1 – Augusto Cezar Romeiro de Andrade

reaufsm

Revista de Administração da UFSM

Rev. Adm. UFSM

1983-4659

Universidade Federal de Santa Maria

mBv7Q7nYvG6Ytdw3qKhLnfQ

S1983-46592023000400204

00204

10.5902/1983465971587

Original Article

The adoption of technological tools in continuous audit projects

A adoção de ferramentas tecnológicas em projetos de auditoria contínua

0000-0002-8847-722X

Andrade

Augusto Cezar Romeiro de

^I 1 – Augusto Cezar Romeiro de Andrade

Institution: University Nove de Julho

São Paulo, São Paulo, Brazil

Master in Project Management from the University Nove de Julho

Definition of research problem Development of hypoteses or research questions (empirical studies) Development of theoritical propositions (theoretical work) Theoritical foundation / literature review Definition of methodological procedures Data collection Statical analysis Analysis and interpretation of data Critical revision of the manuscript Manuscript writing

0000-0002-1431-2860

Penha

Renato

^I 2 – Renato Penha

Institution: University Nove de Julho

São Paulo, São Paulo, Brazil

Ph.D. from the Universidade Nove de Julho. Professor of the Postgraduate Program in

Project Management at University Nove de Julho

0000-0001-6482-8729

Silva

Luciano Ferreira da

^I 3 – Luciano Ferreira da Silva

Institution: University Nove de Julho

São Paulo, São Paulo, Brazil

Ph.D. from the Universidade Nove de Julho. Professor of the Postgraduate Program in

Project Management at University Nove de Julho

Definition of research problem Development of hypoteses or research questions (empirical studies) Definition of methodological procedures Data collection Statical analysis Analysis and interpretation of data Critical revision of the manuscript Manuscript writing

0000-0001-5574-7820

Bizarrias

Flavio Santino

^II 4 – Flavio Santino Bizarrias

Institution: Superior School of Advertising and Marketing

Porto Alegre, Rio Grande do Sul, Brazil

Ph.D. from the Universidade Nove de Julho. Professor of the Postgraduate Program in

Project Management at Universidade Nove de Julho

Definition of research problem Development of hypoteses or research questions (empirical studies) Development of theoritical propositions (theoretical work) Data collection Analysis and interpretation of data

0000-0002-1961-2037

Kniess

Claudia Terezinha

^III 5 – Claudia Terezinha Kniess

Institution: Federal University of São Paulo

São Paulo, São Paulo, Brazil

Ph.D. from the Universidade Federal de Santa Catarina. Adjunct Professor at the Federal

University of São Paulo – Paulista School of Politics, Economics and Business (EPPEN/

UNIFESP). Professor of the Postgraduate Program in Management and Regional

Development at Universidade de Taubaté. Professor and researcher at Universidade

São Judas Tadeu.

^I Universidade Nove de Julho, São Paulo, SP, Brazil Universidade Nove de Julho

SP São Paulo

Brazil ^II Escola Superior de Propaganda e Marketing, Porto Alegre, RS, Brazil Escola Superior de Propaganda e Marketing

RS Porto Alegre

Brazil ^III Universidade Federal São Paulo, São Paulo, SP, Brazil Universidade Federal São Paulo

SP São Paulo

Brazil

E-mail: andradesud@yahoo.com.br E-mail: rp.renatopenha@gmail.com E-mail: lf_silvabr@yahoo.com.br E-mail: flavioxsp@hotmail.com E-mail: kniesscl@gmail.com

The authors have stated that there is no conflict of interest.

Edited by

Jordana Marques Kneipp

05 01 2024

2023

16 4

06 09 2022 18 07 2023 01 12 2023

This is an open access article distributed under the terms of the Creative Commons License

ABSTRACT Purpose:

Present a conceptual model for the adoption of technological tools in continuous audit projects.

Design/methodology/approach:

This research is constituted from the perspective of a qualitative approach with a descriptive nature, divided into two phases. In the first phase, a Systematic Literature Review was conducted focusing on technological tools and Continuous Audit Projects, in the second phase, field research was conducted through in-depth interviews with professionals related to the theme.

Findings:

The results indicated the main benefits and challenges encountered in the adoption of technological tools in Continuous Audit Projects. The results pointed out the nine main factors, among them, the enabling elements for the adoption of technological tools in Continuous Audit Projects.

Research limitations/implications:

The study is limited to identifying the technological tools in Continuous Audit Projects.

Originality/Value:

Despite the existing technological tools, it is still incipient in the literature researched to identify the challenges and barriers faced by organizations to support the projects of Continuous Audit Projects.

Practical implications:

This research offers a conceptual model as a guiding instrument for the adoption of technological tools in Continuous Audit Projects for organizations inserted in an Internal Audit context. The model presents the main enabling elements that ensure the environment necessary for the development of the project to those involved in Continuous Audit Projects.

RESUMO Objetivo:

Apresentar um modelo conceitual para adoção de ferramentas tecnológicas em projetos de auditoria contínua.

Metodologia:

Esta pesquisa está constituída em uma perspectiva de abordagem qualitativa com natureza descritiva, dividida em duas fases. Na primeira fase foi realizada uma Revisão Sistemática de Literatura com foco nas ferramentas tecnológicas e Projetos de Auditoria Contínua e, na segunda fase, foi realizada uma pesquisa de campo por meio da realização de entrevistas de profundidade com profissionais relacionados ao tema.

Limitações/implicações da pesquisa:

O estudo limita-se a identificar as ferramentas tecnológicas em Projetos de Auditoria Contínua.

Resultados:

Os resultados apontaram os principais benefícios e desafios encontrados na adoção de ferramentas tecnológicas em Projetos de Auditoria Contínua. Os resultados apontaram os nove fatores principais, dentre eles, os elementos habilitadores para a adoção de ferramentas tecnológicas em Projetos de Auditoria Contínua.

Originalidade:

Apesar das ferramentas tecnológicas existentes, ainda é incipiente na literatura pesquisada identificar os desafios e as barreiras enfrentados pelas organizações para apoio nos projetos de Projetos de Auditoria Contínua.

Implicações práticas:

Esta pesquisa oferece um modelo conceitual como instrumento norteador para a adoção de ferramentas tecnológicas em Projetos de Auditoria Contínua para as organizações inseridas em um contexto de Auditoria Interna. O modelo apresenta os principais elementos habilitadores que garantem o ambiente necessário para o desenvolvimento do projeto aos envolvidos em Projetos de Auditoria Contínua.

<bold>Keywords</bold>: Continuous audit projects Project management Technological tools Technological Transformation

<bold>Palavras-chave</bold>: Projetos de auditoria contínua Gestão de projetos Ferramentas tecnológicas Transformação tecnológica

1 INTRODUCTION

Faced with an increasingly complex and volatile business environment, companies seek and implement information systems to improve their efficiency and effectiveness (Shin et al., 2013). Advances in rapidly changing Information Technology (IT) have led organizations to increase their systemic transactions, consequently a need for more timely and continuous assurance of their internal controls (Farkas & Hirsch 2016; Cardoni et al. 2020). In this context, Gotthardt et al. (2020) affirm that very soon, it will be decisive to ensure the relevance and influence of the practice with organizations (Han et al., 2023).

Inserted in this corporate context as a control area, the performances of the Internal Audit (IA) area in the corporate business environment have been affected, due to the rapid advances in the IT area occurred in the last decades (Eulerich & Kalinichenko, 2018). Thus, traditional IA projects may not be effective in dealing with the risks of a computerized and systemic corporate environment (Deloitte, 2018; Pwc, 2019). Changing business conditions and an increase in systemic transactions is a reality, which has led IA to a need for more timely and continuous assessment of internal controls and the conduct of its projects (Feung & Thiruchelvam, 2020).

Continuous Auditing (CA) is defined a segment in auditing, with the purpose of identifying and preventing improper behavior and transactions by automated testing (Alles, Kogan, & Vasarhelyi, 2018; Lamboglia et al., 2020). Javier and Duque (2016) present CA as a new paradigm of the IA area. The area of CA is marked by continuous assessments of risk and the control environment of organizations, enabled by technology or technology tools (IIA, 2018). Compared to traditional audit methodologies, CA is considered a new method to increase the efficiency and coverage of audit procedures and testing (Goosen & Van Dyk, 2017; Gao & Vasarhelyi, 2019).

Marked by this environment with greater transactions, information, data and technology, the report on IA professional practice presented by PricewaterhouseCoopers (2019) indicates that the lack of the use of technologies as a support in audit procedures can weaken the area, and consequently, IA projects. The report further highlights that IA areas may become outdated if they do not change their traditional approach. Thus, to stay relevant and fulfill their goal of strengthening and supporting the control environment of entities, Mokhitli and Kyobe (2019) suggest that IA needs to keep up with the digital pace of business through their projects.

As pointed out by Joshi and Marthandan (2020), this trend leads companies in the IA segment to adopt technological and automation tools in their respective projects. Thus, given the existing needs in the realization of IA projects, professionals in this segment have little experience in their implementation (Hassan et al., 2023). This limitation hinders the ability of auditors to validate the requirements of Continuous Audit Projects (CAPs) (Singh & Best, 2015; Weins et al., 2017).

Such limitations are related to the challenges imposed on auditors in using technological tools (Warren et al., 2020). Many companies have stopped adopting technology and CA due to a variety of challenges (Polizzi & Scannella, 2023; Lin, Lin, & Chen, 2021). Among the challenges is the lack of a project framework aimed at providing the proper facilitating and technical conditions to support the adoption of technology systems and tools in CA (Chan, Chiu, & Vasarhelyi, 2018), whether it be technical aspects (Gonzalez, Sharma, & Galletta, 2012), financial (Singh & Best, 2015; Wu, Strauss, & Wang, 2021), training, capacity building, or resources for systemic design adoption (Wong, 2020).

Given the exposed transformation and technological factors, that IA management has pondered on what is the best strategy to adopt the use of technological tools in Continuous Audit Projects (CAP), thus we addressed the following research question: How can the adoption of technological tools contribute to continuous audit projects? The objective of this paper was to present a conceptual model for the adoption of technological tools in CAP. This paper is organized into five sections, including this introduction. Next, a brief literature review on Continuous Auditing, Continuous Auditing Projects, and Technological Tools will be presented. Soon after, the methodological aspects will be addressed. Next, the results and final considerations will be presented.

2 REVIEW OF THE LITERATURE

This section briefly presents the concepts of Continuous Auditing, Continuous Auditing Projects, and their relationship with Technology Tools.

2.1 Continuous Auditing

Continuous Auditing (CA) is considered by many authors as the new paradigm of Internal Auditing (IA) (Kiesow et al., 2016), hence the need to understand its basic concepts, the main guidelines proposed by international organizations, the need, and the importance of this method for modern auditing. Especially in a scenario of organizational environment dominated by information and communication technologies (Folador et al., 2018). Regarding its definition, Kuhn, and Sutton (2010) and Rikhardsson and Dull (2016) define CA as a method of data analysis very close to real time, considering a set of predetermined rules. Thus, CA deals with an audit based on computerized systems, using technological tools for data extraction, mining, and analysis, which assesses the risks and internal controls related to business rules in the processes of an organization, through automated or semi-automated tests (KPMG, 2022).

The research of Feung and Thiruchelvam (2020) confirms that with the evolution provided using technology, CA has gained speed in recent decades since this area is highly dependent on the use of technology. In this scenario, CA demonstrates a new way to identify and verify deviations and anomalies, trends, and risk indicators through automation (Costan & Nastase, 2018). Lamboglia et al. (2020) bibliometric analysis reveals three main topics concerning the use and application of technology in auditing: The adoption of CAPs, the use of software tools in the auditing profession, and the connections between systemic information and audit testing. Focusing on the use of technology generates large efficiency gains in Continuous Audit Projects and is therefore highly recommended.

Thus, the relationship of CA in organizations is with IT system designs, technology tools, data structures, and other digital resources. However, the use of tools is related to IT projects, configured by the capacity of the organization’s technological environment, thus confirming a CA environment with the existence of Continuous Audit Projects.

2.2 Continuous Audit Projects

Continuous Audit Projects (CAP) are part of the progressive shift in auditing practices toward process automation to leverage the technology base of the modern enterprise (Cangemi, 2015). The emphasis on transforming the entire audit system is evident (Vasarhelyi et al., 2012). The development of CAPs requires a fundamental rethinking of all aspects of auditing, from how data is made available, to the types of tests that will be conducted, what alarms will be handled, what types of reports will be issued, and how often they will be run (Kim & Vasarhelyi, 2012; Kogan et al., 2014).

PAC is not only about a process of using technology, but also about changing organizational structure, data, and work practice (Sun et al., 2015). In organizations, CAPs promote structural change, giving an essential role to technological tools, which is an essential factor in this kind of projects (Yeh et al., 2008). As an impact on the processes, the conduct of the projects may possess a process reengineering to adopt automation projects in CA testing (Barr, 2019; Cao et al., 2019).

The use of technology can be considered one of the major factors for CAP efficiency (Baksa & Turoff, 2010). This factor is paramount for the project, which comes to automate analysis and testing procedures and take advantage of the technological tools available (Gonzalez et al., 2012; Javier & Duque, 2016). When it comes to tools, CA applications are being used to automate GRC activities across company functions, departments, and technology-embedded platforms (Kuhn & Sutton, 2010; Chiu, Liu, & Vasarhelyi, 2014; Pascual, 2016). Several emerging auditing technologies, including the use of automation software, CA techniques, integrated module auditing, installations of concurrent auditing tools, can be employed in CAPs (Van & Weigand, 2016; Marques & Santos, 2016; Goosen & van Dyk, 2017).

2.3 Technological tool for Continuous Audit Projects

Continuous Audit Projects (CAP) have as their essence the use of technological tools to achieve their goals. Part of the project takes as a direction the implementation of IT tools, such as Data Analytics, Machine Learning, Robotic Process Automation, and Artificial Intelligence (AI), to support the automation and development of audit test analysis. In addition, it can be extended to the use of software and systemic configurations in the information system. In Deloitte’s annual AI report conducted in 2018, it shows that companies in Brazil state that they intend to adopt some technological tool in the next five years. These technological resources support PACs, organize and optimize the results of projects, there are currently several applications available on the market.

A comparison between the answers of the CBOK 2006 and CBOK 2015 surveys conducted by the IIA shows increases in the use of technological tools in auditing, especially in the use of data mining, which shows a 14% increase between these years. In addition, 53% of respondents said they are involved moderately or extensively in data mining. At the same time, 80% of CEOs say that data mining and analytics is of strategic importance to their organizations, according to the 2015 Global CEO survey conducted by PricewaterhouseCoopers (2015).

Adopting DA in CAP amplifies the performance of audit processes (KPMG, 2022). Adopting tools of this size is ideal due to the ability to work with the large amount of data and frequency of monitoring tests required in projects. It contributes to the adoption of uniform procedures, increased audit independence from the organization’s information systems management, and more consistency of testing procedures.

As the automation theme increases in IA, there is an embryonic field developing by means of intelligent systems based on smart techniques that support continuous monitoring and control (Parati et al., 2008). Intelligent techniques and expert systems can be integrated with traditional auditing procedures for the purpose of analyzing collected data and for recognition patterns (Gotthardt et al., 2020). Regarding volume, research by PwC (2018) estimated that 45% of work activities can be automated and that this will save manpower annually. It is strategically important for companies to start investing in innovation as it is increasingly being adopted and those who have been successful in its implementation will make huge productivity gains in their jobs.

However, theoretical frameworks are not elaborative and sufficient to capture how such deployments can be conducted in CAP. Gotthardt (2020) in his study corroborates that the goal is simple but programming such a system that makes it happen is not simple. Currently, only 5% of companies consider themselves mature in their use of AI and 15% in their uses of RPA (Pwc, 2018). Thus, challenges for such tool adoption arise in CAPs, most auditors who do not have IT experience have great difficulty integrating the computer-aided audit system with their professional audit knowledge (Li et al., 2017).

3 METHODOLOGY

This research is constituted in a qualitative approach perspective with a descriptive nature, divided in two phases: (i) a systematic literature review (SLR) focused on the CAP phenomenon and (ii) field research by means of in-depth interviews with professionals related to this type of project. Adopting an appropriate research strategy in the methodological processes allows us to reach conclusions about a given subject based on evidence (Kitchenham & Charters, 2007).

We chose to start with an RSL to explore and understand two phenomena that are constantly evolving: CAP and the adoption of technological tools. The source of evidence to build the research corpus was the Web of Science (WoS) and Scopus journal bases. The keywords “Contin*” and “Audit*” were applied to cover variations of the terms. The application of filters aimed to obtain a coherent database aligned with the field of study according to the previous definition of the research. Initially, refinement filters in the categories of the bases and types of documents were applied (Article or Book Chapter or Proceedings Paper or Review), followed by filters of categories in the areas of “Management”, “Bussinnes” and “Computer Science”. No filter was applied for the year of publication of the articles.

From the reading of the titles and abstracts in the screening phase, it was identified that of the 182 initially selected, 9 did not address the concept of continuous auditing and were removed. In the eligibility stage of the articles, some inclusion and exclusion criteria were established. After reading the abstracts and introductions of the 173 previously selected articles, the final base was composed of 117 deprecated articles that formed the research corpus. The inclusion and exclusion criteria are shown in Table 1.

Table 1 - Inclusion and Exclusion Criteria

Inclusion Criteria Reason for Inclusion

Articles that conceptualize the constructs studied Allow to address the purposes of the research: to understand the constructs studied according to the works.

Articles that address the relationships between the constructs studied Allow to contemplate alignment of the works: understanding the interdependencies and relations between the constructs.

Published articles Offer greater rigor in the arguments and theoretical contributions studied.

Exclusion Criteria Reason for Deletion

Articles focusing on Quality, Marketing, Health, Finance, or other purposes outside the given constructs. Exclude articles that are not focused on the questions that will offer insights to meet the research objectives.

Articles without relevant theoretical foundation or low relation to the constructs. One of the purposes of the study is to obtain future research perspectives, through existing theoretical knowledge in a framework, for which theoretical assumptions are prerequisites.

Source: Prepared by the authors, 2022

Inclusion Criteria	Reason for Inclusion
Articles that conceptualize the constructs studied	Allow to address the purposes of the research: to understand the constructs studied according to the works.
Articles that address the relationships between the constructs studied	Allow to contemplate alignment of the works: understanding the interdependencies and relations between the constructs.
Published articles	Offer greater rigor in the arguments and theoretical contributions studied.
Exclusion Criteria	Reason for Deletion
Articles focusing on Quality, Marketing, Health, Finance, or other purposes outside the given constructs.	Exclude articles that are not focused on the questions that will offer insights to meet the research objectives.
Articles without relevant theoretical foundation or low relation to the constructs.	One of the purposes of the study is to obtain future research perspectives, through existing theoretical knowledge in a framework, for which theoretical assumptions are prerequisites.

The result of the research was exported, and its data were prepared and analyzed later. The tables and figures were elaborated with the support of spreadsheets in Microsoft Excel format. Below will be presented the procedures for the field research.

The field research aimed to understand what challenges arise with the adoption of CAPs and the adoption of technological tools in CAPs, by conducting semi-structured in-depth interviews with managers in IA and IT with knowledge in technological tools, to explore their knowledge and aiming to balance the experiences of the interviewees in each construct of this research, thus seeking greater proximity with the observed phenomenon (Creswell, 2010).

Qualitative research is of fundamental importance in understanding the actions of the interviewees, as they allow us to understand how they see the reality around them (Silva et al., 2010). According to Table 2, to achieve the objectives, interviews were conducted with two profiles of people related to this research, internal audit professionals and IT professionals, who have expertise in projects to adopt technological tools.

Table 2 - Objetivos da Entrevista de Campo

Grupo Entrevistado Interviewed Group Specific Objective of the interviews

Professional Internal Audit Managers Explore knowledge by looking at respondents’ experiences in each construct of this research (Creswell, 2017). Identify the adoption of PAC, the technological tools adopted, and challenges faced throughout the project. Understand the factors required in this type of project.

Profissionais Gestores de TI
Determine the particularities of technological tools in relation to the use in PCAs.

Point out the complexities for adoption, as well as point out the main benefits of using each of them for CA.

Source: Prepared by the authors, 2022

Grupo Entrevistado	Interviewed Group	Specific Objective of the interviews
Professional Internal Audit Managers	Explore knowledge by looking at respondents’ experiences in each construct of this research (Creswell, 2017).	Identify the adoption of PAC, the technological tools adopted, and challenges faced throughout the project. Understand the factors required in this type of project.
Profissionais Gestores de TI	Determine the particularities of technological tools in relation to the use in PCAs. Point out the complexities for adoption, as well as point out the main benefits of using each of them for CA.

The interviews were transcribed and analyzed and interpreted with the support of the Atlas.TI software. Thus, the categorization of the data that expose the different views related to each factor of the research was carried out and analyzed (Thiollent, 2009). The analysis process employed the classification through the attribution of a code, in this case from the RSL, under the perspective “Theory Driven” that allows the comparison between other codes and frequency in the statements of the interviewees. In this sense, it is worth mentioning that in the process of analyzing the statements of the interviewees, categories of analysis emerged from the perspective “Data Driven”: guided by data. Thus, the data were interpreted in a coding process following the guidelines of Charmaz (2006). The results contribute to, from the technological tools identified and the challenges in their implementation, present a conceptual model for the adoption of technological tools in the PAC.

4 DATA PRESENTATION AND ANALYSIS

This chapter will present the results obtained after the RSL analysis process and the analysis of the field research result data.

4.1 Results of the systematic literature review

Table 3 - Main Technological Tools and Resources in CA

Technological Tools Description Authors

Analytics These are systems for data extraction, mining, and analysis. DA tools are configured with data modeling and analysis techniques based on statistics, mining, and research, through analytical procedures, applied in various business operations. It serves as a resource for accessing data from the systems of the audited processes in an independent manner and allows patterns and correlations to be identified through the data. These tools optimize the analysis process and increase the scope of validations, allowing their capabilities to generate patterns that identify anomalies or deviations. These factors are at the heart of automating audit testing and are fundamental to CA. Russom (2011); Jan et al., (2013); Vasarhelyi et al., (2012); Rezaee et al. (2017) Feung & Thiruchelvam (2020); Joshi & Marthandan (2020)

RPA - Robotics Process Automation RPA is a technology that automates standardized system-based, rules-based activities using scripts and Artificial Intelligence (AI). Process-oriented, it automates repetitive tasks based on parameterized rules. However, it can develop to be data driven. Once you develop analysis or verification routines using analytics systems or scripts, with a repetitive nature, you can configure an RPA system, or as it is called Robotics, to perform such a task. This means that the RPA will execute in a programmed way the extraction or execution routine of the scripts or designed analyses, generating results, and presenting them in a depository or dashboard with pre-defined indicators. This automation step is found in advanced levels of CA projects. Parati et al. (2008); Jans et al. (2013); Gotthardt et al. (2020)

AI - Artificial Intelligence A solution that brings together various intelligent technologies and techniques such as data mining, artificial neural networks, fuzzy logic, and expert systems that can be integrated with traditional procedures and statistical methods to analyze sensor-collected data, recognize patterns, filter, and correlate events to support security and deflection prevention. These techniques enhance systemic detection and prevention capabilities to correlate events generated by a diverse set of modern tools used for network management and monitoring. This technology in IA can be an ally to the use of RPA due to its threat detection and prevention mechanisms where two factors form the critical points; one is the intelligent inspection of analysis parameters for complete inspection of data stream transactions. And the second is the first intelligent reaction against atypical activities and process anomalies that operates with blocking or constraining actions, which if not practiced immediately may be too late. Also considered in advanced stages of CA projects, based on predictive and reactive reaction to risk events. Parati et al. (2008); Gotthardt et al. (2020)

ML - Machine Learning Systems based on automatic criteria, develop rules to explain the historical data they collect. The rules can be configured as overlapping in specificity, due to incomplete information in the history. ML is a sub-field of Artificial Intelligence in which algorithms automatically adjust their models while handling data. ML systems are trained by absorbing learning from data and decisions and can make simple decisions and classifications. ML refers to computer algorithms that analyze data to learn how to perform tasks. Internal applications in CA projects could improve risk management, with fraud detection and compliance with violations of regulatory requirements. These results can be used as charts or warning indicators, basically automatic results that drive decisions, another factor sought in CA projects. Parati et al. (2008); Kogan et al. (2014); Yu et al. (2019)

Source: Prepared by the authors - Survey Data, 2022

Technological Tools	Description	Authors
Analytics	These are systems for data extraction, mining, and analysis. DA tools are configured with data modeling and analysis techniques based on statistics, mining, and research, through analytical procedures, applied in various business operations. It serves as a resource for accessing data from the systems of the audited processes in an independent manner and allows patterns and correlations to be identified through the data. These tools optimize the analysis process and increase the scope of validations, allowing their capabilities to generate patterns that identify anomalies or deviations. These factors are at the heart of automating audit testing and are fundamental to CA.	Russom (2011); Jan et al., (2013); Vasarhelyi et al., (2012); Rezaee et al. (2017) Feung & Thiruchelvam (2020); Joshi & Marthandan (2020)
RPA - Robotics Process Automation	RPA is a technology that automates standardized system-based, rules-based activities using scripts and Artificial Intelligence (AI). Process-oriented, it automates repetitive tasks based on parameterized rules. However, it can develop to be data driven. Once you develop analysis or verification routines using analytics systems or scripts, with a repetitive nature, you can configure an RPA system, or as it is called Robotics, to perform such a task. This means that the RPA will execute in a programmed way the extraction or execution routine of the scripts or designed analyses, generating results, and presenting them in a depository or dashboard with pre-defined indicators. This automation step is found in advanced levels of CA projects.	Parati et al. (2008); Jans et al. (2013); Gotthardt et al. (2020)
AI - Artificial Intelligence	A solution that brings together various intelligent technologies and techniques such as data mining, artificial neural networks, fuzzy logic, and expert systems that can be integrated with traditional procedures and statistical methods to analyze sensor-collected data, recognize patterns, filter, and correlate events to support security and deflection prevention. These techniques enhance systemic detection and prevention capabilities to correlate events generated by a diverse set of modern tools used for network management and monitoring. This technology in IA can be an ally to the use of RPA due to its threat detection and prevention mechanisms where two factors form the critical points; one is the intelligent inspection of analysis parameters for complete inspection of data stream transactions. And the second is the first intelligent reaction against atypical activities and process anomalies that operates with blocking or constraining actions, which if not practiced immediately may be too late. Also considered in advanced stages of CA projects, based on predictive and reactive reaction to risk events.	Parati et al. (2008); Gotthardt et al. (2020)
ML - Machine Learning	Systems based on automatic criteria, develop rules to explain the historical data they collect. The rules can be configured as overlapping in specificity, due to incomplete information in the history. ML is a sub-field of Artificial Intelligence in which algorithms automatically adjust their models while handling data. ML systems are trained by absorbing learning from data and decisions and can make simple decisions and classifications. ML refers to computer algorithms that analyze data to learn how to perform tasks. Internal applications in CA projects could improve risk management, with fraud detection and compliance with violations of regulatory requirements. These results can be used as charts or warning indicators, basically automatic results that drive decisions, another factor sought in CA projects.	Parati et al. (2008); Kogan et al. (2014); Yu et al. (2019)

The results presented allowed establishing a line of research that started from studies focused on the emerging CAP approach, its implementation and evolution, to focus on the process of technological transformation and innovation in IA and the development of the traditional approach to the continuous method. Thus, the evolution of the discussion indicates that the transformation of traditional auditing is evident and irreversible (Lois et al., 2020 and Lins et al., 2018).The RSL results demonstrate that there is a strong relationship of CAPs with technological tools. Each CA adoption project focuses on tests that use the data obtained by technology tools, either for automation or development (Gotthardt et al., 2020 and Feung & Thiruchelvam, 2020). Based on the research corpus, we present in Table 3 the main tools identified in CA projects.

CAPs have at their core the use of technological tools to achieve their goals. Part of the project focuses on implementations of IT tools, such as Analytics, RPA, AI and ML, both for process automation and development of the analyses of the CA tests (Gotthardt et al., 2020). According to Russom (2011), Analytics is configured with data modeling and analysis techniques based on statistics, mining, and research, used for analytical procedures, applied in various business operations. The use of Analytics is directly aimed at improving analytical performance and can be demonstrated through indicators related to predetermined rules.

The evolution in technology proposes other emerging tools, Parati et al. (2008) and Gotthardt et al. (2020) demonstrate that as the automation theme increases in IA, other intelligent systems can be adopted. Parati et al. (2008) and Gotthardt et al. (2020) address in their works the intelligent techniques such as data mining, artificial neural networks, fuzzy logic, and expert systems that can be integrated with traditional procedures and statistical methods to analyze the data collected by sensors, recognize recognition patterns, filter and correlate events to support security, risk management, and deviation prevention.

The process of technological transformation, process automation, the use of information systems and data analytics tools, as well as the search for digital innovation are factors that challenge IA management. Such processes require planning, preparation, and changes, both in structure and mindset, and according to what was exposed in the analyzed works there are challenges to be overcome. Resulting from this conclusion, that we structured field research to understand what the main challenges and difficulties are encountered by managers in IA to implement technological tools in CAPs.

4.2 Field research results

As a result of the field research, we identified and understood the main barriers and challenges in the adoption of technology tools in CAP, as well as their benefits, especially regarding the adoption of technology tools. Likewise, the interviews allowed us to identify and describe the factors that one should consider once adopting projects of this nature or implementing the technological tools for this purpose. Thus, based on the results and information from the mapped experiences of the interviewees, we identified the main factors that should be considered when adopting technological tools in CAPs. Finally, and based on the observed results, elaborate a conceptual model to apply in adoption of technological tools in CAPs.

4.2.1 Data collection procedures

In the data collection phase interviews were conducted with two groups of professionals, the first being managers in the IA area (Directors, Managers, Coordinators and Specialists) and the second being IT professionals (Managers, Coordinators and Specialists) with knowledge in the technological tools related to this research. The purpose is to obtain the two optics, both from the IT developer and the audit expert, to describe what are the benefits of these tools in CAPs, recognize the main challenges encountered in the adoption of these technological tools, and identify the main factors that should be considered when implementing technological tools in CAPs.

In the data collection stage, criteria for the definition of the interviewed group were previously established, as shown in Table 4. In this research, the criteria of experience in working with technological tools and CAP were considered. Therefore, we chose professionals who work in the management of the audit and IT areas, and who have professional experience with technological tool implementation projects.

The interviews were recorded, transcribed, and spreadsheeted, so that they could be coded. In-depth interviews focus on extracting from the interviewees their lived experiences, facts that occurred while participating in projects, opinions, and points of view (Turner, 2010). To analyze the qualitative data from the interviews we used the Atlas.TI software, suggested by Chamaz (2006), which uses a process to analyze the extracted codings and form categories. Thus, for this research, it was performed the categorization of data that highlight distinct and related views to each research theme (Thiollent, 2009).

Table 4 - Description of the interviews

# Interviewed Job Title Experience time (years) Area of Expertise Duration

1 E1 IA Manager 20 AI 31’

2 E2 IA Manager 12 AI 26’

3 E3 IA Manager 16 AI 48’

4 E4 CI and IA Coordinator 14 AI 32’

5 E5 IA Manager 23 AI 43’

6 E6 IA Superintendent 36 AI 59’

7 E7 IA Manager 16 AI 25’

8 E8 IT Manager 16 TI 44’

9 E9 IT Coordinator 17 TI 32’

10 E10 IT Manager 20 TI 47’

11 E11 IT Manager 20 TI 25’

12 E12 Data Analytics Coordinator 11 TI 26’

13 E13 IT Manager 24 TI 21’

14 E14 IT Coordinator 10 TI 21’

Total 08:00

Fonte: Elaborado pelos autores - Dados da Pesquisa, 2022

#	Interviewed	Job Title	Experience time (years)	Area of Expertise	Duration
1	E1	IA Manager	20	AI	31’
2	E2	IA Manager	12	AI	26’
3	E3	IA Manager	16	AI	48’
4	E4	CI and IA Coordinator	14	AI	32’
5	E5	IA Manager	23	AI	43’
6	E6	IA Superintendent	36	AI	59’
7	E7	IA Manager	16	AI	25’
8	E8	IT Manager	16	TI	44’
9	E9	IT Coordinator	17	TI	32’
10	E10	IT Manager	20	TI	47’
11	E11	IT Manager	20	TI	25’
12	E12	Data Analytics Coordinator	11	TI	26’
13	E13	IT Manager	24	TI	21’
14	E14	IT Coordinator	10	TI	21’
			Total		08:00

As part of the process of using the Atlas.TI software, it was possible to establish the relationship of codes and the understanding of a coefficient to build a concurrence in the applied context (Friese, 2019). This process is known as the Grounded Theory method, which follows through coding for the purpose of meaning from a corpus of analysis.

4.2.2 Analysis of Results and Discussion

This section presents the results obtained from the interviews conducted with professional managers in the IA area and in the IT area, both with knowledge in technological tools. To this end, based on the data collected from the interviews, analyses were performed in the Atlas.TI software on each co-occurrence code found, and later discussed and presented based on the benefits, challenges, and factors necessary for the adoption of technological tools in CAP.

Technology Tools and Data Analytics

During the interviews, it was evident that the use of technological tools is relevant for PACs, mainly for the purpose of accessing and analyzing transactional data from operations. Such exposure is considered in the speech of E2, E3 and E4:

“(...) The first tools adopted in PAC are of data analysis, such as Data Analytics, which allows integration with the database, data extraction and automation. Nowadays the search is to automate and speed up the process, this issue of tools that link the process control base and the organizational systemic structures is very important to have the tool to access the data” (E2). “We adopted the ACL tool, which is a Data Analytics, linked to another tool called Direct link which is a connector of the DA with the information from our SAP, but the rest of the analysis is done all via analysis scripts within ACL” (E3). “The DA tools such as ACL came as a first solution some time ago, ACL appeared about 15 years ago, and is a tool for data extraction and processing, it came to assist in the analysis of large volumes of data, to work with tables with more than 35,000 lines, and finally solved the Excel limitation. In this type of tool, what you program and execute brings the results” (E4).

With the interviewees’ speech it was possible to confirm the aspects pointed out in the literature by authors such as Rezaee et al. (2017) and Feung and Thiruchelvam (2020), that the current increasingly complex and volatile IT-based scenario drives companies to adopt information systems and technological tools to improve their efficiency and effectiveness. In addition, the relationship can enable tools for audit testing, a key factor for advanced PACs. As addressed by Rezaee et al. (2001) and Kiesow et al. (2014), data review facility techniques and tools are likely to become more relevant in CAPs.

Business Process and Requirements Definition

To achieve the expected results with PAC, in the planning phase it is necessary to understand the business processes and rules. This phase is primary to think about the adoption of tools and solutions in their respective projects. One of the challenges pointed out in the CAP by the interviewees is that they talk about the adoption of tools and not the need and objective of the project. For this it is necessary to have people on the project team who know the process and have mapped the systems involved. Knowing the rules behind the business is also relevant to the development of a CAP. In the view of the IT Managers, the knowledge of the business processes is fundamental, as highlighted in the speech of E1, E2, and E12: “We need to have the business area involved, to have people from IT and from auditing to prepare the continuous audit. You need to know the business technology, you need a person from the business area, you need to be clear about the business process in general” (E1). “First, to build a script you need people available to understand the business process, to understand where the information is, what the business rules are, so all this needs people available, we can’t do this project alone, we need the areas mainly to understand the business process” (E2). “We need to have three major factors. First: we need to have good people inside the project, who understand very well the whole process and that involves all this part of the continuous audit project, these people will serve as a parameter to do the modeling and the architecture of the tool, what is the best way to put the information inside a structure” (E12).

When looking at the literature, the topic of requirements definition and process understanding is not explored, however, it can be seen from the research interview that they are relevant and essential factors in every CAP project, highlighted in the statement of E1: “To be able to meet a business project, the first step is actually a survey of requirements, before talking about a tool, you have to talk about the business rule and the project need. It is necessary to know the processes before starting to adopt tools, and in this context the business rules can be identified. By having this clarity of concepts, one can define the objective and the requirements for the development of CA tests.

Data Extraction, Data Availability and Quality

The results show that it is necessary to identify the source of data and which information will be used in CAPs, as can be seen in the words of E5: “When we are going to do a continuous audit, we have to have a notion of the possibility of extracting the information from that process in order to have an assessment, and it can be any kind of assessment, but one that includes the entire population. This phase of identifying the origins of the data, the analysis of the data exposure needs to be part of the project planning, since each organization can consider and adopt different means of treating the data.

The interviewees’ statements demonstrate how data is indispensable in CAPs, corroborating Kuhn and Sutton (2010) research. The authors’ research emphasizes that CA is a method of data analysis and knowing the sources of this data is necessary to achieve project accomplishment. Complementary, the proper use of data is relevant and confirms the need for the adoption of extraction and DA tools. Correlating with Code 1 Joshi & Marthandan (2020) point out that understanding the data and adopting DA tools is the first step of CAPs. Accessing the data independently and holistically brings benefits and optimizes audit testing.

Process Automation and Tools Benefits

Part of the literature in this research on CAP has focused on the automation of audit testing, with the aim of increasing its scope and project results. The focus is on gaining agility and performance in the execution of CAPs, broadening the analysis and the universe of data. This scenario was highlighted in the statements of interviewees E7, E6, and E2. “The advantages of the tools is to bring automation; when you are inside the ecosystem of information and data, you can bring several connections and even insert other tools. Building a custom automated test flow allows you to take more time with exception analysis” (E7). “Through technological tools you can leave the audit tests automated, everything is documented and traceable, besides keeping the original base integral, analyzing 100% of the records in less time” (E6). “Automation is the focus, the goal of having automated tests is to speed up the process. The question of adopting tools that connect the process control base, the organizational structures and the data is very important, I see that if you have the data the automation will be to connect the system structure and determine the analyses” (E2).

The speeches presented reinforce the assumptions of the research of Parati et al. (2008). The authors state that CAPs are undertakings to generate automation in the analysis processes. When making a parallel with the importance of process automation codes and IT competencies, using data with quality, Feung and Thiruchelvam (2020) determine that it becomes a strategic differential for the IA area to be able to automate data extractions and perform continuous audits independently.

IT Skills and Training and Capacity Building

The studies by Singh and Best (2015) and Appelbaum (2016) point out that audit areas of varied companies in the market have stopped adopting technological tools in PCA, motivated by a variety of barriers such as lack of fundamental IT skills. The statements can be verified in the words of interviewee E3: “First thing to consider when you are going to design and set up an analysis script, is to have the available skills of people to develop; we need people who understand where the information is, who understand the system that contains the data, basically IT knowledge. We cannot do these projects alone we need the areas mainly IT to understand and execute PAC” (E3).

Thus, to develop a PAC and overcome the challenge of not having the necessary knowledge for the project, the project team, besides having people who know the process, the business rules and auditing, needs people who know technology, systems, and technological tools. Interviewee E12 states: “We need to have three major factors necessary for CAP. We need to have people inside the project, who understand IT to serve as a parameter to do the modeling, the architecture of the tool to be used, determine the best way to put the information inside the tool and design the analysis scripts” (E12).

When analyzing the interviews, it is possible to notice that there is an emphasis on the IT competencies factor in relation to projects. Except for interviewee E8 who emphasized information systems, all the others pointed out IT skills as a critical and indispensable factor for CAP. Although they agree on the need, not all interviewees addressed the issue of training and capacity building. On the other hand, all the interviewees agree on the need for team members who have the necessary skills for the development, that people who are familiar with the technology to be adopted as a tool, as well as those who know the established information systems, should be involved in the project. E12 points out that he needs IT competencies in the team to overcome the challenges:

First it is necessary to identify who are the key people in IT and audit, at least two people from each area; second: establish a strategy to work together for the best solution, it is not easy, it is a challenge (...), you have to work together, the improvement has to be of the process, you have to have visibility of the data, of the people, being able to avoid future incidents, a drop in production of the audit. Third: the IT team itself, which has to be more than reactive, help to be more predictive, making the data available so that it can be there and serve as analysis for the audit.

Governance and Tool Cost

In the literature, Governance and Cost are little explored, there is no direct approach on these topics in CAP studies, nor an application guideline. Considering the interview data, E8 mentions that it is important to consider the cost factor in the pre-project related to a CAP, E11 portrays that the budget approval is important and should consider the cost calculation related to the tools: “A market analysis is important to understand what we can implement according to what is needed. Go to the market to understand what exists and what will meet the need, considering the cost for the project. See all the tools that are most used and that are closest to meet our needs and evaluate the cost and benefit” (E11). “Three points should be thought about, first for the adoption itself, raising the money to buy the solution; you have to look at the market and see what they have available and the cost of the tool. Then, then you need to consider the maintenance and support of that technology. It is quite important when you are going to implement tools, you need to think about the total life cycle of that solution.

Table 5 - Factors to consider in Continuous Auditing Projects

# Factors What to consider

1 Technological Transformation Adopt more systemic and comprehensive approach. Developments to automate audit review procedures. Define tools that link the process control foundation to organizational structures and systems data.

2 Project Governance Establish project governance to play the role of facilitating agent in front of the project, to capture resources and remove project barriers.

3 Requirements Definition (Goal) Define in advance the requirements and what is expected from the project. Prepare a needs matrix and project objectives.

4 IT Competencies Have people on the project team who are knowledgeable about technology, systems, and technological tools. Count on people who know the process and have mapped the systems involved.

5 Understanding the Business Process Map the processes that will be evaluated. Know the rules behind the business to develop the project. Understand and identify the existing controls, project the possible deviations and the way to validate the compliance with each established rule.

6 Information Systems Knowledge Determine the IT systems and enable the connection with CA techniques. Map the organization’s information systems and their data flow.

7 Data Availability and Extraction Evaluate data availability by considering whether the input data required for CAP implementation can be obtained from the current system or whether additional system development is required.

8 Technological tools Identify which tools are suitable for the project, considering the maturity level of technology use in the organization in line with the defined project requirements.

9 Data Analytics Adopt tool for data extraction, mining, and analysis. DA tools set up the data base independently.

Source: Prepared by the authors - Survey Data, 2022

#	Factors	What to consider
1	Technological Transformation	Adopt more systemic and comprehensive approach. Developments to automate audit review procedures. Define tools that link the process control foundation to organizational structures and systems data.
2	Project Governance	Establish project governance to play the role of facilitating agent in front of the project, to capture resources and remove project barriers.
3	Requirements Definition (Goal)	Define in advance the requirements and what is expected from the project. Prepare a needs matrix and project objectives.
4	IT Competencies	Have people on the project team who are knowledgeable about technology, systems, and technological tools. Count on people who know the process and have mapped the systems involved.
5	Understanding the Business Process	Map the processes that will be evaluated. Know the rules behind the business to develop the project. Understand and identify the existing controls, project the possible deviations and the way to validate the compliance with each established rule.
6	Information Systems Knowledge	Determine the IT systems and enable the connection with CA techniques. Map the organization’s information systems and their data flow.
7	Data Availability and Extraction	Evaluate data availability by considering whether the input data required for CAP implementation can be obtained from the current system or whether additional system development is required.
8	Technological tools	Identify which tools are suitable for the project, considering the maturity level of technology use in the organization in line with the defined project requirements.
9	Data Analytics	Adopt tool for data extraction, mining, and analysis. DA tools set up the data base independently.

The results allowed us to evaluate the main relationships of the constructs and codes generated, as well as their degree of relationship within the codifications identified in the field research. It was possible to elaborate the stages and flow, considering the initial codes that guide the main factors to consider that contribute to solving the objectives of this research. The mentioned analysis allowed the identification of a set of factors that should be considered in CAPs, both in the adoption of technological tools and for project management. The results additionally allow us to understand the main challenges in the adoption of tools and their resolutions in CAPs, as experienced in practice by the related professionals in this type of project. The factors presented in Table 5 are considered enabling factors for the execution of a CAP. These conditions include aspects of the organizational, technological, technical, and financial environment that are designed to remove challenges from the project.

When facing Table 5, it is noticed that CAPs do not reach the expected levels or present tool adoption in CAP in practice, are directly linked to the factors identified in this research implications throughout the project, it is usually because such projects have failed to contemplate the relevant factors for tool adoption, data, or competence. The contribution of this research is related to the project factors identified and their respective relevance to the effectiveness of CAPs, and which should be defined before proceeding with the adoption of technological tools.

Moreover, because of the literature review and the field research, it was possible to identify the main challenges that arise throughout CAPs in relation to the adoption of technological tools. Through the empirical knowledge of the interviewees, this research allowed us to identify the factors that should be considered as facilitators and the main challenges in the adoption of technological tools in CAPs. Thus, we highlight how the identified factors respond to the main challenges that may arise in CAP, presented in Table 6.

Table 6 - Main challenges faced in Continuous Auditing Projects

# Challenges Description Authors Factors to Consider

1 Complexity of technology use There is a limitation in the projects when auditors are faced with IT issues. Especially in the configuration and adoption of tools it is perceived the lack of skill with the theme. Pwc (2019); Joshi & Marthandan (2020). IT Competence

2 Core IT skills The fundamental skills required of auditors usually revolve around accounting, economics, and auditing. There is a shortage of IT and IT project skills. Li, Huang, & Lin (2007); Mokhitli & Kyobe (2019). IT CompetencyeBusiness Process Understanding

3 Clear definition of requirements and objectives Lack of clarity of project objective and development requirements. Absence of pre-established definitions for CA adoption. Little explored themes in the literature of this research. Requirements Definition (Goal)

4 Investments for developments or acquisition of tools Adopting tools can be costly for some organizations. Geographically dispersed entities may have increased adoption costs due to the need to expand resources. Farkas & Murthy, 2014; Baksa & Turoff (2010). Project Governance

5 Lack of standardization of systems and data Use of legacy systems, lack of system integration, limited infrastructure, and varied data formats are barriers that directly impact the project. Constan & Nastase, 2018; Cardoni et al., 2020; Feung & Thiruchelvam (2020). Data Extraction and Availability

6 Structure and maintain a collaborative environment and scenario (Process and IT) Lack of participation, interaction, or resource allocation of professionals from other business and IT managers can make the project unfeasible. CBOK, 2015 Project Governance

7 Maintenance of tool settings and conditions Ensure that the technological tools of the CA project are working to their full potential and are well configured. Changing parameters and conditions of the systems. Gotthardt, Koivulaakso, Paksoy, Saramo, Martikainen, & Lehner (2020); Feung & Thiruchelvam (2020) Technological TransformationTechnology Tools

8 Lack of Project Governance Define the proper structure for the project, establish the project governance agents to manage and obtain the necessary resources for the project. Temas pouco explorados na literatura desta pesquisa. Project Governance

Source: Prepared by the authors - Survey Data, 2022

#	Challenges	Description	Authors	Factors to Consider
1	Complexity of technology use	There is a limitation in the projects when auditors are faced with IT issues. Especially in the configuration and adoption of tools it is perceived the lack of skill with the theme.	Pwc (2019); Joshi & Marthandan (2020).	IT Competence
2	Core IT skills	The fundamental skills required of auditors usually revolve around accounting, economics, and auditing. There is a shortage of IT and IT project skills.	Li, Huang, & Lin (2007); Mokhitli & Kyobe (2019).	IT CompetencyeBusiness Process Understanding
3	Clear definition of requirements and objectives	Lack of clarity of project objective and development requirements. Absence of pre-established definitions for CA adoption.	Little explored themes in the literature of this research.	Requirements Definition (Goal)
4	Investments for developments or acquisition of tools	Adopting tools can be costly for some organizations. Geographically dispersed entities may have increased adoption costs due to the need to expand resources.	Farkas & Murthy, 2014; Baksa & Turoff (2010).	Project Governance
5	Lack of standardization of systems and data	Use of legacy systems, lack of system integration, limited infrastructure, and varied data formats are barriers that directly impact the project.	Constan & Nastase, 2018; Cardoni et al., 2020; Feung & Thiruchelvam (2020).	Data Extraction and Availability
6	Structure and maintain a collaborative environment and scenario (Process and IT)	Lack of participation, interaction, or resource allocation of professionals from other business and IT managers can make the project unfeasible.	CBOK, 2015	Project Governance
7	Maintenance of tool settings and conditions	Ensure that the technological tools of the CA project are working to their full potential and are well configured. Changing parameters and conditions of the systems.	Gotthardt, Koivulaakso, Paksoy, Saramo, Martikainen, & Lehner (2020); Feung & Thiruchelvam (2020)	Technological TransformationTechnology Tools
8	Lack of Project Governance	Define the proper structure for the project, establish the project governance agents to manage and obtain the necessary resources for the project.	Temas pouco explorados na literatura desta pesquisa.	Project Governance

As noted by Ezzamouri and Hulstijn (2018) and Jans and Hosseinpour (2019) the development of CAPs requires a design framework that allows the adoption of information systems-based technology tools so that it can automate audit testing through data analysis. The relationship of CA in organizations happens with IT projects as well as other digital resources, which requires detailed planning considering all the aspects cited earlier in this research.

Given the above regarding the transformation challenges and technological factors that IA management has faced on how to adopt the use of technological tools in CAP, it was possible to elaborate a conceptual model to guide people interested in planning and executing such projects. The results made it possible to identify the main technological tools used in CAPs, as well as the main factors to consider when adopting these tools. In addition, the conceptual model aims to minimize the challenges faced by professionals in these projects, as well as guidelines for organizations to overcome them. The conceptual model (Figure 1).

Figure 1 - Technological Transformation Model for CAP Source: Prepared by the author based on the results of this research

The overview of the adoption of technological tools in CAP encompasses changes that are part of the technological transformation within the IA department, both in terms of audit procedures and the methods of approach for analysis and testing. The conceptual model synthesizes and extends existing research on the key factors to consider when conducting these projects. Close with a sentence that highlights what can be extended.

As seen in Figure 1, the technological transformation required through IA projects is intrinsically related to IT competencies. This requirement provides the necessary guidelines and guidance to the project’s Governance levels and the development team itself, to drive the adoption of technology tools in CAPs. Therefore, the proposed conceptual model with the necessary project factors and the steps to be considered becomes a relevant instrument that helps in PAC planning.

Furthermore, the conceptual model demonstrates the basic elements that are part of the necessary factors and that facilitate the adoption of technological tools. To define and adopt a technological tool, it is first necessary to define the development requirements aligned with the objective of the CAP, thus allowing to answer what it is desired to achieve and in which business process the project is contained. This vision will allow understanding the business rules and the technological tools behind the processes, thus considered an essential factor to understand the origin of the information and data that will be necessary for the PAC. These elements allow the availability and quality of the data to be evaluated, a key factor that makes the project development feasible and directs which type of technological tool can be adopted.

Thus, the conceptual model contributes to understand the needs and objectives of the project, as well as the factors and elements to define which technological tools will be used in the CAP. In addition, the conceptual model can contribute to the transformation of the department, providing a preventive environment to face the project challenges and ensure its completion within the planned schedule.

5 FINAL CONSIDERATIONS

At the end of this research, it was possible to evidence, through in-depth interviews with AI and IT professionals, which factors should be considered in the adoption of technological tools in the context of CAP. In-depth interviews were conducted with 7 project professionals in AI and 7 project professionals in IT, which made it possible to understand in a comprehensive and in-depth way the phenomenon studied.

The in-depth interviews highlighted the main benefits and challenges encountered in the adoption of technological tools in CAP. The results pointed out the nine main factors, among them, the enabling elements for the execution of a CAP, as shown in Table 5. It is evident in Table 5 how these factors and elements are related in the technological transformation among AI. Based on the empirical knowledge of the interviewees, 8 main challenges highlighted in Table 6 were identified. The realization of this stage met the second specific objective of this research which was “Recognize the main benefits and challenges found in the adoption of technological tools in CAP”. The empirical knowledge presented supports management to prepare to prevent these challenges, through the application of the enabling elements and essential factors in the CAP.

Following the research, the results of the interviews were confronted with the previously analyzed elements of the RSL, thus allowing to evidence the enabling elements and the main challenges of organizations on how to adopt the use of technological tools in CAP. This stage strengthened the elements presented in Tables 5 and 6, allowing to establish a logical process for organizations with PAC to plan in relation to the adoption of technological tools, thus giving rise to the proposed conceptual model, previously presented in Figure 1, and thus respond to the objective of the research that was “Present a conceptual model for the adoption of technological tools in PAC”.

Based on the steps, it can be said that technological transformation in CAPs is related to the adoption of technological tools. The RSL provided, aligned with the answers of the interviewees, the main enabling elements, and the challenges in CAPs in organizations. It can then be concluded that the adoption of technological tools contributes to CAPs.

Regarding the practical contributions, this research offers a conceptual model as a guiding instrument for the adoption of technological tools in CAP for organizations inserted in an IA context. The model contributes by presenting to those involved in CAP the main enabling elements and the challenges of adopting technological tools in CAP, serving as a tool to be used as a basis for the execution and definition of the adoption of technological tools, considering the project requirements.

Additionally, the presented model enables the most appropriate selection of technological tools, both internal and external to the organization, for planning and carrying out CAP. The proposed conceptual model can be used to demonstrate the IT competencies required for the use of certain technological tools, proactively serving for planning training to those involved in CAP of possible technological tools.

Finally, the model contributes to the Project Governance standards and guidelines of the organizations. The model presents Project Governance with the necessary project factors and steps to consider for planning the CAP, from its planning phase and understanding the business requirements, through analysis of the enabling elements, challenges, and the IT competencies needed by all CAP stakeholders.

From a theoretical perspective, this research contributes to present the essential elements to adopt technological tools in CAP. The results obtained in this research indicate the main technological tools to be used in CAP, as well as the challenges faced in projects of this nature. Technological tools play an important role in IA organizations, being related to Project Governance, and consequently, to the effectiveness of CAP, one of the findings of this research.

As secondary contributions, RSL is presented, which consolidates the studies on the adoption of technological tools, presenting highlighting the most prolific authors, the enabling categories, and the challenges in CAP environment. Finally, the RSL presents the main technological tools and resources for the adoption of technological tools in CAP. It is understood that the sources of information used in this research becomes, thus, a limitation of its results, since qualitative research offers a type of result that cannot be generalized, i.e., it is not possible to say that an entire population thinks in a certain way, based on the answers offered in a qualitative procedure, however the rigor applied allows us to conclude based on the results of Data and Theory Driven. As future studies, we suggest research with a greater number of professionals and companies with PAC projects to make a comparative study between companies.

References

Alles, M. G., Kogan, A., & Vasarhelyi, M. A. (Eds.). (2018). Continuous Auditing: Concepts, processes, and practical implementation. Emerald Publishing Limited.

Continuous Auditing: Concepts, processes, and practical implementation Alles

M. G.

Kogan

Vasarhelyi

M. A.

Emerald Publishing Limited

2018

Appelbaum, D., Kozlowski, S., Vasarhelyi, M. A., & White, J. (2016). Designing CA/CM to fit not-for-profit organizations. Managerial Auditing Journal, 31(1), 87–110. doi: https://doi.org/10.1108/MAJ-10-2014-1118

Appelbaum

Kozlowski

Vasarhelyi

M. A.

White

Designing CA/CM to fit not-for-profit organizations

Managerial Auditing Journal 2016 31 1

10.1108/MAJ-10-2014-1118

87 110

Baksa, R., & Turoff, M. (2010). The current state of continuous auditing and emergency management’s valuable contribution. ISCRAM 2010 - 7th International Conference on Information Systems for Crisis Response and Management: Defining Crisis Management 3.0, Proceedings.

Baksa

Turoff

The current state of continuous auditing and emergency management’s valuable contribution

ISCRAM 2010 - 7th International Conference on Information Systems for Crisis Response and Management: Defining Crisis Management 3.0

Proceedings 2010

Cangemi, M. P. (2015). Staying a step ahead: Internal audit’s use of technology, The Global Internal Audit Common Body of Knowledge, CBOK 2015 Practitioner Survey, the IIA research Foundation (IIARF).

Cangemi

M. P.

Staying a step ahead: Internal audit’s use of technology, The Global Internal Audit Common Body of Knowledge

CBOK 2015 Practitioner Survey, the IIA research Foundation (IIARF) 2015

Cao, P. M., Wu, Y., Banerjee, S. S., Azoff, J., Withers, A., Kalbarczyk, Z. T., & Iyer, R. K. (2019). Caudit: Continuous auditing of SSH servers to mitigate brute-force attacks. Proceedings of the 16th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2019, 667–682.

Cao

P. M.

Banerjee

S. S.

Azoff

Withers

Kalbarczyk

Z. T.

Iyer

R. K.

Implementation

N. S. D. I.

Caudit: Continuous auditing of SSH servers to mitigate brute-force attacks Proceedings of the 16th USENIX Symposium on Networked Systems Design 2019 667 682

Chan, D. Y., Chiu, V., & Vasarhelyi, M. A. (2018). Continuous auditing: theory and application. Emerald Publishing Limited.

Chan

D. Y.

Chiu

Vasarhelyi

M. A.

Continuous auditing: theory and application Emerald Publishing Limited 2018

Chiu, V., Liu, Q., & Vasarhelyi, M. A. (2014). The development and intellectual structure of continuous auditing research. Journal of Accounting Literature, 33(1–2), 37–57. doi: https://doi.org/10.1016/j.acclit.2014.08.001

Chiu

Liu

Vasarhelyi

M. A.

The development and intellectual structure of continuous auditing research

Journal of Accounting Literature 2014 33 1–2

10.1016/j.acclit.2014.08.001

37 57

Costan P., L., & Nastase, L. A. P. (2018). Evolution of internal audit activity based on informational technologies in Romanian public entities. In Soliman, KS (Ed.), Innovation management and education excellence through vision 2020, Vols I -XI (pp. 2212–2219). Int bussines information manegement assoc-ibima.

Costan

P. L.

Nastase

L. A. P.

Evolution of internal audit activity based on informational technologies in Romanian public entities

Innovation management and education excellence through vision 2020 Soliman

K. S.

2018 Vols I -XI 2212 2219

Creswell, J. W. (2010). Is it time to take the first step?. Projeto de Pesquisa: Métodos Qualitativo. Quantitativo e Misto, 3.

Creswell

J. W.

Is it time to take the first step?. Projeto de Pesquisa: Métodos Qualitativo

Quantitativo e Misto 2010 3

Deloitte. (2018). Retrieved from https://www.iia.org.uk/media/1689102/0906-iia-data-analytics-5-4-17-v4.pdf

Deloitte

2018 Retrieved from https://www.iia.org.uk/media/1689102/0906-iia-data-analytics-5-4-17-v4.pdf

Eulerich, M., & Kalinichenko, A. (2018). The current state and future directions of continuous auditing research: An analysis of the existing literature. Journal of information systems, 32(3), 31–51. doi: https://doi.org/10.2308/isys-51813

Eulerich

Kalinichenko

The current state and future directions of continuous auditing research: An analysis of the existing literature

Journal of information systems 2018 32 3

10.2308/isys-51813

31 51

Ezzamouri, N., & Hulstijn, J. (2018). Continuous monitoring and auditing in municipalities. In Zuiderwijk, A and Hinnant, CC (Ed.), Proceedings Of The 19th Annual International Conference On Digital Government Research (Dgo 2018): Governance In The Data Age (pp. 124–133). ASSOC COMPUTING MACHINERY. doi: https://doi.org/10.1145/3209281.3209301

Ezzamouri

Hulstijn

Continuous monitoring and auditing in municipalities Proceedings Of The 19th Annual International Conference On Digital Government Research (Dgo 2018): Governance In The Data Age

Zuiderwijk

Hinnant

C. C.

2018

10.1145/3209281.3209301

124 133

Farkas, M. J., & Hirsch, R. M. (2016). The effect of frequency and automation of internal control testing on external auditor reliance on the internal audit function. Journal of Information Systems, 30(1), 21–40. doi: https://doi.org/10.2308/isys-51266

Farkas

M. J.

Hirsch

R. M.

The effect of frequency and automation of internal control testing on external auditor reliance on the internal audit function

Journal of Information Systems 2016 30 1

10.2308/isys-51266

21 40

Feung, J. L. C., & Thiruchelvam, I. V. (2020). A framework model for continuous auditing in financial statement audits using big data analytics. International Journal of Scientific & Technology Research, 9, 3416-3434.

Feung

J. L. C.

Thiruchelvam

I. V.

A framework model for continuous auditing in financial statement audits using big data analytics

International Journal of Scientific & Technology Research 2020 9 3416 3434

Flowerday, S., Blundell, A. W., & Von Solms, R. (2006). Continuous auditing technologies and models: A discussion. Computers and Security, 25(5), 325–331. doi: https://doi.org/10.1016/j.cose.2006.06.004

Flowerday

Blundell

A. W.

Von Solms

Continuous auditing technologies and models: A discussion

Computers and Security 2006 25 5

10.1016/j.cose.2006.06.004

325 331

Folador, E. L., Fiirst, C., Baldissera, J. F., Toigo, L. A., & Capponi, N. F. (2018). Propriedades da auditora contínua e auditoria de sistemas: uma análise bibliométrica e sociométrica na base scopus. Congresso Internacional de Gestão da Tecnologia e Sistemas de Informação (Contecsi). Revista Contabilidade e Controladoria, 10(1).

Folador

E. L.

Fiirst

Baldissera

J. F.

Toigo

L. A.

Capponi

N. F.

Propriedades da auditora contínua e auditoria de sistemas: uma análise bibliométrica e sociométrica na base scopus

Congresso Internacional de Gestão da Tecnologia e Sistemas de Informação (Contecsi). Revista Contabilidade e Controladoria 2018 10 1

Gao, F., & Vasarhelyi, M. A. (2019). Audit data analytics: Enabling the evolution of continuous auditing. Journal of Emerging Technologies in Accounting, 16(2), 229-252.

Gao

Vasarhelyi

M. A.

Audit data analytics: Enabling the evolution of continuous auditing

Journal of Emerging Technologies in Accounting 2019 16 2 229 252

Gonzalez, G C, Sharma, P. N., & Galletta, D. (2012). Factors influencing the planned adoption of continuous monitoring technology. Journal of Information Systems, 26(2), 53–69. doi: https://doi.org/10.2308/isys-50259

Gonzalez

G. C.

Sharma

P. N.

Galletta

Factors influencing the planned adoption of continuous monitoring technology

Journal of Information Systems 2012 26 2

10.2308/isys-50259

53 69

Goosen, R., & van Dyk, H. O. (2017). Developing an internal audit planning framework at a strategic level by integrating continuous auditing procedures related to automated controls (Part I). Southern African Journal of Accountability and Auditing Research-Sajaar, 19(1), 59–70.

Goosen

Dyk

H. O.

Developing an internal audit planning framework at a strategic level by integrating continuous auditing procedures related to automated controls (Part I

Southern African Journal of Accountability and Auditing Research-Sajaar 2017 19 1 59 70

Gotthardt, M., Koivulaakso, D., Paksoy, O., Saramo, C., Martikainen, M., & Lehner, O. (2020). Current state and challenges in the implementation of smart robotic process automation in accounting and auditing. Journal of Finance and Risk Perspectives.

Gotthardt

Koivulaakso

Paksoy

Saramo

Martikainen

Lehner

Current state and challenges in the implementation of smart robotic process automation in accounting and auditing

Journal of Finance and Risk Perspectives 2020

Han, H., Shiwakoti, R. K., Jarvis, R., Mordi, C., & Botchie, D. (2023). Accounting and auditing with blockchain technology and artificial intelligence: A literature review. International Journal of Accounting Information Systems, 48, 100598.

Han

Shiwakoti

R. K.

Jarvis

Mordi

Botchie

Accounting and auditing with blockchain technology and artificial intelligence: A literature review

International Journal of Accounting Information Systems 2023 48 100598

Hassan, A., Salleh, N., Ismail, M. N., & Ahmad, M. N. (2023). Empirical evaluation of continuous auditing system use: a systematic review. International Journal of Electrical and Computer Engineering, 13(1), 796.

Hassan

Salleh

Ismail

M. N.

Ahmad

M. N.

Empirical evaluation of continuous auditing system use: a systematic review

International Journal of Electrical and Computer Engineering 2023 13 1 796

Jans, M., & Hosseinpour, M. (2019). How active learning and process mining can act as Continuous Auditing catalyst. International Journal of Accounting Information Systems, 32, 44–58. doi: https://doi.org/10.1016/j.accinf.2018.11.002

Jans

Hosseinpour

How active learning and process mining can act as Continuous Auditing catalyst

International Journal of Accounting Information Systems 2019 32

10.1016/j.accinf.2018.11.002

44 58

Javier, F., & Duque, V. (2016). Continuous Audit. A new paradigm of audit? In Rocha, A and Reis, LP and Cota, MP and Suarez, OS and Goncalves, R (Ed.), 2016 11th Iberian Conference on Information Systems And Technologies (CISTI). IEEE.

Javier

Duque

Continuous Audit. A new paradigm of audit? 2016 11th Iberian Conference on Information Systems And Technologies (CISTI)

Rocha

Reis

L. P.

Cota

M. P.

Suarez

O. S.

Goncalves

IEEE

2016

Joshi, P. L., & Marthandan, G. (2020). Continuous internal auditing: can big data analytics help?. International Journal of Accounting, Auditing and Performance Evaluation, 16(1), 25-42. doi: https://doi:10.1504/ijaape.2020.10676

Joshi

P. L.

Marthandan

Continuous internal auditing: can big data analytics help?

International Journal of Accounting, Auditing and Performance Evaluation 2020 16 1

10.1504/ijaape.2020.10676

25 42

Kiesow, A., Schomaker, T., & Thomas, O. (2016). Transferring continuous auditing to the digital age - The knowledge base after three decades of research. 24th European Conference on Information Systems, ECIS 2016.

Kiesow

Schomaker

Thomas

Transferring continuous auditing to the digital age - The knowledge base after three decades of research 24th European Conference on Information Systems, ECIS 2016 2016

Kim, Y., & Vasarhelyi, M. A. (2012). A model to detect potentially fraudulent/abnormal wires of an insurance company: An unsupervised rule-based approach. Journal of Emerging Technologies in Accounting, 9(1), 95–110. doi: https://doi.org/10.2308/jeta-50411

Kim

Vasarhelyi

M. A.

A model to detect potentially fraudulent/abnormal wires of an insurance company: An unsupervised rule-based approach

Journal of Emerging Technologies in Accounting 2012 9 1

10.2308/jeta-50411

95 110

Kitchenham, B., & Charters, S. (2007). Diretrizes para realizar revisões sistemáticas da literatura em engenharia de software.

Kitchenham

Charters

Diretrizes para realizar revisões sistemáticas da literatura em engenharia de software 2007

Klimova, J. (2018, October). Digital technology in risk-based approach of continuous audit. In The 2018 International Conference on Digital Science (pp. 306-312). Springer, Cham.

Klimova

Digital technology in risk-based approach of continuous audit The 2018 International Conference on Digital Science

Springer

Cham

2018 10 306 312

Kogan, A., Alles, M. G., Vasarhelyi, M. A., & Wu, J. (2014). Design and evaluation of a continuous data level auditing system. Auditing-A Journal of Practice & Theory, 33(4), 221–245. doi: https://doi.org/10.2308/ajpt-50844

Kogan

Alles

M. G.

Vasarhelyi

M. A.

Design and evaluation of a continuous data level auditing system

Auditing-A Journal of Practice & Theory 2014 33 4

10.2308/ajpt-50844

221 245

KPMG Risk Advisory Services. (2022). Auditoria continua. Retrieved from https://assets.kpmg.com/content/dam/kpmg/dk/pdf/Acor/2023/04/kpmg-acor-tax-annual-report-2022.pdf

KPMG

Auditoria continua 2022 Retrieved from https://assets.kpmg.com/content/dam/kpmg/dk/pdf/Acor/2023/04/kpmg-acor-tax-annual-report-2022.pdf

Kuenkaikaew, S., & Vasarhelyi, M. A. (2013). The predictive audit framework. The International Journal of Digital Accounting Research, 13(19), 37-71.

Kuenkaikaew

Vasarhelyi

M. A.

The predictive audit framework

The International Journal of Digital Accounting Research 2013 13 19 37 71

Kuhn Jr., J. R., & Sutton, S. G. (2010). Continuous auditing in ERP system environments: The current state and future directions. Journal of Information Systems, 24(1), 91–112. doi:https://doi.org/10.2308/jis.2010.24.1.91

Kuhn

J. R.

Jr. Sutton

S. G.

Continuous auditing in ERP system environments: The current state and future directions

Journal of Information Systems 2010 24 1

10.2308/jis.2010.24.1.91

91 112

Lamboglia, R., Lavorato, D., Scornavacca, E., & Za, S. (2020). Exploring the relationship between audit and technology. A bibliometric analysis. Meditari Accountancy Research. doi: https://doi.org/10.1108/MEDAR-03-2020-0836

Lamboglia

Lavorato

Scornavacca

Exploring the relationship between audit and technology. A bibliometric analysis

Meditari Accountancy Research 2020

10.1108/MEDAR-03-2020-0836

Li, S.-H., Huang, S.-M., & Lin, Y.-C. G. (2007). Developing a continuous auditing assistance system based on information process models. Journal of Computer Information Systems, 48(1), 2–13.

S.-H.

Huang

S.-M.

Lin

Y.-C.G.

Developing a continuous auditing assistance system based on information process models

Journal of Computer Information Systems 2007 48 1 2 13

Lin, Y., Lin, B., & Chen, M. (2021). Enhancing continuous auditing with robotic process automation: An empirical study. Journal of Information Systems, 35(1), 143-161.

Lin

Chen

Enhancing continuous auditing with robotic process automation: An empirical study

Journal of Information Systems 2021 35 1 143 161

Lins, S., Schneider, S., & Sunyaev, A. (2018). Trust is good, control is better: Creating secure clouds by continuous auditing. IEEE Transactions on Cloud Computing, 6(3), 890–903. doi: https://doi.org/10.1109/TCC.2016.2522411

Lins

Schneider

Sunyaev

Trust is good, control is better: Creating secure clouds by continuous auditing

IEEE Transactions on Cloud Computing 2018 6 3

10.1109/TCC.2016.2522411

890 903

Lois, P., Drogalas, G., Karagiorgos, A., & Tsikalakis, K. (2020). Internal audits in the digital era: opportunities risks and challenges. Euromed Journal of Business.

Lois

Drogalas

Karagiorgos

Tsikalakis

Internal audits in the digital era: opportunities risks and challenges

Euromed Journal of Business 2020

Marques, R. P., Santos, H., & Santos, C. (2018). Comparison and evaluation of organizational transactions for continuous auditing and business compliance. International Journal of Information System Modeling and Design, 9(2), 1-23.

Marques

R. P.

Santos

Comparison and evaluation of organizational transactions for continuous auditing and business compliance

International Journal of Information System Modeling and Design 2018 9 2 1 23

Marques, R P, & Santos, C. (2016). Information systems with internal control on business processes: An approach based on an organizational engineering framework. In C. M. P. G. R. S. O. S. Rocha A. Reis L.P. (Ed.), Iberian Conference on Information Systems and Technologies, CISTI (Vols. 2016-July). IEEE Computer Society. doi: https://doi.org/10.1109/CISTI.2016.7521641

Marques

R. P.

Santos

Information systems with internal control on business processes: An approach based on an organizational engineering framework Iberian Conference on Information Systems and Technologies, CISTI (Vols. 2016-July). IEEE Computer Society

L.P

C. M. P. G. R. S. O. S.Rocha A.Reis

2016

10.1109/CISTI.2016.7521641

Mokhitli, M., & Kyobe, M. (2019, March). Examining factors that impede internal auditors from leveraging information technology for continuous auditing. In 2019 Conference on Information Communications Technology and Society (ICTAS) (pp. 1-6). IEEE.

Mokhitli

Kyobe

Examining factors that impede internal auditors from leveraging information technology for continuous auditing 2019 Conference on Information Communications Technology and Society (ICTAS)

IEEE

2019 1 6

Parati, N., Malik, L., & Joshi, A. G. (2008, July). Artificial intelligence-based threat prevention and sensing engine: Architecture and design issues. In 2008 First International Conference on Emerging Trends in Engineering and Technology (pp. 304-307). IEEE.

Parati

Malik

Joshi

A. G.

Artificial intelligence-based threat prevention and sensing engine: Architecture and design issues 2008 First International Conference on Emerging Trends in Engineering and Technology

IEEE

2008 304 307

Pascual, E. H. (2015). Application of technical computer assisted audit in the prevention and detection of fraud [Aplicación de Técnicas de Auditoria Asistida por Computadoras en la prevención y detección de fraude]. 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015. doi: https://doi.org/10.1109/CISTI.2015.7170592

Pascual

E. H.

Application of technical computer assisted audit in the prevention and detection of fraud [Aplicación de Técnicas de Auditoria Asistida por Computadoras en la prevención y detección de fraude] 2015 10th Iberian Conference on Information Systems and Technologies, CISTI 2015 2015

10.1109/CISTI.2015.7170592

Pascual, E. H. (2016). Continuous auditing to manage risks in payroll [La Auditoria Continua para Gestionar Riesgos En Planilla De Sueldos]. In C. M. P. G. R. S. O. S. Rocha A. Reis L.P. (Ed.), Iberian Conference on Information Systems and Technologies, (Vols. 2016-July). IEEE Computer Society. doi:https://doi.org/10.1109/CISTI.2016.7521578

Pascual

E. H.

Continuous auditing to manage risks in payroll [La Auditoria Continua para Gestionar Riesgos En Planilla De Sueldos] Iberian Conference on Information Systems and Technologies

L.P

C. M. P. G. R. S. O. S.Rocha A.Reis

IEEE Computer Society

2016 Vols. 2016-July

10.1109/CISTI.2016.7521578

Polizzi, S., & Scannella, E. (2023). Continuous auditing in public sector and central banks: a framework to tackle implementation challenges. Journal of Financial Regulation and Compliance, 31(1), 40-59.

Polizzi

Scannella

Continuous auditing in public sector and central banks: a framework to tackle implementation challenges

Journal of Financial Regulation and Compliance 2023 31 1 40 59

Pricewaterhousecoopers. (2019). Elevating internal audit’s role: The digitally fit function. 2019 State of the Internal Audit Profession Study. Retrieved from: https://www.pwc.com/us/en/services/risk-assurance/library/internal-audit-transformation-study.html

Pricewaterhousecoopers

Elevating internal audit’s role: The digitally fit function 2019 Retrieved from: https://www.pwc.com/us/en/services/risk-assurance/library/internal-audit-transformation-study.html

Pwc (2019). Competências digitais aumentam a importância e a contribuição da auditoria interna. Estudo sobre a prática da auditoria interna 2019. https://www.pwc.com.br/pt/auditoria/assets/imagens/2019/papel-auditoria-interna-19.pdf

Pwc

Competências digitais aumentam a importância e a contribuição da auditoria interna. Estudo sobre a prática da auditoria interna 2019 2019

https://www.pwc.com.br/pt/auditoria/assets/imagens/2019/papel-auditoria-interna-19.pdf

Pwc (2018). Robotic process automation: A primer for internal audit professionals. Retrieved from:https://www.pwc.com/sg/en/publications/assets/ra-robotic-process-automation-for-ia.pdf

Pwc

Robotic process automation: A primer for internal audit professionals Retrieved from:https://www.pwc.com/sg/en/publications/assets/ra-robotic-process-automation-for-ia.pdf 2018

Pwc (2015). Estudos sobre a prática de auditoria interna 2015. Como encontrar o norte verdadeiro em um período de rápidas transformações. Retrieved from: https://www.pwc.com.br/pt/auditoria-interna/assets/pwc-estudo-sobre-pratica-profissional-auditoria-interna-15.pdf

Pwc

Estudos sobre a prática de auditoria interna 2015. Como encontrar o norte verdadeiro em um período de rápidas transformações 2015 Retrieved from: https://www.pwc.com.br/pt/auditoria-interna/assets/pwc-estudo-sobre-pratica-profissional-auditoria-interna-15.pdf

Rezaee, Z., Sharbatoghlie, A., Elam, R., & mcmickle, P. L. (2002). Continuous auditing: Building automated auditing capability. Auditing: A Journal of Practice & Theory, 21(1), 147-163.

Rezaee

Sharbatoghlie

Elam

mcmickle

P. L.

Continuous auditing: Building automated auditing capability

Auditing: A Journal of Practice & Theory 2002 21 1 147 163

Rezaee, Z., Elam, R., & Sharbatoghlie, A. (2001). Continuous auditing: The audit of the future. Managerial Auditing Journal, 16(3), 150–158. doi: https://doi.org/10.1108/02686900110385605

Rezaee

Elam

Sharbatoghlie

Continuous auditing: The audit of the future

Managerial Auditing Journal 2001 16 3

10.1108/02686900110385605

150 158

Rikhardsson, P., & Dull, R. (2016). An exploratory study of the adoption, application and impacts of continuous auditing technologies in small businesses. International Journal of Accounting Information Systems, 20, 26–37. doi: https://doi.org/10.1016/j.accinf.2016.01.003

Rikhardsson

Dull

An exploratory study of the adoption, application and impacts of continuous auditing technologies in small businesses

International Journal of Accounting Information Systems 2016 20

10.1016/j.accinf.2016.01.003

26 37

Russom, P. (2011). Big data analycts - TDWI best practices report. Introduction to Big Data Analytics. TDWI Best Practices Report, Fourth Quarter, 19(4), 1–34.

Russom

Big data analycts - TDWI best practices report. Introduction to Big Data Analytics. TDWI Best Practices Report

Fourth Quarter 2011 19 4 1 34

Shin, I.-H., Lee, M.-G., & Park, W. (2013). Implementation of the continuous auditing system in the ERP-based environment. Managerial Auditing Journal, 28(7), 592–627. doi: https://doi.org/10.1108/MAJ-11-2012-0775

Shin

I.-H.

Lee

M.-G.

Park

Implementation of the continuous auditing system in the ERP-based environment

Managerial Auditing Journal 2013 28 7

10.1108/MAJ-11-2012-0775

592 627

Singh, K., & Best, P. (2015). Design and implementation of continuous monitoring and auditing in SAP enterprise resource planning. International Journal Of Auditing, 19(3), 307–317. doi: https://doi.org/10.1111/ijau.12051

Singh

Best

Design and implementation of continuous monitoring and auditing in SAP enterprise resource planning

International Journal Of Auditing 2015 19 3

10.1111/ijau.12051

307 317

Sun, C.-M. (2012). The adaptation and routinization processes of a continuous auditing system implementation. 18th Americas Conference on Information Systems 2012, AMCIS 2012, 2, 955–965.

Sun

C.-M.

The adaptation and routinization processes of a continuous auditing system implementation 18th Americas Conference on Information Systems 2012, AMCIS 2012 2012 2 955 965

Sun, T., Alles, M., & Vasarhelyi, M. A. (2015). Adopting continuous auditing: A cross-sectional comparison between China and the United States. Managerial Auditing Journal, 30(2), 176–204. doi: https://doi.org/10.1108/MAJ-08-2014-1080

Sun

Alles

Vasarhelyi

M. A.

Adopting continuous auditing: A cross-sectional comparison between China and the United States

Managerial Auditing Journal 2015 30 2

10.1108/MAJ-08-2014-1080

176 204

The Institute of Internal Auditors - IIA. (2018). Auditoria Interna no Brasil Rumo à consolidação do impacto e da influência. 1–44.

The Institute of Internal Auditors - IIA

Auditoria Interna no Brasil Rumo à consolidação do impacto e da influência 2018 1 44

Thiprungsri, S., & Vasarhelyi, M. A. (2011). Cluster analysis for anomaly detection in accounting data: An audit approach. International Journal of Digital Accounting Research, 11.

Thiprungsri

Vasarhelyi

M. A.

Cluster analysis for anomaly detection in accounting data: An audit approach

International Journal of Digital Accounting Research 2011 11

Tranfield, D., Denyer, D., & Smart, P. (2003). Rumo a uma metodologia para desenvolver conhecimento de gestão baseado em evidências por meio de revisão sistemática. British Journal of Management, 14 (3), 207–222.

Tranfield

Denyer

Smart

Rumo a uma metodologia para desenvolver conhecimento de gestão baseado em evidências por meio de revisão sistemática

British Journal of Management 2003 14 3 207 222

Van Hillo, R., & Weigand, H. (2016). Continuous auditing & continuous monitoring: Continuous value? Proceedings - international conference on research challenges in Information Science, 2016-Augus(Cm). doi:https://doi.org/10.1109/RCIS.2016.7549279

Van Hillo

Weigand

Continuous auditing & continuous monitoring: Continuous value? Proceedings - international conference on research challenges in Information Science 2016

10.1109/RCIS.2016.7549279

2016

Vasarhelyi, M. A., Alles, M., Kuenkaikaew, S., & Littley, J. (2012). The acceptance and adoption of continuous auditing by internal auditors: A micro analysis. International Journal of Accounting Information Systems, 13(3), 267–281. doi: https://doi.org/10.1016/j.accinf.2012.06.011

Vasarhelyi

M. A.

Alles

Kuenkaikaew

Littley

The acceptance and adoption of continuous auditing by internal auditors: A micro analysis

International Journal of Accounting Information Systems 2012 13 3

10.1016/j.accinf.2012.06.011

267 281

Vasarhelyi, M. A., Alles, M. G., & Kogan, A. (2004). Principles of analytic monitoring for continuous assurance. Journal of emerging technologies in accounting, 1(1), 1-21.

Vasarhelyi

M. A.

Alles

M. G.

Kogan

Principles of analytic monitoring for continuous assurance

Journal of emerging technologies in accounting 2004 1 1 1 21

Warren, M. J., Moffitt, K. C., Byrnes, P., & vagHossain, S. (2020). Continuous auditing in the era of big data: Opportunities and challenges. Journal of Information Systems, 34(2), 1-21.

Warren

M. J.

Moffitt

K. C.

Byrnes

vagHossain

Continuous auditing in the era of big data: Opportunities and challenges

Journal of Information Systems 2020 34 2 1 21

Wong, J. (2020). Continuous auditing: Current developments and future research directions. Journal of Accounting Literature, 44, 25-48. doi: https://doi.org/10.2308/jis.2010.24.1.91

Wong

Continuous auditing: Current developments and future research directions

Journal of Accounting Literature 2020 44

10.2308/jis.2010.24.1.91

25 48

Wu, D. D., Strauss, J., & Wang, X. (2021). Blockchain and continuous auditing: Opportunities and challenges. International Journal of Accounting Information Systems, 39, 100535.

D. D.

Strauss

Wang

Blockchain and continuous auditing: Opportunities and challenges

International Journal of Accounting Information Systems 2021 39

100535

Ye, H., Ruan, Y., Huang, G., & Wang, Y. (2011). The application of data fusion technology in continuous auditing. Advances In Information Sciences And Service Sciences, 3(10), 192-198.

Ruan

Huang

Wang

The application of data fusion technology in continuous auditing

Advances In Information Sciences And Service Sciences 2011 3 10 192 198

Ye, H., Wu, D., & Chen, S. (2010). An open data cleaning framework based on semantic rules for Continuous Auditing. ICCET 2010 - 2010 International Conference on Computer Engineering and Technology, Proceedings, 2, V2158–V2162. doi: https://doi.org/10.1109/ICCET.2010.5485262

Chen

An open data cleaning framework based on semantic rules for Continuous Auditing

Proceedings ICCET 2010 - 2010 International Conference on Computer Engineering and Technology, Proceedings 2010 2

10.1109/ICCET.2010.5485262

2158 2162

Ye, H., He, Y., & Xiang, Z. (2008). Continuous auditing system based on registration center. WSEAS Transactions on Information Science and Applications, 5(5), 746-755.

Xiang

Continuous auditing system based on registration center

WSEAS Transactions on Information Science and Applications 2008 5 5 746 755

Yeh, C.-H., Chang, T.-P., & Shen, W.-C. (2008). Developing continuous audit and integrating information technology in e-business. 2008 IEEE ASIA-PACIFIC SERVICES COMPUTING CONFERENCE, VOLS 1-3, PROCEEDINGS, 1013–1018. doi: https://doi.org/10.1109/APSCC.2008.8

Yeh

C.-H.

Chang

T.-P.

Shen

W.-C.

Developing continuous audit and integrating information technology in e-business

PROCEEDINGS 2008 IEEE ASIA-PACIFIC SERVICES COMPUTING CONFERENCE 1-3 2008

10.1109/APSCC.2008.8

1013 1018

Yu, Y., Hou, J., & Li, H. (2019). Study on continuous internal audit system modeling and application. ACM International Conference Proceeding Series. doi: https://doi.org/10.1145/3358331.3358364

Hou

Study on continuous internal audit system modeling and application ACM International Conference Proceeding Series 2019

10.1145/3358331.3358364