Computer technology has become an integral part of most organizational functions. The existence of transaction data in a non-electronic form is becoming increasingly scarce as companies make effective use of point-of-sale systems as well as business to customer (B2C) electronic commerce. In addition, the use of electronic data interchange (EDI) continues to increase with respect a business to business (B2B) and business to government (B2G) transactions. Furthermore, this will implicate all the documents and reports produced from the transaction. Obviously, the paper based report is no longer produced but has changed into electronic form; these will be issued electronically, thus the same thing will happen with the audit trail, and will be issued electronically as well. Young (2005) says that auditing practices are "insufficiently rigorous". Therefore, today's auditors must be equipped with an understanding of alternative tools and approaches to test the operations of computerized systems and to gather and analyse data contained in computerized files. This essay explores some of the reasons why Auditors should have good literacy in auditing software to improve their audit quality.
Firstly the changes of auditing approach from systematic cycle approach to a risk based approach. Risk based approach to auditing, point to one fact that auditors should develop their auditing software literacy in order to find the risk zones in the companies by using the analytical review procedures (Young, 2005). Obviously auditors could employ a range of techniques in performing analytical review procedures; it could be simple comparisons or complex analysis using advanced data analysis techniques. Young (2005) suggests that the application of analytical review procedures should be more up to date, because of the nature of audit evidence has evolved from paper based to electronic based. Consequently, when auditors handle voluminous electronic audit evidences, it is time for auditors to utilize proper audit software to help them to identify where the risk areas is indicated accurately and quickly. Otherwise, it will be time consuming or it will result inaccurate indication of the risk areas. At this phase, then the quality of auditors' work is questioned.
Secondly, auditors who do not improve their software literacy skills might not be able to adequately cope with the emergence of continuous auditing implementation required by modern companies. Auditors should be more concerned about information technology adaptation in companies; hence all transactions will be captured, processed and reported electronically. Companies who have this characteristic, find it difficult for the auditor to arrange the traditional audit method, where auditor comes in to the companies at the end of year, review the financial statement and give an audit opinion. However, the companies will need real time reports related to companies' economic activity, such as, inventory position, sales growth, and cash flow. Meanwhile, the companies also need the exception report which may disclose fraud, inaccuracy or irregular activities, for example, cash embezzlement by the employee, out of stock inventories, and mistake in quoting the product's sales price. To accommodate the companies' needs, the audit functions should revolutionize their audit practices by implementing continuous auditing. Continuous auditing is "a methodology that enables independent auditors to provide written assurance on a subject matter using a series of auditors' reports issued simultaneously with, or a short period of time after, the occurrence of events underlying the subject matter" (CICA, 1999). Based on the definition above, it is obvious that the auditor should be involved in the companies' system designing phase. In this phase, auditor may upload the embedded audit module to the system, so the system can monitor and evaluate every transaction or activity being captured and processed in a real time bases. Furthermore, to create the embedded audit module, auditor has to knowledgeable in the computerized environment, such as auditing software. Auditing software makes it easier for auditor to gain an understanding about how to develop the audit module.
Finally, in developed countries, such as Australia and US, they have established audit standards which are concerned with the audit software implementation. With the existence of regulation, the auditors will be forced to have appropriate technical skills (Nearon, 2005), due to satisfy the critical foundations in auditing, which are competence and due professional care. These two foundations take an important role in audit profession, because it will improve the audit work's quality and at the end will gain public trust to auditors. However, there is no regulation adapted in Indonesia to regulate the using of new techniques for audit practices, such as continuous auditing and auditing software implementation. As a result from this condition, the auditors less motivated to upgrade their knowledge and skill related to the new techniques.
However, despite the three reasons mentioned above, there are auditors who unlikely to follow the nature, which still think that auditors do not need the information technology expertise. Background knowledge in information technology had insufficient portion in university curricula, especially for auditing software implementation. Auditing subject had been taught in conventional method, this method made it difficult to auditors to adjust their technical skills in this digital environment. Furthermore, auditors think that information technology and auditing as separate discipline, they tend to rely on IT experts if they need IT assistances, for example, downloading audit evidence from the companies' database. Another objection from auditors is they see that companies' system has been well developed, and the system will generate the free-error information (Debreceny, Lee, Neo, & Toh, 2005), it is implies that there is no need to look further for the reliability and accuracy of the information provided. In fact, not all systems are well planned, well developed and well implemented; in this case, auditors should maintain their scepticism to any information provided by companies until they obtain some level of confidence for information given.
Auditors must be able to use the latest audit techniques, because at the future, the audit practice will be heavily influenced by system information. But in fact, currently there are many auditors still not aware of the importance of the effect of information systems in their work (Nearon, 2005). Even according to Young audit practices currently applied by the auditors should be updated and adjusted to the demands of technological progress. The change of auditing approach from systematic cycle approach to a risk based approach is the most important reason for auditors to improve their technical skills. To deal with digital environment in companies, auditors should participate in the system designing in order to maintain control application in day to day operations. Auditors' participation in system designing allows the implementation of continuous auditing. Moreover, regulation, such as audit standard, and public trust are other reasons why auditors should literate in auditing software. Even though there are reasons for auditors to have literacy in auditing software, in the other hand, there also auditors who think that auditing software literacy are still not necessary because they have never been taught how to conduct audit work in computerized environment, information technology is not part of auditing discipline and the low level of auditors' scepticism to the companies's system, that allows auditors to not have to test the validity and accuracy of information provided by the companies.