In a recent webinar called "Verified Analytics: Towards 100% Testing?", we conducted a poll: we asked the attendees about the average sample size for revenue testing. The results were surprising: 60% chose a sample size of 15-30. Meanwhile, 40% preferred a sample size of 50-100. 0% voted for a size of 100+.

Audit test sample sizes remain small across audit firms, raising concerns whether these samples are representative of the entire population of transactions. The FRC is increasingly encouraging the use of technology to improve audit quality, including data analytics, to look at the entire set of transactions across areas such as revenue.  

What does this mean for the future of audit tests? How will tools like Circit ?  

Trends in audit tests  

At Circit, we are focussed on bringing audit participants together in one platform to fulfil a single mission: to put trust in every business transaction for auditors, their clients and evidence providers.  

One of the ways we keep pushing this forward is in conversations with our customer base and other participants in the audit industry. In these discussions, we have been hearing about five trends that help frame the industry's direction in enhancing testing within audit.  

The first trend is around practical challenges: team and clients. Within teams, the main challenge involves retaining existing talent by providing technology that alleviates mundane tasks and allows team members to apply their skills to tasks that drive efficiency.  

On the client side, this means educating clients on using technology and ensuring they see the benefits.  

The second trend is increased guidance around key topics related to audit tests, specifically ISA 500, and ISQM 1. From the regulatory side, the guidance around the technology itself and the language is changing.  

The third trend is about General Ledger, bank data and transactional data. How does the data get into the GL? Where is it coming from? How can associated risks be assessed? How can this data be brought into systems to be matched? How is transactional data collected?  

The collection of transactional data has traditionally had its specific issues around security, completeness and standardisation, with many opportunities for improvement. A product like Verified Transactions can help with the collection of transactional data.  

The fourth trend is that changes to methodology are happening, in particular to ISA 315 and real-time confirmations. Circit can pull third-party data from source in real-time to look at balances in clients’ accounts.  

The last trend is about audit quality and efficiency. Auditors are facing challenges around obtaining and analysing data, improving collaboration with clients and educating team members. The right technologies can provide an outcome and solution to all these challenges.  

A former auditor’s perspective on technology and audit tests   

Dudley Gould: “A lot of audit testing is quite manual, but it doesn’t need to be. Auditors spend a lot of time looking at bank statements, and those statements come in a variety of formats: papers, excels, pdfs.  

With Circit’s direct connections to the banks, we can obtain this data in a streamlined and standardised format for every bank account. There is a lot of opportunity to remove some of the outdated, manual practices in audit, such as the pile of bank statements, the pile of invoices and other piles of paper, having to type it all in manually.”  

‍“How does technology come into audit testing?”  

Dudley: “Auditors will be doing mainly substantive testing with sample sizes between 15 and 30, sometimes a bit higher. There is a lot of pressure for sample sizes to go up and there is a lot of questioning on if the (smaller) sample sizes provide enough audit evidence.”  

On the one hand there is: ‘Let’s stick to our sampling practices and start by trying to digitalise the process. A lot of that substantive testing will involve tracing items to the bank, whether that is income sample, expenditure sample, debtors, creditors and so on.  

Cash plays a role throughout the entire audit. Auditors are spending a lot of time currently manually checking if those payments have been made or received but now that we have a secure data stream directly from the source, not only do we know that that data is complete and accurate, we can take that data and automatically match it to our samples.  

The other piece that it enables when digital workflow is in place is that firms can move on from sampling and look at the entire data set for audit tests. This is something that larger firms have been doing for a while now, but this technology means it can also easily be applied to mid-tier firms.”  

“We see one of the main challenges is obtaining transactional data. What are ways to alleviate this?”  

Dudley: “Use a solution like Circit. With our product, Verified Transactions, our clients benefit from integrations directly with the bank with no intermediaries, meaning the data comes straight from the source. The client still has to authorise the connection, but Circit has banking level security which allows us to retrieve and display transactional data.  

The fact it’s straight from the source is very important, especially with ISQM 1 in mind. ISQM 1 is about quality management: how do we know that the data we’re working with is high enough quality, complete and accurate? In this case the answer is: because it comes from the banks.  

A key piece for the audit use case is the payee and IBAN end point information. We are working with the banks to help them build out these additional, premium end points. IBAN is a very powerful one for audit as it can be cross checked against supplier data and payroll data.”  

“What are the other challenges in getting to 100% testing?”  

Dudley: “There is a lot of pressure from regulators on firms to remove outdated sample size caps and to increase sample sizes. The main pressure point in that case is resources: they don’t have the team size or capabilities to increase the sample size, let alone double it. The other issue is: how do auditors get to 100%? In other words, the tools, the inside knowledge. Especially mid-size or smaller firms can’t afford to build out a team of specialists. They need tools that auditors can get to grips and up and running with in a short amount of time.  

‍“What guidelines are there around 100% testing?”  

Dudley: “Guidance is the final challenge. It’s asking, “How?”. Even if firms have the tools and resources, it’s quite a big shift in methodology and auditors are looking for guidance from the methodology providers, the ISAs, which is slowly coming but not quite there yet.  

More guidance will emerge around embracing technology. So far, we have the updates to ISA 315 and ISA 240. They are the first ISAs that make reference to automated tools and techniques. They don’t just mention automated tools and techniques but data analytics specifically. This is a big sign of what the FRC will be looking for in upcoming file inspections and the shift in how audits are conducted.  

The guidelines that we need focus not so much on the tools and techniques, but on how to implement them.    

‍“Any closing remarks or words of advice?”  

Dudley: “I think it’s important for teams to pick the right starting point. Don’t try to do everything at once. If you’re still obtaining excel and pdf statements, start with streamlining your data collection by obtaining them digitally. There will be immediate quality improvements and time savings benefits there. Don’t go too deep too quickly, but also don’t do nothing.”  

Download pdf
Request a demo

See what Circit can do for your firm

We use Cookies

Hi. This website uses essential cookies to ensure its proper operation and tracking cookies to understand how you interact with it. The latter will be set only upon approval. Read more

Privacy Setting
X

We use cookies to ensure the basic functionalities of the website and to enhance your online experience. You can choose for each category to opt-in/out whenever you want. For more details about cookies and how we use them, read the fullCookie Policy.

Essential
Marketing
Personalization
Analytics
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.