Evaluating internal control and alternative compliance testing procedures : a simulation approach

A computer simulation tool was developed to assist an auditor in the planning of compliance testing procedures for transaction cycles or subcycles. The simulation tool was designed to facilitate three specific aspects of an auditor's task:

1. Evaluating the overall reliability of the cycle with respect to specific errors.

2. Establishing acceptable compliance levels for individual controls in the cycle.

3. Appraising the relative efficiency and effectiveness of alternative compliance testing procedures contemplated for the cycle.

Based on auditor specifications for a particular transaction cycle, the simulation constructs a computer model of the cycle's internal control system and allows contemplated alternative compliance testing procedures to be undertaken. The simulation consists of two operational phases. Phase one of the simulation monitors the processing of a specified number of transactions, develops and reports reliability statistics for the various elements of the system. The principal statistics generated for each system element include: the actual error occurrence rate, the final balance reliability, and the probability that an error will be detected and corrected by the system once it has occurred.

Phase two of the simulation allows the transaction processing to be sampled by alternative compliance testing procedures. The compliance testing procedures which may be evaluated include three traditional sampling approaches (fixed sampling, dollar unit sampling, and sequential sampling) and four EDP approaches (auditing around the computer, parallel simulation, integrated test facility, and test data). Phase two of the simulation monitors the transaction sampling activity of each procedure, develops and reports the following three measures of effectiveness for each procedure: the probability of no sampling error, the probability of overauditing, and the probability of underauditing.

The usefulness of the simulation tool was demonstrated by application to a typical, computer-based payroll cycle. The application indicates that the simulation can assist an auditor by providing a basis for screening a set of potential compliance testing procedures. The principal advantages are (1) the simulation tool is interactive and does not require computer expertise to employ and (2) the simulation tool provides an environment for investigating internal control relationships and the efficiency and effectiveness of procedures before audit resources are committed.