The continuous auditing of business information is getting more attention to the risk monitoring strategies of internal audit departments. Also, continuous auditing is being computerized by using embedded audit modules and a monitoring control layer. Since embedded audit modules is getting more important to corporate governance and compliance efforts and each software requires different aspects, enterprise resource planning requires a special design of embedded audit module to be used with it. This makes continuous auditing application helpful for governance, risk management, and compliance activities across the enterprise such as functions, Sarbanes-Oxley, information technology, social responsibility, and the various departments.
This seems right but unfortunately there are some limitations to it. Embedded audit modules that are designed by outside auditors limit the independency of the ERP when it is implemented which causes some differences in results between both. These results sometimes are very hard to be audited. Another issue is the cost of maintaining it to operate at high level which sometimes becomes a problem instead of solution when the wrong hardware are placed between them.
Also, implementing embedded audit module into an enterprise resource planning rises some practical issues. This happens mostly in organizations that are large and utilizing more than one enterprise resource planning. For example, design and maintenance issues arise when
embedded audit module is used in an organization with multiple enterprise resource planning. That is because the organization will have to consume important resources in order to design, use, and maintain the embedded audit module coding for each enterprise resource planning. Therefore, each embedded audit module code would acquire an individual maintenance.
The Sarbanes-Oxley which “is to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to...
Please join StudyMode to read the full document