Improvement of CAATTs Methodology- SAI Turkey

Improvement of CAATTs Methodology- SAI Turkey

Turkish Court of Accounts (TCA) is renewing and enhancing the usage of IT technologies on auditing processes. We aim to develop our auditing capability by making audit procedures more manageable and by using resources more efficiently.

With the abovementioned idea on mind, in June 2017 a new audit group is formed with the mission to design a methodology for using computerised audit systems, to improve the implementation of CAATTs into the auditing process and to extend the use of IT on audit.

We decided to enhance usage of CAATTs methodology since they can serve all phases of audit. Being one of the best instruments using technology to support conduction of audits, they help auditors to explore the data thoroughly, make analysis and study distinct data sets. It becomes easier to work with large data sets without adding substantial costs.

Within this scope some of the actions taken to improve CAATTS methodology are as follows;

  1. Development of Analysis Scenarios

A centralised data processing function is designed by which the management will identify risks earlier before the annual audit programming/planning phases and will set the audit strategy. For that purpose, predefined analysis scenarios that will work on the data submitted by the auditees are developed. With these scenarios, the data is being reviewed on a regular basis with respect to the pre-set parameters.

Besides risk-detecting, these scenarios are also useful for detecting fraud evidences and accounting errors, for collecting appropriate evidence and for automatizing iterative and time taking procedures that fall upon the auditor while conducting audits.

These analyses crosscheck and control all data in the data warehouse for both data integrity and compliance. Determining the accuracy of the information which builds up the data by a computerised system and checking compliance with policies brings a comprehensive approach of testing instead of traditional audit sampling methods.

The results provide the auditors with an assurance to some degree about the veracity of the data. If they see it necessary, further investigation is done by auditors.

  1. VERA

To reach the results of these analyses a new data analysis system called VERA is designed. It runs over a newly purchased business intelligence software and compatible IT hardware. Besides collecting results of predefined analysis, auditors are able to run original analysis over VERA and get their results instantly.

It is a centralized and web based system, the data is being kept in data warehouse and the auditors are accessing the data via the system independent of their current location by using VPN as long as they have a secure internet connection. The new system puts no limits to the size or dimension of the data and that brings easiness while collecting, managing or analysing big data.

  1. Collection of Data from Auditees

The data and other information of auditees within the scope of the central government are kept electronically over a system called “Integrated Public Financial Management System”.

Because municipalities are outside this system it was difficult to collect data from them. All municipalities use different software so it was not easy nor secure to take big files of data via mail or other external storage items.

As a result, a system called ‘BVAS’ is developed which enables municipalities to transfer their data over a form based smart client application securely. The system is user friendly and controls the data format before it is uploaded. It is operational since 2017 and by 2018 over 1250 municipalities have successfully started using this system and securely uploading their data to the system.

  1. Risk Assessment System

More than 1400 municipalities are being audited by TCA. Every year their budgets, transaction volumes, assets and liabilities are increasing. We are working on a project of a risk assessment system for the municipalities. With this project, municipalities will be assessed by taking into account their budget size, investments, incomes, transaction volumes, size of their expenses, demographic structure and then they will be graded and grouped by their risk profiles. The results will be used by the management before preparing annual audit plans. Implementation of this system will make it possible to rank the auditees based on their risk levels.

Auditors have adopted the enhancements made and we receive good feedbacks including additional suggestions to be carried into effect soon. With the abovementioned systems and newly developed CAATTs methodologies, we foresee that the efficiency of audit performance will increase and the audit quality will improve.

Leave a Reply