1 / 8

Discussant Comments “Information Fusion in Continuous Assurance”

Discussant Comments “Information Fusion in Continuous Assurance”. Kiran Samra, CISA October 2, 2009 – Symposium on Information Integrity & Information Systems Assurance. Disclaimer.

cassidy-cohen
Download Presentation

Discussant Comments “Information Fusion in Continuous Assurance”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Discussant Comments “Information Fusion in Continuous Assurance” Kiran Samra, CISA October 2, 2009 – Symposium on Information Integrity & Information Systems Assurance

  2. Disclaimer The views expressed are those of the presenter and do not necessarily represent the views and opinions of Ernst & Young LLP. This publication contains information in summary form, current as of the date of publication, and is intended for general guidance only. It should not be regarded as comprehensive or a substitute for professional advice. Before taking any particular course of action, contact Ernst & Young or another professional advisor to discuss these matters in the context of your particular circumstances. We accept no responsibility for any loss or damage occasioned by your reliance on information contained in this publication.

  3. Outline • Information Overload is not Inevitable • Practical Application of Continuous Assurance Fusion Unclear • Human Processing vs. Machine Processing • Key Contributions

  4. Information Overload is not Inevitable • There are ways of dealing with too many exceptions. To reduce the number of exceptions: • Define greater flexibility in control analytics to accommodate business processes • Provide greater granularity in control analytics and scope using parameters • Re-align business processes to comply with controls • Handling a large number of exceptions remains a key challenge for continuous auditing systems. Real issue is: Why are there so many exceptions in the first place?

  5. Practical Application of Continuous Assurance Fusion (CAF) Unclear • Purchase-to-Pay process is used to try and put CAF in practical terms but the examples don’t go far enough: • P2P example effectively illustrates the Resources, Events, Agents (REA) ontology • Unclear where Information Fusion fits into CAF in practical terms. • Narrative + Clear End-to-End example would have provided more clarity than set theory • Good leverage of existing research however CAF itself is presented too abstractly to guide an implementation.

  6. Human Processing vs. Machine Processing • Humans perform Information Fusion all the time • There are many exceptions to rules that we wouldn’t want the artificial neural network (ANN) to learn • Organizations have been slow to adopt continuous auditing, CAF would be even more complicated & expensive • Cost of implementing and maintaining CAF might negate any efficiency gains • Simpler solution exists: Minimize the # of exceptions generated

  7. Key Contributions • Provides a novel way of approaching the “information overload” problem of continuous auditing • Shows how far we could go to automate the auditing process • Current technology may not be sufficient to implement this right away but CAF provides a framework for further research and development

  8. Thank YouKiran SamraAdvisory ServicesErnst & Young LLP416-943-2371Kiran.D.Samra@ca.ey.com

More Related