The Association of Digital Forensics, Security and Law (ADFSL)


Despite increased attention to internal controls and risk assessment, traditional audit approaches do not seem to be highly effective in uncovering the majority of frauds. Less than 20 percent of all occupational frauds are uncovered by auditors. Forensic accounting has recognized the need for automated approaches to fraud analysis yet research has not examined the benefits of forensic continuous auditing as a method to detect and deter corporate fraud. The purpose of this paper is to show how such an approach is possible. A model is presented that supports the acceptance of forensic continuous auditing by auditors and management as an effective tool to support the audit function, meet management’s regulatory objectives, and to combat fraud. An approach to developing such a system is presented.


Alali, F., G. H. Grant and K. C. Miller. 2008. IT Control Deficiencies that Impact Financial Reporting. Internal Auditing, Vol. 23 (4), pp. 28-37.

Albrecht, C. C., W. S. Albrecht, and J. G. Dunn. 2001. Can Auditors Detect Fraud. Journal of Forensic Accounting. Vol. II, pp. 1-12. Aldhizer, G. R., and J. D. Cashell. 2006. Automating the Confirmation Process: How to Enhance Audit Effectiveness and Efficiency. The CPA Journal. Vol. 76 (4), pp. 28–32.

Alles, M. G., A. Kogan, and M. A. Vasarhelyi. 2008. Putting Continuous Auditing Theory into Practice: Lessons from Two Pilot Implementations. Journal of Information Systems, Vol. 22 (2), pp. 195–214.

Alles, M. G., A. Kogan, and M. A. Vasarhelyi. 2002. Feasibility and Economics of Continuous Assurance. Auditing: A Journal of Practice & Theory. Vol. 21 (1), pp. 125–138.

Alles, M. G., F. Tostes, M. A. Vasarhelyi, and E. Riccio. 2006. Continuous Auditing: The USA Experience and Considerations for its Implementation in Brazil. Journal of Information Systems and Technology Management. Vol. 3 (2), pp. 211-224.

American Institute of Certified Public Accountants (AICPA). 2001. The Effect of Information Technology on the Auditor’s Consideration of Internal Control in a Financial Statement Audit. Statement of Auditing Standards No. 94. New York NY: AICPA.

________. 2002. Consideration of Fraud in Financial Statement Audit. Statement of Auditing Standards No. 99. New York NY: AICPA.

________. 1995. Consideration of Internal Control in a Financial Statement Audit. Statement of Auditing Standards No. 78. New York NY: AICPA

________. 1988. Analytical Procedures. Statement of Auditing Standards No. 56. New York NY: AICPA

Arens, A.; Elder, R.; Beasley, M. 2006. Auditing and Assurance Services: An Integrated Approach. Pearson Prentice Hall.

Association of Certified Fraud Examiners (ACFE) 2010 Report to the Nation on Occupational Fraud and Abuse.

Audit Command Language (ACL) Downloaded January 4, 2011 from: http://www.acl.com/solutions/fraud_detection.aspx

Canadian Institute of Chartered Accountants and American Institute of Certified Public Accountants (CICA/AICPA). 1999.

Continuous Auditing. Research report. Toronto, Canada: CICA. Caster, P. and R. Sriram. 1996. An Investigation of Accounts Receivable Confirmation Process Timing. Auditing: A Journal of Practice & Theory. Vol. 15 (1), pp. 135–141.

Charles Rivers & Associates. 2005. Sarbanes-Oxley Section 404 Costs and Remediation of Deficiencies: Estimates from a Sample of Fortune 1000 Companies. Downloaded January 5, 2011 from: http://www.sec.gov/spotlight/SOX02comp/SOX02comp-all-attach.pdf.

Chen, C. and J. T. Sennetti. 2005. Fraudulent Financial Reporting Characteristics of the Computer Industry Under a Strategic-Systems Lens. Journal of Forensic Accounting. Vol. VI, pp. 23-54.

Debreceny, R. S., G. L.Gray, J. J. Ng, K. S. Lee, and W. Yau. Fall 2005. Embedded Audit Modules in Enterprise Resource Planning Systems: Implementation and Functionality. Journal of Information Systems. Vol 19 (2), pp. 7–27.

Grant, G. H., K. C. Miller and F. Alali 2008. The Effect of IT Controls on Financial Reporting. Managerial Auditing Journal. Vol. 23, (8), pp. 803- 823.

Groomer, S. M., and U. S. Murthy. 1989. Continuous Auditing of Database Applications: An Embedded Audit Module Approach. Journal of Information Systems. Vol. 3 (1), pp. 53-69.

Grove, H. and T. Cook. 2004. Lessons for Auditors: Quantitative and Qualitative Red Flags. Journal of Forensic Accounting. Vol. V, pp. 131- 146.

Hermanson, D. R. , B. Moran, C. S. Rossie and D. T. Wolfe. 2006. Continuous Monitoring of Transactions to Reduce Fraud, Misuse, and Errors. Journal of Forensic Accounting. Vol. VII, pp. 17-30.

Hoffman, T. 2004. IT Auditors Coveted, Hard to Find. Computerworld, Vol. 38 (18), pp. 1-16.

Kuhn, J. R. Jr. and S. G. Sutton. Spring 2010. Continuous Auditing in ERP System Environments: The Current State and Future Directions. Journal of Information Systems. Vol. 24 (1), pp. 91-112.

Janvrin, D., D. Bierstaker and D. J. Lowe. Spring 2009. An Investigation of Factors Influencing the Use of Computer-Related Audit Procedures. Journal of Information Systems. Vol. 23, (1), pp. 97–118.

Johnson, C. B. and T. C. Ireland. 2007. An Empirical Examination of Manipulation in Components of the Income Statement. Journal of Forensic Accounting. Vol. VIII, pp. 1-28.

Lanza R. B., and S. Gilbert. 2007. A Risk-Based Approach to Journal Entry Testing. Journal of Accountancy. Vol. 204, pp. 32–35.

Nigrini, M. J. 2006. Monitoring Techniques Available to the Forensic Accountant. Journal of Forensic Accounting. Vol. VII, pp. 321-344.

Nondorf, M. E., Singer, Z. and You, H., (February 2011) A Study of Firms Surrounding the Threshold of Sarbanes-Oxley Section 404 Compliance. AAA 2008 Financial Accounting and Reporting Section (FARS) Paper. Available at SSRN: http://ssrn.com/abstract=1004965

Rezaee, Z., A. Sharbatoghlie, R. Elam, and P. L. McMickle. 2002. Continuous auditing: Building automated audit capability. Auditing: A Journal of Practice & Theory. Vol. 21 (1), pp. 147–163.

Roth, J. and D. Espersen. 2003. Internal Audit’s Role in Corporate Governance: Sarbanes-Oxley Compliance. Altamonte Springs: The Institute of Internal Auditors Research Foundation.

Li., S., S. Huang and Y. G. Lin. Fall 2007. Developing a Continuous Auditing Assistance System based on Information Process Models. Journal of Computer Information Systems. Vol. 48 (1), pp. 2-13.

Oringel, J. and G. R. Aldhizer. Fall 2009. Continuous Auditing and Monitoring: Enhancing the Efficiency and Effectiveness of Auditing and ERM. Internal Auditing. Vol. 24 (5), pp. 17-26.

Public Company Accounting Oversight Board (PCAOB). 2007. Auditing Standard No. 5: An Audit of Internal Control Over Financial Reporting that is Integrated with an Audit of Financial Statement.

Romney, M. B. and P. J. Steinbart. 2008. Accounting Information Systems, 11th ed. Prentice-Hall.

G. S. Smith. 2005. Computer Forensics: Helping to Achieve the Auditor’s Fraud Mission?. Journal of Forensic Accounting. Vol. VI, pp. 119-134.

Vasarhelyi, M. A, M. Alles, and A. Kogan. 2004. Principles of Analytic Monitoring For Continuous Assurance. Journal of Emerging Technologies in Accounting. Vol. 1, pp. 1–21.

Wells, J. T. 2011. Principles of Fraud Examination. Hoboken, NJ: John Wiley & Sons.




To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.