Kamu Sektörü İç Denetiminde Stratejik Bir Araç Olarak Sürekli Denetim: Türkiye Örneği

Yıl 2020, Cilt: 23 Sayı: 1, 208 - 225, 30.04.2020

Sezer Bozkuş Kahyaoğlu Rasim Sarıkaya Bahadır Topal

https://doi.org/10.29249/selcuksbmyd.670261

Öz

Hem kamu hem de özel sektörde iç denetim mesleği, stratejik hedeflere ulaşmak için iş süreçlerini iyileştirmeye yönelik temel bir gereklilik haline gelmiştir. Bunun ana nedeni, iç denetimin katma değerli, riske dayalı yaklaşımı ve stratejik hedeflere ulaşmada güvenilir danışman olmasıyla önemli bir role sahip olmasıdır. Türkiye’de kamu sektöründe iç denetim, kamu idarelerinin öncelikleri ve performans göstergelerine uygun olarak kamu kaynaklarının ekonomik, verimli ve etkin kullanımını sağlamak amacıyla 2003 yılında 5018 sayılı Kamu Mali Yönetimi ve Kontrol Kanunu ile yürürlüğe giren nispeten yeni bir uygulamadır. Kısa bir geçiş döneminden sonra kamu idareleri, İç Denetim Koordinasyon Kurulu’nun tam desteğiyle iç denetim fonksiyonlarını bu kadar kısa bir sürede IIA standartlarına göre kurmaya başlamıştır. Bu çalışmanın temel amacı, Türkiye'deki kamu sektörü iç denetiminin mevcut durumunu analiz etmek ve en iyi uygulamalara örnek vermektir. Bu kapsamda, TC Tarım ve Orman Bakanlığı iç denetim fonksiyonu seçilmiştir. Bunun nedeni, Bakanlık iç denetim ekibinin, denetim planlarını, saha çalışmalarını ve raporlarını dijital olarak yürütmek için kurum içinde geliştirilen sürekli bir denetim yazılımı kullanmasıdır. İlk olarak, sürekli denetim ve veri analitiğinin önemi ilgili literatüre göre açıklanmaktadır. İkinci olarak, Türk kamu sektöründe iç denetim hakkında kısa bir arka plan bilgisi verilmekte ve Tarım ve Orman Bakanlığı iç denetim fonksiyonu kısaca tanıtılmaktadır. Üçüncüsü, Bakanlığın sürekli denetim vakasının verileri, metodolojisi ve ampirik sonuçları sunulmaktadır. Sonuç olarak, literatüre katkıda bulunmak için ampirik bulgulara dayalı politika önerileri yapılmıştır.

Anahtar Kelimeler

sürekli denetim, veri analitiği

Continuous Auditing as a Strategic Tool in Public Sector Internal Audit: The Turkish Case

Öz

In both public and private sectors, internal audit profession has become a fundamental requirement to improve business processes to achieve strategic goals. This is due to the fact that internal audit has a significant role with its value added risk-based approach and being trusted advisor in achieving strategic goals. Internal audit in public sector is a comparatively new practice in Turkey which became operative with the Public Financial Management and Control Law (No 5018) back in 2003 in order to ensure economic, efficient, effective utilization of public resources in line with the priorities and performance indicators of public administrations. After a short transition period, the public administrations have started to establish their internal audit functions with the full support of Internal Audit Coordination Board of Turkey based on IIA standards in such a tiny period of time. The major aim of this paper is to analyze the current state of public sector internal audit in Turkey and provide an example for the best practice. In this respect, internal audit function of the Turkish Ministry of Agriculture and Forest is chosen. This is because internal audit team of the Ministry uses a continuous auditing software which was developed in-house to conduct their audit plans, fieldworks and reports in digital. Firstly, the importance of continuous auditing and data analytics is explained based on relevant literature. Secondly, brief background information about the internal audit in Turkish public sector is given and internal audit function of the Ministry of Agriculture and Forestry is introduced shortly. Thirdly, the data, methodology and empirical results of the continuous auditing case of the Ministry is presented. In conclusion, policy recommendations are made based on empirical findings in order to contribute literature.

Anahtar Kelimeler

continous auditing, data analytics

Kaynakça

• Abdul Aziz, A., Amirah, M.N. and Syed Ahmad, S.N. (2010). "Fraud in Federal Statutory Bodies", 2010 International Conference on Financial Theory and Engineering. IEEE, 221–224. AICPA (2015). "Audit analytics and continuous audit: looking toward the future". AICPA, New York. Available at https://www.aicpa.org/InterestAreas/FRC/AssuranceAdvisoryServices/DownloadableDocuments/AuditAnalytics_LookingTowardFuture.pd AICPA (2017). “Blockchain Technology and Its Potential Impact on the Audit and Assurance Profession”, https://www.aicpa.org/content/dam/aicpa/interestareas/frc/assuranceadvisoryservices/downloadabledocuments/blockchain-technology-and-its-potential-impact-on-the-audit-and-assurance-profession.pdf Alles, Michael G.; Kogan, Alexander; Vasarhelyi, Miklos A. (2005). "Implications of section 201 of the Sarbanes-Oxley Act: the role of the audit committee in managing the informational costs of the restriction on auditors engaging in consulting". International Journal of Disclosure and Governance, v.2, n. 1, p. 9-26, feb. 2005. Alles, Michael G.; Brennan, Gerard; Kogan, Alexander; Vasarhelyi, Miklos A. (2006). "Continuous monitoring and business process controls: a pilot implementation of a continuous auditing system at Siemens". International Journal of Accounting Information Systems, v. 7, n. 2, p.137-161, jun. 2006. Alles MG, Kogan A, Vasarhelyi MA. (2008). "Putting continuous auditing theory into practice: Lessons from two pilot implementations". Journal of Information System. 2008;22:195–214. Aquino CE, Sigolo N, Vasarhelyi MA. (2008), "Six steps to an effective continuous audit process". Internal Auditor; February 2008. https://iaonline.theiia.org/six-steps-to-an-effective-continuous-audit-process Bierstaker, J. L., Burnaby, P., and Thibodeau, J. (2001). "The impact of information technology on the audit process: an assessment of the state of the art and implications for the future". Managerial Auditing Journal, 16(3), pp. 159–64. Bierstaker, J.L., Burnaby, P., and Hass, S. (2003). "Recent Changes in Internal Auditors' Use of Technology". Internal Auditing, 18.4, 39-45. Brown, C. E., Wong, J. A., and Baldwin, A. A. (2007). "A review and analysis of the existing research streams in continuous auditing". Journal of Emerging Technologies in Accounting, 4(1), pp. 1–28. Chan, D. Y., and Vasarhelyi, M. A. (2011). "Innovation and practice of Continuous Auditing". International Journal of Accounting Information Systems, 12(2), 152–160. CICA/AICPA. (1999). "Continuous Auditing Research Report". Canadian Institute for Chartered Accountant and American Institute of Certified Public Accountants. Chiu, V., Liu, Q., and Vasarhelyi, M. A. (2014). "The development and intellectual structure of continuous auditing research". Journal of Accounting Literature, 33(1-2), pp. 37–57. Coderre, D. (2005). "Global Technology Audit Guide (GTAG) 3: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment". Altamonte Springs, FL: IIA. Available at https://na.theiia.org/standards-guidance/recommended-guidance/practiceguides/ Pages/GTAG3.aspx, Coderre, D. (2006). "A continuous view of accounts". Internal Auditor, p. 25-31, apr. 2006. Committee of Sponsoring Organizations of the Treadway Commission (COSO). (2012). "Enhancing Board Oversight, Avoiding Judgment Traps and Biases", Thought Paper, March 2012, available at: http://www.coso.org/documents/coso-enhancingboardoversight_r8_web-ready%20(2).pdf David, J.S. and Steinbart, P.J. (2000). "Data Warehousing and Data Mining: Opportunities for Internal Auditors", Altamonte Springs, FL: The Institute of Internal Auditors Research Foundation. Davis, F.D. (1989). "Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology". MIS Quarterly, 13.3, 319-40. Davidson, B.I., Desai, N.K., and Gerard, G.J. (2013). "The effect of continuous auditing on the relationship between internal audit sourcing and the external auditor's reliance on the internal audit function". Journal of Information Systems, 27(1), pp. 41–59. Deloitte. (2016). "Evolution or irrelevance, internal audit at a crossroads", Global Chief Audit Executive Survey. Available at https://www2.deloitte.com/content/dam/Deloitte/ca/Documents/risk/ca_en_risk_Deloitte_Canadian_perspectives_from_Deloitte_Global_CAE_survey.pdf, Doumpos M, Gaganis C, Pasiouras F. (2005). "Explaining qualifications in audit reports using a support vector machine methodology". Intelligent Systems in Accounting Finance & Management. 2005;13(4):197215. Dopuch N, Holthausen RW, Leftwich RW. (1987). "Predicting audit qualifications with financial and market variables". Accounting Review. 1987;62(3): 431454. Du and Roohani (2007). "Meeting Challenges and Expectations of Continuous Auditing in the Context of Independent Audits of Financial Statements", International Journal of Auditing, 11 (2), pp. 133–146. Elliott R.K. (1998). "Assurance services and the audit heritage". CPA Journal, 1998; 68(6):40. Eulerich, M., Jochen, J., Patrick, V., and Stiglbauer, M. (2013). "Self-perception of the internal audit function within the corporate governance system - empirical evidence for the European union", Problems and Perspectives in Management, 11, pp. 57–72. Flowerday, Stephen; Blundell, A. W.; Von Solms, Rossouw. (2006). "Continuous auditing technologies and models: a discussion". Computers & Security, v. 25, n. 5, p.325-31, jul. 2006 Gramling, A. A., Maletta, M. J., Schneider, A., and Church, B. K. (2004). "The role of the internal audit function in corporate governance: A synthesis of the extant internal auditing literature and directions for future research". Journal of Accounting Literature, 23, pp. 194–244. Groomer, S. M., and U. S. Murthy. (1989). "Continuous auditing of database applications: An embedded audit module approach". Journal of Information Systems 3 (2): 53–69. Gonzalez, G. C., Sharma, P. N., and Galletta, D. (2012a). "Factors influencing the planned adoption of continuous monitoring technology". Journal of Information Systems, 26(2), pp. 53–69. Gonzalez, G. C., Sharma, P. N., and Galletta, D.F. (2012b). "The antecedents of the use of continuous auditing in the internal auditing context". International Journal of Accounting Information Systems, 13(3), pp. 248–262. Hardy, Anne C. (2014). "The Messy Matters of Continuous Assurance: Findings from Exploratory Research in Australia", Journal of Information Systems, American Accounting Association, 28 (2), pp. 357–377. Hardy, C. A. and Laslett, G. (2015). "Continuous auditing and monitoring in practice: lessons from Metcash's business assurance group". Journal of Information Systems, 29(2), pp. 183–194. The Institute of Internal Auditors (IIA). (2015). Global Technology Audit Guide, Continuous Auditing: Coordinating Continuous Auditing and Monitoring to Provide Continuous Assurance – 2nd Edition, The Institute of Internal Auditors, Altamonte Springs. ISACA. (2002), "Continuous Auditing: Is it fantasy or reality". Information Systems Control Journal. 2002;5. Hoitash, R., A. Kogan, and M. Vasarhelyi. (2006). "Peer‐Based Approach for Analytical Procedures". Auditing A Journal of Practice & Theory. 25 (2) 53-84. Hunton, J., Wright, A. & Wright, S. (2003)."The Supply and Demand for Continuous Reporting". Trust and Data Assurances in Capital Markets: The Role of Technology Solutions. Roohani, S.J. (Ed.) New York: Research Monograph funded by PriceWaterhouseCoopers LLP. Kiesow, A., Schomaker, T., and Thomas, O. (2016). "Transferring Continuous Auditing to the Digital Age – The Knowledge Base after Three Decades of Research". Twenty-Fourth European Conference on Information Systems (ECIS), 1–18. Kirkos E, Spathis C, Manolopoulos Y. (2007). "Data mining techniques for the detection of fraudulent financial statements". Expert System with Applications 2007;32(4):995-1003. Kirkos E, Spathis C, Manolopoulos Y. (2010). "Audit-firm group appointment: an artificial intelligence approach". Intelligent Systems in Accounting, Finance and Management 2010;17(1):117. Kotsiantis S, Koumanakos E, Tzelepis D, Tampakas V. (2007). Forecasting Fraudulent Financial Statements using Data Mining. International Journal of Computational Intelligence 2007;3(2). Kogan A, Vasarhelyi MA, Wu J. (2010). "Continuous Data Level Auditing Using Continuity Equations". Working paper, Rutgers Business School; 2010. http://raw.rutgers.edu/docs/Innovations/Continuity%20Equations.pdf KPMG (2012). "Leveraging data analytics and Continuous Auditing processes for improved audit planning, effectiveness and efficiency", available at http://www.kpmg.com/us/en/issuesandinsights/articlespublications/documents/data-analytics-continuous-auditing.pdf KPMG (2015). "Internal Audit: Top 10 key risks in 2015", available at: https://www.kpmg.com/US/en/IssuesAndInsights/ArticlesPublications/Documents/top-10-considerations-internal-audit-2015.pdf Marques, R. P., et al. (2013). "A Conceptual Model for Evaluating Systems with Continuous Assurance Services." Procedia Technology 9: 304-309. Martens D, Bruynseels L, Baesens B, Willekens M, Vanthienen J. (2008). "Predicting going concern opinion with data mining". Decision Support Systems. 2008;45(4):765-777. Md Ali, A., Ahmi, A., Ali, A., Ghazali, M., Gloeck, J. and Lee, T. (2009). "Internal audit in the federal organizations of Malaysia: Is there light at the end of the long dark tunnel?", Southern African Journal of Accountability and Auditing Research, 9 (2), 23–38. Min JH, Lee Y-C. (2005). "Bankruptcy prediction using support vector machine with optimal choice of kernel function parameters". Expert Syst Appl 2005;28(4):603-614. Menon, K., & Williams, D. D. (2001). "Long-term trends in audit fees". Auditing: A Journal of Practice & Theory, 20(1), 115–136. Murcia Dal-Ri, Fernando; Cruz De Souza, Flávia and Alonso Borba, José. (2008). "Continuous Auditing: A Literature Review", Organizações em contexto, 4 (7), pp. 1–17. Nakamoto, S. (2008). “Bitcoin: A Peer-to-Peer Electronic Cash System”. http://ecee.colorado.edu/~ekeller/classes/fall2014_advsec/papers/bitcoin.pdf
• Nigrini, M.J. (2002). "Analysis of Digits and Number Patterns". Fraud Examination for Managers and Auditors, Robertson, J. C. (Ed.), Austin, Texas: Atex Austin, Inc., 495-518. O’Reilly, Anthony. (2006). "Continuous auditing: wave of the future?". Corporate Board, p. 24-6, set./oct. 2006. Pathak, Jagdish; Chaouch, Ben; Sriram, Ram. (2005), "Minimizing cost of continuous audit: counting and time dependent strategies". Journal of Accounting and Public Policy, v. 24, n. 1, p. 61-75, jan./feb. 2005. Power, M. (1997). The audit society: rituals of verification. Oxford Press, Oxford. Protiviti. (2016). "Arriving at internal audit’s tipping point amid business transformation". Available at https://www.protiviti.com/sites/default/files/united_states/insights/2016-internal-audit-capabilities-and-needs-survey-protiviti.pdf. PricewaterhouseCoopers (PwC). (2006). "State of the internal audit profession study: Continuous auditing gains momentum". Available at https://www.pwc.com/us/en/internalaudit/assets/state_internal_audit_profession_study_06.pdf PricewaterhouseCoopers (PwC). (2014), "State of the Internal Audit Profession Study", available at: https://www.pwc.com/m1/en/publications/documents/pwc-state-of-the-internal-audit-profession-2014.pdf Porter, Brenda; Simon, Jon; Hatherly, David. (2003). Principles of external auditing. Indianapolis: Editora Wiley, 2003. Pushkin, A.B. (2003). "Comprehensive Continuous Auditing: The Strategic Component". Internal Auditing, 18.1, 26-33. Public Financial Management and Control Law No. 5018 (2003), http://kontrol.bumko.gov.tr/Eklenti/5373,5018pdf.pdf?0 Rezaee, Zabihollah; Elam, Rick; Sharbatoghlie, Ahmad. (2001). "Continuous auditing: the audit of the future". Managerial Auditing Journal, v. 16, n. 3, p. 150-8. 2001. Rogers, E.M. (2003). Diffusion of Innovations, 5th ed., New York: Free Press. Rutger van Hillo, H. W. (2016). "Continuous Auditing & Continuous Monitoring: Continuous Value?" 2016 IEEE tenth international conference on research challenges in information science (RCIS). Searcy, Dewayne L. and Woodroof, Jon B. (2003). "Continuous auditing: leveraging technology". The CPA Journal, v. 73, n. 5, p. 46-8, may 2003. Sung TK, Chang N, Lee G. (1999). "Dynamics of modeling in data mining: interpretive approach to bankruptcy prediction". Journal of Management Information System. 1999;16(1): 6385. Subhani, S. (2013). "Continuous Audit - An Evolving Paradigm for Real Time Assurance." Business Journal for Entrepreneurs, 2013(3): 130-137. Stringer K.W., Stewart T.R. (1986). Statistical techniques for analytical review in auditing. New York: Wiley; 1986. Rikhardsson, P. and R. Dull (2016). "An Exploratory Study of the Adoption, Application and Impacts of Continuous Auditing Technologies in Small Businesses". International Journal of Accounting Information Systems. Vol. 20. pp. 26-37. Tam KY. (1991). "Neural network models and the prediction of bank bankruptcy". Omega .1991;19(5): 429445. Vasarhelyi M.A., Halper F.B. (1991). "The continuous audit of online systems". A Journal of Practice & Theory, 1991;10(1):110–25. https://www.researchgate.net/profile/Miklos_Vasarhelyi/publication/255667612_The_Continuous_Audit_of_Online_Systems/links/5410341a0cf2f2b29a3f4fbf/The-Continuous-Audit-of-Online-Systems.pdf?origin=publication_detail Vasarhelyi, M. A. (2002). Concepts in continuous assurance. In S. Sutton & V. Arnold (Eds.), Researching accounting as an information systems discipline. Sarasota, FL: American Accounting Association Vasarhelyi Miklos A., Michael G. Alles, and Alexander Kogan (2004). "Principles of Analytic Monitoring for Continuous Assurance". Journal of Emerging Technologies in Accounting: December 2004, Vol. 1, No. 1, pp. 1-21. Vasarhelyi MA, Kuenkaikaew S. (2010). "Continuous auditing and continuous control monitoring: case studies from leading organizations": Rutgers Business School, Rutgers Accounting Research Center; 2010. Vasarhelyi, M. A., Alles, M. G., Kuenkaikaew, S., and Littley, J. (2012) "The acceptance and adoption of continuous auditing by internal auditors: A micro analysis". International Journal of Accounting Information Systems, 13(3), pp. 267–281. Vasarhelyi, M. A., et al. (2015). "Big Data in Accounting: An Overview." Accounting Horizons 29(2): 381-396 Vandervelde SD. (2006). "The importance of account relations when responding to interim audit testing results". Contemporary Accounting Research. 2006; Vol.23:789821 Canadian Academic Accounting Association. Yermack, D. (2017). “Corporate Governance and Blockchains”, Review of Finance, Volume 21, Issue 1, 1 March 2017, Pages 7–31. Warren Jr, J. D., Moffitt, K., and Byrnes, P. (2015). "How big data will change accounting". Accounting Horizons, 29(2), pp. 397–407. Wu C-H, Tzeng G-H, Goo Y-J, Fang W-C. (2007). "A real-valued genetic algorithm to optimize the parameters of support vector machine for predicting bankruptcy". Expert Systems with Applications. 2007;32(2):397-408.