Supreme audit institutions (SAIs) recognize the benefits of using technology to improve the quality and impact of their audits. This benefit has further intensified during the COVID-19 pandemic; SAIs with existing technology capacity have continued to perform their role effectively and efficiently. As governments are advancing in utilizing technology, by developing sophisticated systems and exploring innovative tools and solutions including artificial intelligence and data analytics, among others, SAIs must strive to be equally equipped to provide the needed oversight.
The available evidence suggests a wide range in SAIs’ use of information technology–based tools and procedures. At one extreme, SAIs in some developing countries have little or no information technology (IT) facilities or infrastructure. At the other extreme, a small number of SAIs have the resources to invest in the development, implementation, and use of highly sophisticated IT-based audit tools and procedures. The majority of SAIs are somewhere between these two positions and use software packages that are available commercially or under license, such as desktop analytics, electronic document management systems, and specialist audit tools.
SAIs face three challenges in responding to the evolution and growth of the sophisticated IT tools and applications that are available to them for the audit of governments and other public bodies and entities. The first challenge is the need to develop techniques and procedures for the audit of the more sophisticated systems and applications used by auditees. The second challenge is harnessing the opportunities created by IT to conduct audits more efficiently and to develop audit procedures that will enhance SAIs’ effectiveness and that will contribute to more impactful audit outcomes. The third, and arguably most difficult challenge, is to find the resources, experience, and expertise needed to develop, implement, and use audit data analytics and IT-based audit tools and procedures.
To help SAIs address these challenges and enable them to capitalize on the benefits and opportunities created by rapid advances in the technology, this paper suggests initiatives that fall into two broad categories: quick, short-term actions and medium- to long-term actions. SAIs must be the main driver of these initiatives, with help from the International Organization of Supreme Audit Institutions (INTOSAI), regional bodies, donors, and development organizations.
In the short-term, SAIs can:
- Conduct a survey of INTOSAI members to identify the level of maturity of each SAI in the use of audit data analytics and IT-based audit tools. The results of such a survey could be used to support SAIs’ use of IT and to facilitate the exchange of experiences and good practices among SAIs. The survey results would be a valuable source of information for other development partners in designing their support to SAIs at the national or regional level.
- Design a set of diagnostic/case studies that would encompass lessons learned, the potential pitfalls to be avoided, quick fixes to common problems, and the key components of successful longer-term IT strategies for SAIs.
- Organize targeted events and seminars encouraging the use of IT by SAIs to more effectively use audit data analytics and IT-based audit tools and to identify ways to facilitate that process. These include, for example, the use of smartphones and drones for audit purposes; the audit of blockchain transactions; the implications for audit of the Internet of Things; the use of augmented intelligence or artificial intelligence (AI) for audit purposes (for example, to contribute to risk assessments); and the lessons learned from SAIs’ responses to the challenges of COVID-19. There is also scope for sponsoring events that consider how SAIs can use IT to support new or evolving types of audit, such as work focusing on social audit mechanisms.