In 2015, Hewlett-Packard Co. (HP) adopted a continuous auditing and continuous monitoring strategy, resulting in improved performance in several key areas.
Problem: Initially HP cited the frequency and volume of manual journal entries as the key reason to initiate CA and CM. Over time the company expanded its application and discovered additional risks.
Goals: HP executives sought to discover the nature of the journal entries in order to reduce the associated risks and to create standardized procedures for entries in the future.
Rationale: Management validated its decision to implement CA and CM by highlighting shortened response time in discovering risk and in implementing corrective action, and subsequent conservation of valuable resources.
Areas of Focus: CA and CM were successful in identifying risks in Accounting, Regulatory Reporting, Compensation, Warranties, and Expense Reports.
- Isolated journal entry outliers based on predetermined criteria, revealing high-risk accounts, unauthorized users, and entries with missing explanations.
- Simplified regulatory reporting by comparing changes to a predefined threshold and automating the decision to further examine.
- Identified commissions and bonuses that did not parallel with performance, and revealed high-risk compensation practices, such as paying bonuses in advance.
- Monitored individual engineers’ product warranty activity to detect potential fraud, including products returned with quantity or value inconsistencies or parts returned that were different than shipped.
- Uncovered discrepancies and fraud in employee expense reporting by flagging key words (like, “premium” or “upgrade”) and identifying unreported personal expenses resulting in higher credit card balance fees.