An Analysis of Using State of the Art Technologies to Implement Real-Time Continuous Assurance

With the integrity of the information in financial reports being questioned and the shift towards more rapid financial reporting, the auditing profession has found that Continuous Assurance is an effective means of facilitating early detection of fraudulent financial reports. However, according to recent surveys, Continuous Assurance has not been widely applied to date. This fact motivates us to investigate if state-of-the-art IT technologies are capable of supporting Continuous Assurance. The contribution of this study is threefold. First, we develop an ISO/IEC 9126-based Continuous Assurance evaluation framework with six technical criteria. Second, based on the proposed framework, we review two (real-time) IT technologies, namely the Embedded Audit Module (EAM) and the Interceptor mechanism, and explore the feasibility of using them to implement real-time Continuous Assurance (CA). Overall, the interceptor approach outperforms the EAM approach, although neither approach satisfies all of the framework´s technical criteria. Third, we find that using the interceptor mechanism in the middleware layer, rather than in other layers, improves the implementation of a real-time auditing interceptor. In light of the proposed evaluation framework, we consider the future development of a middleware interceptor technology that can be used to firmly establish a real-time Continuous Assurance framework.