Online Computer Auditing Through Continuous and Intermittent Simulation

A new computer auditing technique called Continuous and Intermittent Simulation (CIS), is introduced. It has been specifically designed as a compliance auditing technique for timesharing systems that can be used to audit internal controls. CIS is an auditing technique that simulates the instruction execution of the application at the time the application is processing a transaction. All data and input to the application is accessible by and shared with the simulation. This means that the simulation is notified about each transaction that is entered to the application and accesses to database by the DBMS. It is not necessary for all transactions to be audited in order to have the capability of performing online auditing. Before any updates are made to the database, or before any output is returned to the users, the simulation can verify the results by executing the appropriate instructions that evaluate the internal controls of the application about the system’s status can be put into the exception log. The simulation can then choose to use the results computed by the application or by the simulation, or choose not to use any of the results, as if there was no transaction.