Practical Implementation of Data Analysis. IIA OC Chapter Meeting February 18, 2014 Edwards Lifesciences Global Internal Audit
Size: px
Start display at page:

Download "Practical Implementation of Data Analysis. IIA OC Chapter Meeting February 18, 2014 Edwards Lifesciences Global Internal Audit"

Transcription

1 Practical Implementation of Data Analysis IIA OC Chapter Meeting February 18, 2014 Edwards Lifesciences Global Internal Audit

2 Agenda Introduction Data Mining Travel and Expense Audit Special Words Stratification Cash vs. Credit Card Excel Risk and Validation Best practices Spreadsheet Validation Demonstrations

3 Global Internal Audit Team Abel Casanova, Sr. Manager Orlando Lopez, Sr. Manager Daphne Chi, Sr. Auditor Julie Ann Fan, Auditor

4 Data Mining What is Data Mining? Automated or semi-automated analysis which transfers large-scale data into understandable information Using computer tools to examine all (or nearly all) the population in an audit test Why Data Mine? Data mining is a fast and efficient way to reveal hidden exceptions, patterns, and trends

5 Data Mining Example: Expense Report Analysis Allan Capone Jr. Sales Representative based in Las Vegas, Nevada Expense reports from Obtained extract of data from the T&E System 2,125 transactions over 36 months

6 Data Mining Audit Test Special Words What are Special Words? Special Words is a type of audit test used to identify transactions with suspicious words Special Words is an audit test used to analyze the grey areas and is a type of fuzzy logic Why use Fuzzy Logic? Incorporates reasoning in the audit test to identify fraud or exceptions Can find really neat items

7 Data Mining Audit Test Special Words Golf, mini, bar, cash, advance, gift, bribe, adjustment, allocation, government, party, cell phone, event, service Additional fun words: Jack Daniels Using Caseware IDEA, function searches for the occurrence of a specified string or piece of text in a character field, date field, or string and if found it returns the starting character position of the specified string. If the string is not found, a value of 0 is ( "mini", "bar", "jack", "advance", "gift", "bribe", "adjustment", "event", "party", "service", "government", COMMENT)

8 Data Mining Audit Test Special Words

9 Data Mining Audit Test Special Words Results Golf, mini, bar, cash, advance, gift, bribe, adjustment, allocation, government, party, cell phone, event, service, Jack Daniels

10 Data Mining Audit Test Special Words What did we do? Used logical reasoning and applied the special words test What did we find? Allan Capone Jr. has charged non-compliant transactions to the company card What can Special Words be used for? Travel & Expense Reports Journal Entries Accounts Payable Tip Consider acronyms, foreign languages or ask local speakers for slang

11 Data Mining Audit Test Stratification What is Stratification? Stratification is the process of dividing the population into subgroups before sampling Why use Stratification? Narrows down large data into subgroups and can provide information by dollar amount, type of transaction or transaction frequency Conclusions or analysis may be easier to apply to population subgroups Good way to begin sampling

12 Data Mining Audit Test Stratification Stratify by Amounts $0 - $20 $20 - $45 $45 - $100 $100 - $1,000 $1,000 - $2,000 $2,000 - $5,000 Stratify by transaction line amounts

13 Data Mining Audit Test Stratification

14 Data Mining Audit Test Stratification Why would a sales representative need to charge amounts over $1,000? Investigate!

15 Data Mining Audit Test Stratification Why do these flights cost so much? First Class/ Business Class flights are not allowed under Corporate Policy Possible multiple changes to flights?/ Last minute flights? Paying for miles?

16 Data Mining Audit Test Stratification Stratification - Cash vs. Card $0 - $10 $10 - $20 $20 - $25 $25 - $50 $50 - $100 $100 - $1,000 $1,000 - $5,000 Now we look at smaller stratus because the last stratus only indicated possible exceptions over $1,000 but we should try and investigate exceptions under $1,000.

17 Data Mining Audit Test Stratification Results Analyze the Results Look for patterns Do the results seem reasonable?

18 Data Mining Audit Test Stratification Comparison 2/18/

19 Data Mining Audit Test Stratification What did we do? We used the stratification to narrow down the transactions into smaller samples What did we find? Exceptions to T&E policy (i.e., Business class seats and suspicious cash transaction) What can stratifications be used for? AR Aging AP Aging Tip Stratifications are the beginning of audit analysis not the end

20 Data Mining Audit Test Policy Compliance What is stratification sub-group analysis? Taking the next step data stratification One can build audit rules surrounding company policy Why analyze stratification sub-groups? Detects non-compliance transactions to corporate policy GREAT practical application of data analysis

21 Data Mining Audit Test Policy Compliance Company T&E Policy - Cash Cash transactions under $25 do not require receipt Cash transactions over $20 but less than $25 AMOUNT > 20.AND. AMOUNT < cash transactions were between $20 & $25

22 Data Mining Audit Test Policy Compliance - $21.38 at heartbeat café is curious activity. -taxi and valet parking in the same report is suspicious - American Airlines baggage fee is $25 and requires a receipt under company policy

23 Data Mining Audit Test Policy Compliance What did we do? Reviewed transactions between $20-$25 What did we find? Fake/non-compliant charges to T&E What can policy compliance test be used for Approval Thresholds Willful bypass Tip This can be used for many company policies. Be creative!

24 Allan Capone Jr.

25 Spreadsheet Risks and Validation Our Excel Journey Only doing the minimum on spreadsheet controls More COSO/SOX demands were on the way Wanted to bring more audit and control value Spreadsheet risks Best Practices Spreadsheet Validation Demonstration

26 Our Excel Journey We still use many spreadsheets Those spreadsheets have risks Select best practices were implemented Needed easy-to-use validation tool Selected the following Excel add-on tools by Incisive: Xcellerator Diff Interactive

27 Common Use of Spreadsheets Income Statement Fluctuation Analysis Accounts Receivable Reserve Analysis Excess & Obsolete Inventory Reserve Vacation Accrual Update Rebates Calculation Outstanding Shares Calculation Stock Repurchase Daily Summary Statement of Cash Flow Calculation

28 Spreadsheet Risks Unauthorized changes to the data by users Hidden worksheets or cells Formula overwritten with text or numbers Formula fails to cover full area Incorrect referencing Calculations are not refreshed

29 Best Practices Inventory and risk rank your spreadsheets based on complexity and potential impact Set security access levels for authorized users Establish version control and restrict changes to formulas Secure key spreadsheets on servers for backup purposes and security Routinely review spreadsheets for key changes

30 Spreadsheet Validation Tools Validation tools by Incisive: Xcellerator: add-in application created for use with Microsoft Excel. This application scans spreadsheets for likely errors and inconsistencies, allowing users to find and fix errors before they become problems. Diff Interactive: spreadsheet comparison software to quickly determine if and/or what spreadsheet changes were made by users.

31 Demonstration Background Assumptions: O&D Corporation is a medical device manufacturing company Business model: Direct Customers or Distributors 2Q2013 vs. 1Q2013 AR Reserve Analysis

32 Demonstration of Xcellerator What will we do? Analyze an AR aging report and calculation of the allowance for doubtful accounts Examples of kinds of tests will we run: # Errors and source Data in formula range Constant in formula (e.g., hardcoded numbers inside a formula) Hidden Worksheets/Cells/References External workbook references

33 Demonstration Part I - Xcellerator

34 Data in Formula Range Test Results Red Flag: Hardcoded numbers instead of formula

35 Constant in Formula Test Results Red Flag: Hardcoded numbers within formula

36 Hidden Cell Test Results Red Flag: Why are these cells hidden?

37 Hidden Worksheet Test Results Red Flag: Why is this worksheet hidden?

38 Demonstration of Diff Interactive What will we do? Compare spreadsheets between 1Q and 2Q AR aging reports and allowance for doubtful accounts What tests and report will we run? Spreadsheet Comparison Cell values Calculated values Formula/formula references Reporting of Testing Results

39 Demonstration Part II Diff Interactive

40 Spreadsheets Comparison: Cell Values Red Flag: Reserve percentages changed from prior quarter

41 Spreadsheets Comparison Cont. Red Flag: What s the nature of these changes?

42 Spreadsheets Comparison: Formula Red Flag: Is it reasonable to change formula/reference?

43 Spreadsheets Comparison Cont. Another example of formula/reference changed

44 Reporting of Results Summarize results by test types Share test results with others

45 Other Spreadsheet Validation Tests What other spreadsheet tests can we run? Xcellerator: Formula fails to cover area Broken formula region Inconsistent formula or complex formula Currency errors Few formula occurrences Number formatted as text Referencing blank cells or white space Diff Interactive: Cell differences (e.g., cell values and formulas) Sheet differences Inserts/deletes Tip: Be skeptical, spreadsheet errors are very common

46 Helping Patients is Our Life s Work, and

Similar documents
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information