Panel Discussion on Continuous Auditing

1. Panel Discussion on Continuous Auditing November 3, 2006 Paul Penler, Executive Director Ernst & Young LLP

2. Thoughts Around Continuous Auditing • Challenges • Approaches • Audit Areas and Enabling Technologies

3. Companies, and their stakeholders, are not demanding • Current focus is on eCommerce • Company assistance is critical • Routine changes to IT Systems • Concerned about security & confidentially • Customization required Challenges to Historical Continuous Auditing Model Cost / Benefit Companies • Benefits unclear • No “burning platform” • High cost • Lack of competing products • Industry leaders are not pushing the process • Auditing standards limit opportunities • Less than 50% of audit hours relate to substantive tests • Analytics not persuasive • Industry specific analytics need further development • Benefits to control testing is not clear • No “Silver Bullet” • Data capture unsolved • Infinite variety of client IT systems • Data mapping is time intensive • Volumes of transaction data make deployment difficult Technology Standards

4. Alternative to Historical Model:- Continuous Monitoring by Companies • Clients’ develop/implement Continuous Monitoring Systems • Client’s rely on and test Continuous Monitoring Systems • Auditors evaluate, test and rely on client’s Continuous Monitoring System(s)

5. Audit Areas Risk Identification Fraud Detection JE Data Analysis Subledger Data Analysis Confirmations System Evaluations Assurance Beyond F/Ss Internal Controls/404 XBRL Technologies XBRL Web and Web Services Pattern Recognition ERP Systems Enabling Business Rules Data Capture Automation Possible Audit and Technology Areas