Group 1

Topic: Computer Assisted Audit Tools and Techniques

Definition:

 CAATTs are a combination of software tools and methods used by auditors to analyze
and evaluate an organization’s data and IT systems.

Functionalities:

 Data extraction and analysis

 Automated testing of control systems

Techniques:

 Statistical analysis

 Sampling methods

 Predictive analytics

Role in Auditing:

 Efficient handling of large volumes of data

 Complex data analysis capabilities

 Conducting thorough and effective audits

 Identifying anomalies, trends, or discrepancies

 Highlighting control weaknesses and potential risk areas

Case Study No. 1

FACTORS THAT INFLUENCE THE USE OF COMPUTER ASSISTED AUDIT TECHNIQUES (CAATS) BY
INTERNAL AUDITORS IN JORDAN Ahmad Al-Hiyari, Aldar University College Nidal Al Said,
Ajman University Ezz Hattab, Aldar University College
https://www.researchgate.net/profile/Ahmad-Al-Hiyari/publication/326711731_The_value_r
elevance_of_purchased_goodwill_in_Malaysian_firms_The_pre-_and_post-IFRS_evidence/
links/5cfbbf0c299bf13a38483863/The-value-relevance-of-purchased-goodwill-in-Malaysian-
firms-The-pre-and-post-IFRS-evidence.pdf

Overview:
This study investigates the factors influencing the use of Computer-Assisted Audit Techniques
(CAATs) by internal auditors in Jordan. It employs the Unified Theory of Acceptance and Use of
Technology (UTAUT) to examine the determinants of internal auditors' intention to adopt
CAATs. The research aims to provide insights that can aid policymakers in designing
interventions to increase CAATs utilization.

Background Information:

 Computer-Assisted Audit Techniques (CAATs): The study acknowledges the potential

of CAATs to enhance the efficiency and effectiveness of internal audits.
 Internal Auditing: The role of internal auditors in ensuring organizational governance,
risk management, and control is highlighted.
 Technological and Digital Advances: The study recognizes the rapid pace of
technological advancements and the increasing expectations of stakeholders.
 UTAUT (Unified Theory of Acceptance and Use of Technology): This theory provides
a framework for understanding the factors that influence individuals' acceptance and use
of technology, such as performance expectancy, effort expectancy, social influence, and
facilitating conditions. 1
 Developing Countries (Jordan): The study specifically focuses on a developing country
context, recognizing potential challenges and unique factors that may influence CAATs
adoption.

The Problem Statement:

The core problem addressed is the unsatisfactory actual use of CAATs by internal auditors,
despite technological advancements and increased stakeholder expectations. Specifically, the
study aims to:

 Identify the factors that influence internal auditors' intention to adopt CAATs in Jordan.
 Address the paucity of evidence on these factors in developing countries.
 Provide insights for policymakers to design interventions that increase CAATs
utilization.
 To discover which UTAUT factors are most influential in the Jordanian market place.

Findings:

 Low CAATs Utilization: The study confirms that the actual use of CAATs by internal
auditors remains unsatisfactory.
 UTAUT Factors:
o Performance Expectancy: This factor was found to significantly influence
CAATs adoption, indicating that internal auditors are more likely to adopt
CAATs if they perceive them as beneficial to their job performance.
o Effort Expectancy: This factor also significantly influences CAATs adoption,
which means that if the auditors find CAATs easy to use, they are more likely to
adopt them.
  Other UTAUT factors: While not specifically stated in the abstract, the study likely also
examined other UTAUT factors (social influence, facilitating conditions), but found them
to be less influential in this context.
 105 Valid Responses: The data was gathered from 105 valid responses from Jordanian
internal auditors.

Likely Recommendations:

 Education and Awareness: Policymakers should educate internal auditors on the

benefits of using CAATs to enhance their job performance.
 Investment in Infrastructure: Dedicate more resources to invest in technical
infrastructure to support the use of CAATs.
 CAATs Training Programs: Improve the skills of internal auditors through increased
CAATs training programs.
 Reward Systems: Develop reward systems that encourage auditors to use CAATs.
 Simplify CAATs: Make CAATs easier to use.
 Policy Creation: Policymakers should create policies that promote the use of CAATs.

Case Study No. 2

Effect of Computer Assisted Audit Tools on Corporate
Sustainability
António Samagaio and Tiago Andrade Diogo
https://www.mdpi.com/2071-1050/14/2/705

This study investigates the practical effects of internal auditors' adoption of Computer-Assisted
Audit Tools and Techniques (CAATs) on corporate sustainability, with a specific focus on fraud
detection in the purchase-to-pay process. It utilizes data from Portuguese internal auditors
collected through a survey and analyzes it using partial least squares–structural equation
modeling (PLS-SEM). The study also explores the moderating effect of organizational
characteristics on the relationship between CAATs adoption and audit outcomes.

Background Information:

 Computer-Assisted Audit Tools and Techniques (CAATs): The study acknowledges

the growing importance of CAATs in modern auditing, recognizing their potential to
enhance audit efficiency and effectiveness.
 Internal Auditing: The role of internal auditors in ensuring organizational governance,
risk management, and control is highlighted.
 Corporate Sustainability: The study links CAATs adoption to corporate sustainability,
implying that effective internal auditing contributes to sustainable business practices.
 Fraud Detection: The research focuses on fraud detection within the purchase-to-pay
process, a critical area for financial integrity.
 Purchase-to-Pay Process: This refers to the end-to-end process of procuring goods and
services, from requisition to payment, which is susceptible to fraud.
  Partial Least Squares–Structural Equation Modeling (PLS-SEM): This statistical
technique is used to analyze complex relationships between variables, making it suitable
for examining the effects of CAATs adoption on audit outcomes.

The Problem Statement:

The core problem addressed is the lack of empirical evidence on the practical effects of
CAATs adoption on audit quality and organizational performance, despite extensive
research on the determinants of CAATs adoption. Specifically, the study aims to:

 Determine the types of CAATs used by internal auditors.

 Assess the effect of CAATs adoption on fraud detection in the purchase-to-pay process.
 Explore the moderating effect of organizational characteristics (type and size) on this
relationship.
 To bridge the gap between theoretical knowledge of CAATs adoption and its practical
impact.

Findings:

 Moderate CAATs Usage: Internal auditors in Portugal use CAATs moderately in their
tasks, indicating room for increased adoption.
 Strong Positive Effect on Fraud Detection: CAATs adoption has a strong and positive
effect on fraud detection in the purchase-to-pay process.
 No Moderating Effect of Organizational Characteristics: The relationship between
CAATs adoption and fraud detection is not significantly influenced by the type and size
of the entity.
 Empirical evidence of value: The study successfully provided empirical evidence of the
value of CAATs.

Recommendations:

 Increased CAATs Adoption: Organizations should encourage and support the increased
adoption of CAATs by internal auditors.
 Focus on Fraud Detection: Prioritize the use of CAATs for fraud detection in critical
business processes, such as the purchase-to-pay process.
 Standardized CAATs Implementation: Develop standardized procedures and
guidelines for the implementation and use of CAATs in internal auditing.
 Investment in CAATs Training: Provide comprehensive training programs for internal
auditors to enhance their skills in using CAATs effectively.
 Promote CAATs for Sustainability: Emphasize the role of CAATs in promoting
corporate sustainability by enhancing internal controls and reducing fraud.
 Further research: The researchers have opened the door for further research into other
business process, and other countries.

Case Study No. 3

Empirical Assessment of Improved Audit Quality Factors Using Computer-Assisted Audit
Tools and Techniques (Caatts)

Akoth

United States International University-Africa

M.W.

United States International University-Africa

https://www.ajol.info/index.php/jolte/article/view/221878

Overview:

This research focuses on the empirical assessment of Computer-Assisted Audit Tools and
Techniques (CAATTs) in Information Systems (IS) auditing within institutions of higher learning,
specifically within a private university in Nairobi, Kenya. It uses the Unified Theory of
Acceptance and Use of Technology (UTAUT) as a framework to understand the factors
influencing the adoption of CAATTs and their impact on IS audit quality. The study centers on
the audit of Active Directory services, a critical component of identity and access management.

Background Information:

 Computer-Assisted Audit Tools and Techniques (CAATTs): The study acknowledges the
potential of CAATTs to enhance the efficiency and effectiveness of IS audits by
automating and computerizing audit procedures.

 Information Systems Auditing: The importance of robust IS audits in ensuring the

security, integrity, and reliability of information systems is highlighted.

 Active Directory: The study focuses on Active Directory, a widely used identity and
access management platform, recognizing its critical role in controlling access to
organizational resources.

 Unified Theory of Acceptance and Use of Technology (UTAUT): This theory provides a
framework for understanding the factors that influence individuals' acceptance and use
of technology, such as performance expectancy, effort expectancy, social influence, and
facilitating conditions.

 Institutions of Higher Learning: The study specifically targets institutions of higher

learning, recognizing their growing reliance on information systems and the need for
effective IS audits.

The Problem Statement:

The core problem addressed is the lack of widespread adoption and effective use of CAATTs in
IS auditing within institutions of higher learning, particularly for critical systems like Active
Directory. This leads to:

 Delayed identification of risks in information systems when using traditional audit

approaches.

 Potential vulnerabilities and security breaches due to inadequate monitoring and

auditing of critical systems.

 A gap between the potential benefits of CAATTs and their actual implementation in
practice.

Findings:

 Limited CAATTs Adoption: The study found that most institutions of higher learning do
not utilize CAATTs for real-time auditing of critical systems like Active Directory.

 Delayed Risk Identification: Traditional audit approaches result in risks being identified
long after they occur, indicating a lack of proactive monitoring.

 UTAUT Factors: The study used SPSS and Structural Equation Modeling (SEM) to analyze
questionnaire data, indicating that it identified which factors from the UTAUT model had
the largest effect on the adoption of CAATTs. Therefore, it is likely that factors such as
performance expectancy, and facilitating conditions, were found to be lacking.

 Active Directory Vulnerabilities: Given the focus on Active Directory, the study likely
uncovered specific vulnerabilities and risks related to its configuration and management.

Likely Recommendations:

 Increased CAATTs Adoption: Institutions of higher learning should prioritize the

adoption and implementation of CAATTs for IS auditing.

 Real-Time Auditing: Implement CAATTs for real-time monitoring and auditing of critical
systems like Active Directory to enable proactive risk identification.

 UTAUT-Based Interventions: Address the factors identified by the UTAUT model that
hinder CAATTs adoption, such as providing adequate training, resources, and support.

 Active Directory Security Enhancements: Implement specific security controls and best
practices for Active Directory management based on the identified vulnerabilities.

 Training and Awareness: Provide comprehensive training and awareness programs for IS
auditors on the use of CAATTs and the importance of proactive IS auditing.
  Investment in Technology: Universities should invest in the proper technology needed
to implement CAATTS.

 Policy Implementation: Universities should create and implement policies that require
the use of CAATTS in IS auditing.

References:

https://www.researchgate.net/publication/
333662534_Factors_that_influence_the_use_of_computer_assisted_audit_techniques_CAATs_
by_internal_auditors_in_Jordan

https://www.mdpi.com/2071-1050/14/2/705

https://www.ajol.info/index.php/jolte/article/view/221878