- Customer: Audit Office of New South Wales
Environment of Greater Efficiency
The Audit Office of New South Wales assists the Auditor-General in fulfilling its Parliamentary duty to hold the government accountable to its constituents. The Audit Office’s core services include financial and performance audits, compliance reviews, and protected disclosures. The Audit Office generates over AU $35 million in annual revenues and has nearly 500 clients ranging from large statutory authorities and departments to small subsidiary companies. The Office earns the bulk of its income from financial audit fees, while salaries and related expenses comprise the largest expenditure.
The Audit Office of New South Wales performs an external auditing function for all state government agencies. The Information Systems Audit team wanted to develop a program to deliver greater value to agency clients and their internal financial auditors. The team was already using ACL data analytics in an ad-hoc manner but wanted to move to the managed analytics level on the Audit Analytic Capability Model.
With the managed analytics solution, the Audit Office saw an opportunity to develop stronger data management practices and more organized audit techniques. Staff members often ran data analytics on laptops loaded with different software, data sets, and altered analytics. While Information Systems Audit could set the rules, they simply couldn’t guarantee procedural consistency.
Implementation, Planning and Experience
Given the size and complexity of its operations, the Audit Office expected to spend up to three years establishing a managed analytics program. Thanks to a well-planned implementation with hands-on support from Australian ACL partner, Satori Group, the team achieved its initial goals in less than 12 months.
Satori consultants supervised the deployment, developed custom analytics, and conducted staff training sessions. It was critical to help auditors understand the difference between running ad-hoc tests and accessing approved, repeatable analytics through a secure server. Training was also provided for Information Systems auditors who will develop and refine analytics on a daily basis.
The majority of the Audit Office’s testing targets General Ledger journals. The analytics scrutinize complete data files to pinpoint high-value transactions, journals approved and posted by the same person, journals containing unusual words, or transactions posted on evenings, weekends and public holidays.
Audit Office clients are justifiably sensitive about confidential data exposure. Before the deployment, auditors had to run analytics on a laptop. Now, auditors can quickly run analytics on a secure server (in minutes rather than hours) – even when working remotely. This commitment to data privacy has strengthened professional relationships and even enabled field auditors to pass on security best practices to their clients.
The Audit Office of NSW has used AuditExchange to
- Provide secure, remote data access for users
- Increase control and central management of approved analytics
- Gain deeper assurance through complete data population analysis
- Eliminate duplication and drive efficiencies
The solution enables the Audit Office to provide multi-level access to repeatable analytics. The team currently has 10 auditors who develop analytics, while another 30 simply access and run tests stored in the central repository. This flexible model ensures auditors can focus their time on the financial statements, rather than the technical details of data mining.
With data stored and analysed on the server, sensitive client files are fully protected. The central repository promotes stronger data management and creates an environment of greater efficiency. The Office serves 500 clients that require similar analytics (such as standard AP and payroll tests), so ACL users can simply point, click, choose parameters, and get quick results through the browser-based interface. The solution ensures a standard approach with a full audit trail.
Before the deployment, the Audit Office applied approximately 33 ad-hoc analytics to its everyday activities. After the implementation, the total quickly reached 140, and the team expects to run at least 300 unique tests in another 12 months.
Going forward, the team plans to highlight unusual business trends and data patterns that equip auditors to ask better questions. They’ll use analytics to track anomalies between public reports and internal data. It’s an exciting new direction for the team.
The Office also plans to equip the majority of its 200 financial auditors to access and run approved analytics. It’s the best way to embed data analysis in the audit process and better understand clients – including their key risks and opportunities. By using analytics in the planning stages, the team can promote further efficiencies and more effectively identify fraud. “There are simply no restrictions on the use of ACL and AuditExchange,” says Henry Szus, Head of Information Systems Audit. “It’s simply a matter of our own imagination and initiative.”