Auditing the Audit Process

It’s Not the Most Wonderful Time of the Year
Ah, audit season! Just the word “audit” alone conjures thoughts of dread. For many, audit season is strongly associated with annual tax filing processes and that familiar date of April 15th. Auditors know however, that audits actually take place at various times throughout the year in a variety of industries including government, education and healthcare. In fact, it was recently announced that the HHS Office for Civil Rights (OCR) had just begun its next phase of audits under The 2016 Phase 2 HIPAA Audit Program.  According to the OCR, “The audits present an opportunity to examine mechanisms for compliance, identify best practices, discover risks and vulnerabilities that may not have come to light through OCR’s ongoing complaint investigations and compliance reviews, and enable us to get out in front of problems before they result in breaches.”

That statement is telling. For those being audited, fear is rooted in what could be found. Ironically, for auditors, the fear is rooted in whether or not they’ll be able to actually find what they are looking for. Unsurprisingly, the sheer volume of data itself is to blame.

Audit Challenges
Auditors – internal or external – are not only challenged by overwhelming amounts of data, they also have difficulty making better, faster decisions because they are unable to get at the most important data. Currently, only 12% of enterprise data is used for information and to make business decisions. In addition, those working with data are dealing with speed and agility issues. They are spending far too much time preparing the data versus analyzing it – up to 80%. All of this takes away from their ability to not only discover what’s happening in a business, but what could happen. For auditors, the issues come down to the following:

  • Silos of Data: Audit data may exist in many different systems/databases
  • Access: Access to the underlying data required for audit may be limited
  • Difficult Formats: Audit data may be trapped in financial reports or PDF invoices that need to be parsed/extracted
  • Data Preparation: Data fields may need to be cleansed (reformatted, split, transported or aggregated)
  • Repeatable Process: Since audits are an ongoing effort, any report/data changes and audit logic should be captured
  • Periodic Audit Automation: Manual audit processes tend to be labor-intensive and error-prone. Automating the audit process helps mitigate these risks

Data Prep/Automation in the Audit Process
Auditors are required to provide continuous assurance that can only come from timely and accurate reporting. To do so, they must be able to extract data from virtually any type of structured, or semi-structured source (Excel, PDFs, text), and then compile it into one integrated data source for analysis and reporting. Self-service data preparation tools such as Datawatch’s Monarch and automation can help with those tasks.

In fact, with audit automation, users benefit as they are able to:

  • Leverage workflows for repeated processing
  • Create logs for process runs to provide an audit trail
  • Allow for interim period processing
  • Receive notification of success or failure
  • Run reports on a server without manual intervention
  • Schedule, run on demand or monitor a folder for a file and process files as they are created
  • Collaborate between users and share processes
  • Output files to an ODBC or OleDB defined resource

In the end, auditors are able to conduct day-to-day tasks with confidence, meet compliance regulations, reduce risks and save time. It makes auditing a less feared process year-round, no matter the industry.

Improve your audit process. Learn how Altair customers have benefited from self-service data preparation to streamline their reporting processes and auditing requirements and ensure compliance.