ai审计_用于内部审计和风险管理的人工智能

ai审计

AUDITMAP.AI文本分析平台 (AUDITMAP.AI TEXT ANALYSIS PLATFORM)

Table of Contents1. Abstract: Why AI for Internal Audit and Risk Management?2. Introduction3. Contemporary Internal Audit Challenges4. AuditMap.ai: A Platform for Audit Enhancement5. Limitations and the Way Forward6.

目录 1. 摘要：为什么要使用AI进行内部审计和风险管理？ 2. 简介 3. 当代内部审计面临的挑战 4. AuditMap.ai：增强审计的平台 5. 局限性和前进方向 6。

1.摘要：为什么要使用AI进行内部审计和风险管理？ (1. Abstract: Why AI for Internal Audit and Risk Management?)

Internal audit tasks within large organizations are slowed by the volume of documentation. Slow audit response time, sampling-based audit planning, and reliance on keyword searches are all indicators that automation is required to accelerate internal audit tasks. Audit quality also suffers when relevant gaps or risks are not disclosed to stakeholders in a timely manner. This work outlines a workflow automation solution called AuditMap.ai. The solution contains several artificial intelligence models that read in thousands of audit reports in various languages to continuously identify and organize the relevant text within. Rather than replacing the auditor, AuditMap.ai assists in the human-centered audit planning and execution process.

大量文档会减慢大型组织内的内部审核任务。 缓慢的审核响应时间，基于采样的审核计划以及对关键字搜索的依赖都表明自动化是加速内部审核任务所必需的。 如果没有及时向利益相关者披露相关的差距或风险，审计质量也会受到影响。 这项工作概述了名为AuditMap.ai的工作流自动化解决方案。 该解决方案包含多个人工智能模型，这些模型以各种语言读取成千上万的审核报告，以不断识别和组织其中的相关文本。 而不是更换审核员， AuditMap.ai可以协助以人为中心的审核计划和执行过程。

2.简介 (2. Introduction)

The internal audit function of organizations is under pressure to deliver results to meet the assurance demands of stakeholders and protect the organization from emerging threats. Keeping the big picture in perspective is difficult given the volume of reports that exist within an organization. This work outlines a solution that reads thousands of audit reports to categorize and organize the relevant text within the reports.

组织的内部审计职能正承受着交付成果以满足利益相关者的保证要求并保护组织免受新出现威胁的压力。 鉴于组织内存在大量报告，因此很难全面了解大局。 这项工作概述了一种解决方案，该解决方案可以读取数千个审核报告，以对报告中的相关文本进行分类和组织。

Internal auditors provide a line of defense against preventable errors and omissions that may lower quality, tarnish a firm’s reputation and trustworthiness, miss opportunities, or lead to direct financial losses. Internal audit’s main role is the detection of inefficiencies, noncompliances, and the prevention of losses. These activities are delivered by means of risk-based assessment and communication with board committees, whereas financial audit is focused on the detection of potentially material issues in recordings of transactions, and at times, corrections. In other words, losses detected in a financial audit have already occurred, while the results of internal audit’s work highlight gaps in compliance, quality, and other areas. To identify these gaps, internal audit operations require the tracking of outcomes in each risk area that the organization’s programs are exposed to. This tracking requires contextualization and fast results, rather than an annual summary report to the audit committee.

内部审计师提供了可预防的错误和疏漏的防护措施，这些错误和疏漏可能会降低质量，损害公司的声誉和信誉，错失机会或导致直接的财务损失。 内部审计的主要作用是发现效率低下，不合规以及防止损失。 这些活动是通过基于风险的评估和与董事会委员会的沟通来进行的，而财务审计则侧重于检测交易记录中有时可能存在的重大问题，有时还会进行更正。 换句话说，在财务审计中发现的损失已经发生，而内部审计的工作结果则突出了合规性，质量和其他领域的差距 。 为了识别这些差距，内部审计操作需要跟踪组织计划所面临的每个风险领域的结果。 这种跟踪需要情境化和快速的结果，而不是向审计委员会提交年度总结报告。

Internal audit holds a unique assurance position within the corporate structure. It has historical roots in financial auditing and has since evolved to provide a much greater range of assurance. Internal audit is quite different in practice from financial auditing. Whereas modern financial auditing assesses transactions and their recordings in support of financial statement accuracy (at times using double-entry accounting software); internal audit’s performance-based assessments serve the goal of reporting to the audit committee and senior management on the state of their organization’s governance, processes, procedures, risks, controls, case reports, and much more. Furthermore, at public corporations, and within specific sectors such as healthcare and finance, internal audit activities and risk disclosures are required by law [1] [2].

内部审计在公司结构中占有独特的保证地位。 它在财务审计中具有悠久的历史，并已发展成为提供范围更大的保证。 内部审计在实践上与财务审计完全不同。 鉴于现代财务审计会评估交易及其记录以支持财务报表的准确性(有时会使用重复输入的会计软件)； 内部审计基于绩效的评估的目标是向审计委员会和高级管理层报告其组织的治理，流程，程序，风险，控制，案例报告等的状态。 此外，在法律法规 [1] [2]中 ，在公共公司以及特定部门(例如医疗保健和金融)内，内部审计活动和风险披露是必需的 。

3.当代内部审计挑战 (3. Contemporary Internal Audit Challenges)

Internal reporting has crossed into the era of big data, and this is leading to information overload across the corporate landscape. As a result of the high volumes of report data, a Data Rich Information Poor situation is creeping across the audit landscape [3]. This situation is characterized by an organization tracking many indicators under the assumption that they assure quality, but missing the emerging risks because the information at hand was not measured by any of the tracked indicators. The answer must be better technology for converting data into actionable information. Technology is a critical driver of efficiency and productivity in the internal audit function [4]. Quoting from the 2017 International Standards for the Professional Practice of Internal Auditing: “Internal auditors must have sufficient knowledge of key information technology risks and controls and available technology-based audit techniques to perform their assigned work” [5]. As outlined in the 2019 Brydon report [6], the landscape within the auditing field is also shifting toward increased enforcement of the separation between auditors and their clients, driving companies to rotate their assurance providers at increased rates. Furthermore, the report identifies that “There appears to be a widespread consensus that automating existing data related audit tasks is underway and its extension inevitable.”

内部报告已进入大数据时代，这导致整个企业范围内的信息过载。 由于报告数据量很大，整个审计环境中都出现了“ 数据贫乏”信息不足的情况[3] 。 这种情况的特点是，组织在保证质量的前提下跟踪许多指标，但由于手头的信息没有用任何跟踪的指标来衡量，因此错过了新出现的风险。 答案必须是将数据转换为可操作信息的更好技术。 在内部审计职能中，技术是效率和生产率的关键驱动力 [4] 。 引用《 2017年内部审计专业实践国际标准》：“内部审计师必须对关键信息技术风险和控制以及可用的基于技术的审计技术有足够的了解，以执行其分配的工作” [5] 。 正如2019年Brydon报告[6]所概述的那样，审计领域的局面也正在朝着加强对审计师与其客户之间的隔离的执法方向发展，从而促使公司以更高的比率轮换其担保人。 此外，该报告还指出：“似乎已经达成了广泛的共识，即与现有数据相关的审计任务正在实现自动化，并且其扩展不可避免。”

geralt (Gerd Altmann) via 杰拉尔特(Gerd Altmann)通过 pixabay (CC0) 照片 (CC0)

Vast private textual datasets of internal reports have overwhelmed the traditional role of auditors. For example. an organization with 100,000 employees in a highly regulated field (e.g., aircraft manufacturing), can generate millions of documents over a 10 year period. Forming this carefully recorded report data into theories and assessment plans is time-consuming, and yet the results of these assessments can be extremely time-sensitive. There is a dire need for management to know where the risks are on a Tuesday, but the audit function tends to produce reports quarterly and annually