In our previous post, we outlined how an Internal Audit department could utilize an analytical approach for their audits, the challenges encountered with starting an analytics program, and how the Cadence Analytical Framework could be leveraged in getting your analytics program off the ground. In this post, we are going to look at an actual case of where Cadence implemented a Payments Analysis.
A new client came to us with concerns on overpaying vendors, unauthorized vendor payments, and the like. After a few scoping discussions with the client, we decided on an approach to utilize several analytic measures and developed a Payment Analysis dashboard.
Together with our client, we utilized the Cadence Analytics Framework to set our analytical approach:
- Risk Assessment – Concern about overpaying vendors, how can we combat or be made aware in real time instead of testing multiple samples??
- Data Availability – This data came from an accounting/ERP system, that data already existed in a database, so we had IT build a stored procedure to push into a separate table within a warehouse.
- Develop Audit Steps & Tests – Leverage CAAT type tests but utilized a stored procedure to get daily updates on payables data, build out tests and show the payables dashboard within our visualization tool.
- Define Alert Mechanism & Response Protocol – Daily analysis of the payables dashboard, if there are results then investigate.
- Evaluate & Present Findings – Analysis of cash exiting the organization, is that systematic on a departmental basis?
From taking the above approach, customizing in the client’s analytics tool, we created the following payments dashboard:
From reviewing the above, albeit scrubbed and minimized, dashboard there are three ways we can analyze potential duplicate payments to vendors. The client’s data is refreshed daily thereby allowing them a full view to payments going out.
I would highly recommend to anyone thinking ‘I’d like to use analytics in my audits, but where should I start?’ Here are a few reasons why; one, the data is likely clean as it’s coming from a packaged software solution it’s unlikely your organization is using a custom-built payment application, and two, keeping excess money from leaving the organization proves to be a great ROI.