Data analytics and visualization in the audit
Editor’s note: This is the third article in a four-part series that is part of a larger initiative the AICPA Auditing Standards Board (ASB) has undertaken to understand and support technology use in the audit.
Data analytics and data visualization are making it possible to harness large datasets and quickly illustrate the patterns within them. Audit data analytics can analyze large datasets from clients to discern trends and anomalies and streamline audit processes to provide greater accuracy and overall audit quality.
For auditors, that means an improved understanding of an entity’s operations and associated risks, including the risk of fraud and increased potential for detecting material misstatements.
Audit data analytics are produced by automated tools and techniques that analyze, model, and visualize data and can be used to perform various audit procedures, including elements of risk assessment, tests of controls, substantive procedures, or concluding procedures. (See the sidebar, “When to Use Data Analytics in the Audit.”)
Data visualization, which is the graphical representation of information and data, is one way to help spot and understand trends, outliers, and patterns in analyzed audit data. Data visualization allows auditors to create dashboards (a series of related graphics or visualizations), which can be used for visual storytelling throughout the audit life cycle — from planning and conducting risk assessments to reporting and communicating data and audit findings to management and governance.
HOW ARE DATA ANALYTICS AND VISUALIZATION USED IN AUDIT?
In a financial statement audit, data analytics can take on significant parts of the auditor’s efforts. That enables audit teams to improve the audit’s effectiveness and efficiency and expands their capabilities through data analytics and data visualization proficiency.
Which tools should be used to meet the objective of an audit procedure is a matter of the auditor’s professional judgment. Tools used to perform audit data analytics can be as simple as spreadsheet software, such as Microsoft Excel for simple calculations, all the way to advanced machine learning and artificial intelligence (AI) models.
Data visualization can take details that might once have been part of a row of statistics and render a clear picture of what these details have to say. Using relatively basic client information such as a trial balance, the engagement team can observe patterns that might not be readily apparent using traditional financial statement analysis techniques.
“The ability to visualize trends and ratios over time, with the information right at your fingertips, that’s pretty valuable,” said Doug DeBoer, CPA, audit and assurance principal at Grimbleby Coleman, a 90-employee firm based in California.
For example, instead of doing a beginning-of-year and end-of-the-year variance analysis to show gross profit has decreased, visualization software makes it possible for an auditor to see the trend in detail over time (month over month) by looking for unforecasted or nonrecurring gross profit performance drivers. The auditor can point out red flags to the client, who can then investigate why gross profit declined during a particular month.
“We have better conversations that lead to better answers,” DeBoer said.
At GWCPA LLP, a 20-employee firm based in Maryland, data visualization dashboards provide auditors with direct correlations between KPIs and risk, said managing partner Samantha Bowling, CPA, CGMA. “The KPI visual makes it easier to identify the time period where an unusual transaction has occurred, and the AI or other control points in the technology help narrow your focus,” Bowling said.
And while generative AI (Gen AI) is in the early stages of use in audits today, Alan Anderson, CPA, CGMA, founder of Minnesota-based ACCOUNTability Plus, foresees auditors taking outliers identified by data analytics at the data or transaction level, determining if they are appropriate or inappropriate, and then moving them into a Gen AI program that would continuously monitor the area where the outlier occurred.
DATA ANALYTICS AND VISUALIZATION: RISK ASSESSMENT EXAMPLE
What does it look like when data analytics and visualization are used in an audit? The following example, featured in the AICPA’s Use of Technology in an Audit of Financial Statements practice aid, illustrates how auditors may use data analytics and visualization techniques when performing risk assessment procedures. For the purposes of the example:
- This is the second year in which “Member CPA Firm” is auditing “Bling Inc.,” a high-growth multistate retailer that uses a cloud-based, off-the-shelf software for maintaining its books and records.
- Revenue was determined to be material during the initial planning and scoping with the occurrence (cut-off ) and accuracy assertions being more susceptible to misstatement.
- Bling Inc.’s business is seasonal and, as a result, revenues are usually higher prior to holidays such as Black Friday and Christmas.
- The customer base does not fluctuate significantly from period to period.
The example illustrates how Member CPA Firm applied a traditional risk assessment approach and then took an approach aided by data analytics and visualization. Per AU-C Section 315, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, auditors perform various procedures to understand an entity’s environment and assess risks of material misstatement at the financial statement and transaction levels. Traditional methods include analytical procedures with little technology assistance, inquiries, and observation and inspection.
In the example, Member CPA Firm found some large special orders that contributed to Bling Inc.’s growth and assessed “the identified relevant assertions relating to revenue close to the upper end of the spectrum of inherent risk.” An assertion about a class of transactions, account balance, or disclosure is relevant when it has an identified risk of material misstatement.
In performing traditional risk assessment procedures, Member CPA Firm made assertions about Bling Inc.’s revenue rather than focusing on specific types of transactions. So, while Member CPA Firm found that Bling Inc.’s revenue had a higher risk of being inaccurately reported, the firm couldn’t pinpoint specific risky transactions.
Member CPA Firm then used data analytics to refine audit procedures based on assessed risks. This approach allowed for the creation of tailored audit procedures based on refined risk assessments — something that’s difficult to achieve using traditional methods. Specifically, the firm requested an interim general ledger that it ran through a data analytics application that scored each transaction’s anomaly level and aggregated scores by transaction class or account balance.
With the technology-enabled risk assessment approach, Member CPA Firm identified that relevant assertions related to revenue were generally considered less risky for all states except for Iowa. (See the chart “Scatter Plot of Average Revenue Risk by Amount Per Region,” below.) In essence, the traditional method assessed revenue broadly without a specific transaction focus, while the technology-enabled approach differentiated risk levels for revenue assertions across different states, allowing for more tailored audit procedures based on those risk assessments.
