When the audit community transitioned from physical files to electronic documents, oh so many years ago, it quickly became unwieldy to track audit status and results among the sea of electronic files. As opportunities emerged to gain efficiency and better manage these documents and spreadsheets, a category of software products for auditors called “electronic working papers” emerged.
At the time, electronic working papers were foundationally built to:
- Centrally store the electronic audit working papers
- Allow multiple auditors to work on the same audit files while managing version conflicts
- Allow direct referencing of information back and forth between documents
- Enhance the ability of reviewers to follow the auditor’s work, and provide comments and coaching on that work
- Link commentary and points of reference inside one document to those inside another.
However, the situation only marginally improved, with processes and technology solutions becoming centered on simply using electronic documents.
The “dark data” danger of document-based auditing
The fundamental problem coming to light with an increasingly digital landscape is that key audit information is effectively turned into “dark data,” trapping important insights inside these documents.
“Dark data” is created when auditors—and, more specifically, the auditor’s technology toolset—allow for primary audit documentation to be captured in files that isolate that information from “query-ability” and obscure it from audit logging.
Information gets trapped inside documents and spreadsheets, where it effectively becomes “dark data”: impossible to search, reference, analyze, export, report on or access on mobile devices. These are all key demands of today’s large audit teams—and for data intelligence to support insights and decision making.
In today’s digitized environment, this approach significantly impedes the ability of larger audit organizations to work efficiently, expedite quality assurance processes, maintain durable data integrity, and deliver meaningful audit insights.
It is the position of ACL that “primary” audit documentation, such as audit analysis and discussion, should be captured directly into the audit platform where it can be queried. The ability to query information is what makes reporting, exporting, analyzing, sharing and remotely accessing audit data both possible and seamless. Documents (and especially metadata embedded in documents) cannot be queried, and therefore should only be used exclusively for supporting audit evidence (i.e., evidential files that support the primary audit documentation as necessary) and never for primary audit documentation.
Most importantly, audit organizations should never be dependent on document-embedded metadata for any of:
- The core audit work
- The quality assurance process
- Insights and reporting for stakeholders.
A new era in audit technology…
Legacy audit management software solutions built on electronic working papers were a critical advancement in the evolution of audit processes and execution at the time. But they have stunted the growth of audit value and innovation in the current digital environment due to an unforeseen—but major—blind spot.
We are at the dawn of a new era in audit technology. Internal audit teams are now moving away from inter-linked documents and spreadsheets, to properly structured databases (accessed through intuitive software interfaces) to unlock the value of audit data—and by extension, unlock the value of the audit organization.
Is your audit intelligence trapped in the dark?