diagram shows the value cycle in an error-free Soll modality. However, this value cycle also exists in an Ist modality, in which also erroneous, illegitimate transactions are recognized in addition to the error-free, legitimate ones. These erroneous transactions may or may not be intentional. The diagram for the Ist value cycle is automatically generated from that for the Soll. The cash flow runs above the horizontal line; the flow of goods and services, below it. Section I contains the company’s accounts receivable; Section II , its accounts payable. Section III contains goods and services due from other companies and Section IV contains goods and services due to other companies. The two Sections N show the company’s possessions in cash and goods.
  • Starreveld Typology; proven conceptualization; proven in practice, over decades. Recognized High Quality Audit. Very well suited for automated support. As is already done + pilots.
  • Constraints. E.g. on associating agents to buffers, for Auth & Able. Alert for Able: ‘ Other maintenance resources’: include ‘f’ ‘ Maintenance man-hours’: include ‘f’ No alerts for agent associations to transactions.
  • No alerts for agent associations to buffers. No alerts for agent associations to transactions.
  • Yasper: no audit theory, no inspection facilities in specification time for constraint verification (supercycle A-invariant check per rewrite) Why didn’t Deloitte build it: already leader & difficult blueprint
  • Kansas Elsas Top-Cycle

    1. 1. Enterprise-level Process Documentation incorporating Automatic Audit Analytics Philip Elsas, ComputationalAuditing.com Jagdish Gangolly, SUNY-Albany Lawrence, Kansas May 2-3, 2008 2008 Deloitte / University of Kansas Auditing Symposium Assessing Audit Risks in an Evolving Assurance Environment
    2. 2. Introduction <ul><li>Since 2003: Company - Canada, Netherlands </li></ul><ul><li>1988 - 2003: Deloitte. with Bakkenist intermezzo, sold to Deloitte. </li></ul><ul><li>1990 - 1996: PhD Computational Auditing </li></ul>- Principal, Chief Architect & inventor of Smart Audit Support - Smart Audit Support is since 1994 key in Deloitte’s worldwide audit practice. Currently integrated in “The Deloitte Audit” - System blueprint in Chapter 5 of … - PhD in Mathematics & Computing Science on Financial Auditing - Parallel to Smart Audit project, 30% part-time - Directly after appearance awarded with the biennial Alfred Coini Prize for the best publication in Auditing Offering software and consultancy services to audit practices and audit software firms 1 Used in 2003 by Dutch Tax Office as Frame of Reference to compare Big 4 planning and decision-support models & systems to investigate how to improve audit productivity (57 page report). Considers Smart Audit Support “leader of the pack”.
    3. 3. Agenda Enterprise-level Process Documentation incorporating Automatic Audit Analytics <ul><li>Modern Auditing: Challenge, Criteria & Solution Approach (8) </li></ul><ul><li>What can you do with it? Examples of major analytics (8) </li></ul><ul><li>More on positioning this Doc Technique & Tooling (4) </li></ul>2 <ul><li>What is it? How doc looks and what it actually is (4 + movie) </li></ul><ul><li>How to prepare it? Making doc in safeguarding tool (1) </li></ul>
    4. 4. Modern Auditing: Challenge <ul><li>1. Focus on Client’s Processes </li></ul>On both Client Engagement Level & on Template Level 3 While bridging the gap in the Audit Process between: 2. Risk Analysis on Process Assertions: identify, assess & respond 3. Items in the Financial Statements In a modern top-down , risk-based Audit Approach with a focus on client’s processes the challenge boils down to: a. How to understand Client’s Top-level Business Process b. How to guide and document getting this understanding c. How to guide and document using this understanding <ul><li>Ruling standards & </li></ul><ul><li>Audit software </li></ul>1 2 3 Client’s Occurrence Risk Auditor’s Detection Risk
    5. 5. <ul><li>Deloitte’s </li></ul><ul><li>International </li></ul><ul><li>Audit </li></ul><ul><li>Approach </li></ul><ul><li>“ 40.000 feet”, nineties </li></ul><ul><li>Role of Doc: all phases </li></ul>p.62 Deloitte’s Audit Process at Engagement Level (1 of 3) 4
    6. 6. <ul><li>Doc Index </li></ul><ul><li>Planning </li></ul><ul><li>docs are </li></ul><ul><li>part of </li></ul><ul><li>Smart </li></ul><ul><li>Audit </li></ul><ul><li>Support </li></ul>Deloitte’s Audit Process at Engagement Level (2 of 3) p.336 5
    7. 7. <ul><li>Inside a </li></ul><ul><li>planning </li></ul><ul><li>document </li></ul><ul><li>“ Player” </li></ul><ul><li>system </li></ul><ul><li>Player of </li></ul><ul><li>what? </li></ul><ul><li>Guidance </li></ul><ul><li>Model </li></ul><ul><li>Where </li></ul><ul><li>does that </li></ul><ul><li>Model </li></ul><ul><li>come </li></ul><ul><li>from? </li></ul><ul><li>(=investment) </li></ul>Deloitte’s Audit Process at Engagement Level (3 of 3) p.337 6 <ul><li>Guidance is: </li></ul><ul><li>Easy-to-use & </li></ul><ul><li>Powerful </li></ul><ul><li>Easy-to-use: </li></ul><ul><li>Familiar interface: form-based </li></ul><ul><li>Answering multiple-choice questions that guide & document the audit, and… </li></ul>as a tacit side-effect of answering: safeguards the correct (de)activation of other questions, & “how to” approaches to risk assessments & responses Here questions can only be answered <ul><li>Powerful: </li></ul><ul><li>Effective: conditionally relevant risks cannot be overlooked & </li></ul><ul><li>Efficient: risks conditionally not relevant cannot be assessed </li></ul>Yearly ROI guess : 20K man-yrs/yr x $10K cost reduction/man-yr ROI <ul><li>Return is: </li></ul><ul><li>Relevant Doc & Planning, no more no less </li></ul><ul><li>Easy & strict way to get it </li></ul>Documentation = Specification Executable Specification = Source Code Executable Specification of “Auditor’s Evidence Acquisition Strategy” - David Budescu, Mark Peecher & Ira Solomon - Integrated in Interactive Documentation
    8. 8. 7 Deloitte’s Smart Audit Support( 1 ) p.324 Proven Architecture for Interactive Documentation & Guidance Audit Plan Performance Module (blueprint only) Audit Evaluation Module (blueprint only) Smart Audit Support ( 2 ) Audit Planning Module KST Definition Module Knowledge Specification Tool National Tailoring one per engagement team one in Deloitte one per country Client Tailoring Assurance Environment
    9. 9. <ul><li>p.334 </li></ul>8 Defining a planning document with its behavior “ Builder” system Builder of what? Guidance Model Builder’s primitives come from theory Here questions are made and connected Documentation = Specification Executable Specification = Source Code Deloitte’s Audit Process at Template Level (1 of 1) <ul><li>Guidance is: </li></ul><ul><li>Easy-to-use & </li></ul><ul><li>Powerful </li></ul><ul><li>Easy-to-use: </li></ul><ul><li>Familiar interface: form-based </li></ul><ul><li>Dialog box transactions: to stepwise specify an interconnected questionnaire to guide and document the audit, and… </li></ul>as a tacit side-effect of every step: safeguarding a technically correct (de)activation structure for questions & their answer choice’s impact on audit planning <ul><li>Powerful: </li></ul><ul><li>Correctness by Construction </li></ul><ul><li>Domain-specific Language </li></ul>Executable Specification of “Auditor’s Evidence Acquisition Strategy” - David Budescu, Mark Peecher & Ira Solomon - Integrated in Interactive Documentation
    10. 10. Challenge & Criteria 9 In a modern top-down , risk-based Audit Approach with a focus on client’s processes the challenge boils down to: a. How to understand Client’s Top-level Business Process b. How to guide and document getting this understanding c. How to guide and document using this understanding 3 Now we have key criteria for modern guidance in process documentation: <ul><li>Guidance: </li></ul><ul><li>Easy-to-use & </li></ul><ul><li>Powerful </li></ul><ul><li>Easy-to-use: </li></ul><ul><li>Familiar interface: close to flowcharts </li></ul><ul><li>Dialog box transactions to stepwise specify client’s business process, and… </li></ul>as a tacit side-effect of every step: safeguarding a technically correct business specification, allowing powerful automatic audit analytics “on-the-fly” & on the result <ul><li>Powerful: </li></ul><ul><li>Correctness by Construction </li></ul><ul><li>Audit-specific Diagram Language </li></ul>Engagement Level & Template Level - Effective - Scalable - Cost-Efficient
    11. 11. Solution Approach 10 <ul><li>Powerful system that supports practice and is founded in theory: </li></ul><ul><li>The world’s strongest Process-oriented Auditing Theory: Classical Dutch Auditing Theory </li></ul><ul><li>& Its Best-fitting rigorous Process Theory: Petri nets tailored for the Auditing Domain </li></ul>Top Benefits <ul><li>Major examples of Powerful Audit Analytics, impossible with old-style approaches: </li></ul><ul><li>X-Raying a body of authorizations on immunity to major classes of fraud </li></ul><ul><li>Deriving a model of enterprise-wide checks & balances, basis for automatically generating executable scripts for data analysis tools </li></ul><ul><li>Feasible: Petri net reachability analysis from initial to trial/final balance </li></ul>Stringent Application of a Correct Systematic Approach: Clarifying & Refreshing 50% added value, E&Y Typology with structured classification of audit approaches per type of industry Proven in theory & practice
    12. 12. Agenda Enterprise-level Process Documentation incorporating Automatic Audit Analytics <ul><li>Modern Auditing: Challenge, Criteria & Solution Approach </li></ul><ul><li>What can you do with it? Examples of major analytics </li></ul><ul><li>More on positioning this Doc Technique & Tooling </li></ul>11 <ul><li>What is it? How doc looks and what it actually is </li></ul><ul><li>How to prepare it? Making doc in safeguarding tool </li></ul>
    13. 13. What is it? Elementary Trade Example 12 Top-down, Leveled Diagram Enterprise-wide: Integral & Unifying Top-level is a Supercycle: one level up & connecting US cycles 200 100 Normative (‘Soll’) & Representative (‘Ist’) Mental Model = Executable Model Flow of Money Flow of Goods Static: State Balance Item S Dynamic: Transaction Profit & Loss Item T
    14. 14. What is it? Trade Diagram in detailed Audit Net 13 http://www.ComputationalAuditing.com/images/Kring.swf 1. Purchase 2. Accept 3. Sales 4. Deliver & Collect 5. Pay 6. Collect Process Steps
    15. 15. Auditing Laws of Starreveld & Frielink 14 The computational interpretation of these Laws leads to the Audit Invariant: used as preventive safeguard 1. Law of Relation between Produced & Consumed Illustrated by movie: A rational, normative relation between frequencies of business transactions in the supercycle and generated margin <ul><li>Law of Relation between State & Event </li></ul><ul><li>Illustrated by movie: BETA-equation for every State: E nd – B egin – I nflow + O utflow = 0, except Money > 0 </li></ul>
    16. 16. 15 ComputationalAuditing.com Starreveld Auditee Classification Based on Rigor in the Supercycle Audit Pack Platform Drill-down tree with downloadable packs Every node contains a supercycle pack & client-tailoring guidance Uploader, downloader & broker Client Side: “Information Rules” Pack Trade Roll Upward Roll Forward - Effective - Scalable - Cost-Efficient Audit Pack Platform Real software Release 0.5 April 2008
    17. 17. Agenda Enterprise-level Process Documentation incorporating Automatic Audit Analytics <ul><li>Modern Auditing: Challenge, Criteria & Solution Approach </li></ul><ul><li>What can you do with it? Examples of major analytics </li></ul><ul><li>More on positioning this Doc Technique & Tooling </li></ul>16 <ul><li>What is it? How doc looks and what it actually is </li></ul><ul><li>How to prepare it? Making doc in safeguarding tool </li></ul>
    18. 18. Qualitative Audit Analytics: Segregation of Duties (1 of 3) 17 50 600 5 2 3 60 10 5 300 15 40 5 Everything for SoD analysis Real case: International Network of Accountants and Auditors, INAA, SRA M: Majority Owner-Manager S: Sales department B: Buy/Purchase department F: Financial administrator T: Technical staff manager W: Warehouse manager Agent Legend Capital: Authorization - Small: Ability S f F m F t B f w F m B m f B f w M f F m F s W m t W m t W m t T m F m b F m s
    19. 19. INAA, SRA Case Output: Solo-Fraud Base 18 Potential Solo-Fraud Qualitative Audit Analytics (2 of 3) Conceptual Primitives Why is this class relevant? ISA 240 Isn’t this only interesting for SME?
    20. 20. 19 Qualitative Audit Analytics - SoD (3 of 3) X-Raying Segregation of Duties: Support to Illuminate an Enterprise’s Immunity to Solo-Fraud UWCISA presentation on: http://artsms.uwaterloo.ca/accounting/uwcisa/symposium_2007/Program.htm Paper with discussions and response, appearing in the International Journal of Accounting Information Systems, June 2008
    21. 21. Quantitative Audit Analytics: Check Model (1 of 5) 20 Real case: Ernst & Young Everything for Check Model Book & Course flow: 1-1 normative Materiality Coverage of registration points in SoD: S & T Quantitatively motivated process decomposition 225 25 200 225 500 25 25 1,000 400 400 100 20 20 20 20 500 400
    22. 22. 21 Quantitative Audit Analytics: Enterprise-level Check Model, Output E&Y Case (2 of 5) 1. Debtors ‘+’ Deb : Deb I ( Sales )*1000 + Deb B – Deb E  Deb O (Collect)* 40 *25 2. Sales Fee ‘-’ sFee : sFee O (GrantFee)*400 + sFee E – sFee B  sFee I ( Sales )*400 3. Course Orders ‘-’ cOrd : cOrd O (DeliverCourse) + cOrd E – cOrd B  cOrd I ( Sales ) 4. Book Orders ‘-’ bOrd : bOrd O (DeliverBook) + bOrd E – bOrd B  bOrd I ( Sales ) 5. Teacher Hours ‘+’ tHour : tHour I (EmployTeacher)*20 + tHour B – tHour E  tHour O (DeliverCourse)*20 6. Room Hours ‘+’ rHour : rHour I (RentRoom)*20 + rHour B – rHour E  rHour O (DeliverCourse)*20 7. Course Books ‘+’ Books : Books I (BuyBook) + Books B – Books E  Books O (DeliverBook) 8. Salaries ‘-’ Sal : Sal O (PaySalaries)*500 + Sal E – Sal B  Sal I ((GrantFee)*400+(EmployTeacher)*100) 9. Creditors ‘-’ Cred : Cred O (PayCreditors)*225 + Cred E – Cred B  Cred I ((BuyBook)*25+(RentRoom)*200) 10. Cash ‘+’ : Cash I (Collect)* 40 *25 + Cash B – Cash E  Cash O ((PayCreditors)*225+(PaySalaries)*500) B : Beginning I : Inflow E : End O : Outflow Spanning Reconciliation Checks Asset (‘+’) Buffer: I + B - E = O Liability (‘-’) Buffer: O + E - B = I Correctness = Isn’t it overstated? Completeness = Isn’t it understated? Algebraic deduction 1 st interpretation: Bold font = Completeness Regular font = Correctness 2 nd interpretation: Bold font = Correctness Regular font = Completeness 1 st interpretation: Completeness of stated debtor revenues Historical: owner-ordered audit 2 nd interpretation: Correctness of stated debtor revenues Historical: management-ordered audit Today: Management-ordered audit on behalf of both current (1 st ) and future (2 nd ) owners/shareholders “ Over-constrained”
    23. 23. 22 Frielink et al Classical Dutch Auditing Education Literature Three Example Enterprise-level Process Check Models Quantitative Audit Analytics (3 of 5) Auditor’s Evidence Acquisition Strategy - David Budescu, Mark Peecher & Ira Solomon
    24. 24. 23 Automatically generating executable scripts for data analysis tools Quantitative Audit Analytics (4 of 5) Case provided by Tom Koning, author of: “The Auditor’s New Clothes”
    25. 25. Quantitative Audit Analytics: Reachability (5 of 5) 24 A System of Spanning Reconciliation Checks, the Check Model, corresponds to the Flow Matrix of the normative Petri net Petri Net Reachability Analysis from Initial to Trial/Final Balance goes a step further then detailed Spanning Reconciliation Checks by taking into account Time Stamps in Event Registrations - Interrelating all buffer contents on a day-to-day basis - Reconciled with day-to-day external evidence - Shows deviations and associated risks  Trial Balance Spanning Reconciliation Checks can be applied in Totals or in Detail per parameter
    26. 26. Agenda Enterprise-level Process Documentation incorporating Automatic Audit Analytics <ul><li>Modern Auditing: Challenge, Criteria & Solution Approach </li></ul><ul><li>What can you do with it? Examples of major analytics </li></ul><ul><li>More on positioning this Doc Technique & Tooling </li></ul>25 <ul><li>What is it? How doc looks and what it actually is </li></ul><ul><li>How to prepare it? Making doc in safeguarding tool </li></ul>
    27. 27. Stringent application of correct systematic approach 26 Large model is built and used at Dutch Post Office <ul><li>Guidance is: </li></ul><ul><li>Easy-to-use & </li></ul><ul><li>Powerful </li></ul><ul><li>Easy-to-use: </li></ul><ul><li>Familiar interface: close to flowcharts </li></ul><ul><li>Pop-up box transactions to stepwise specify client’s business process, and… </li></ul>as a tacit side-effect of every step: safeguarding a technically correct business specification, allowing powerful automatic audit analytics <ul><li>Powerful: </li></ul><ul><li>Correctness by Construction </li></ul><ul><li>Audit-specific Diagram Language </li></ul>Engagement Level & Template Level 100 200 100 200
    28. 28. Agenda Enterprise-level Process Documentation incorporating Automatic Audit Analytics <ul><li>Modern Auditing: Challenge, Criteria & Solution Approach </li></ul><ul><li>What can you do with it? Examples of major analytics </li></ul><ul><li>More on positioning this Doc Technique & Tooling </li></ul>27 <ul><li>What is it? How doc looks and what it actually is </li></ul><ul><li>How to prepare it? Making doc in safeguarding tool </li></ul>
    29. 29. Con’s & Response 28 To be finalized for clients & content providing expert auditors Support is too immature 3 - ‘Type of industry’ is essential - A lot is attributable to the supercycle - Gives focus on determining normative relations Only supercycle related, and not everything is in the supercycle 2 - Reuse & extend already existing models - Gives good and visible foundation to opine upon, improving documentation quality & applicability - Large model is cumbersome to make, making it only suitable for SME - A lot of information is required 1 - Qualitative: margin size has no influence on number and structure of pot. fraud constructs - Quantitative: tolerance is allowed, but leads to weaker numerical checks, to be compensated Normative gross margin is fixed 4 Integrate these as ‘pre-processing’ transactions in client’s business model Authorizations on: - Root data: price lists, employee lists... - Filters in record keeping chain 5
    30. 30. Pro’s 29 “ The stringent application of a correct systematic approach will without any doubt improve audit quality ” A.B. Frielink, Lead author of Dutch Auditing literature, personal correspondence regarding the Computational Auditing thesis - “Mapping out the supercycle is considered clarifying and refreshing : establishing a wider look than traditional cycles” - “The schema technique is not too complex and can be well understood ” - “Guides the input preparation process by a systematic framework ” - “The support is feasible in practice ” Hans Verkruijsse & team, Partner Ernst & Young, National Director Audit Technique, Evaluation report regarding the diagram technique and application for SoD analysis More prominent references: Hans Blokdijk, Emeritus Auditing Professor, ex-KPMG partner Ruud Veenstra, former Chairman of Deloitte Netherlands Harold Kinds, National Director Audit Technique, INAA Netherlands Peter Waas, National Audit Coordinator, Dutch Tax Office
    31. 31. Comparison Audit-Specific Diagram Language Yasper/Prom (Deloitte & TUE) Audit net Editor  Criteria Tool  + Flowchart software 30 Correctness by Construction Underlying Rigor Deloitte’s Smart Audit Support – + + – + + + – +
    32. 32. 31 ComputationalAuditing.com Continuation You are an expert auditor? Why not have a facilitator to leverage your guidance impact for your audience? 1. Smart Audit Planning Forms 2. Generating Checking Scripts 3. Smart Flowcharts All Pack-based & Web-based Correctness by Construction Script Generator Typology Platform Supercycle 200 100

    ×