Audit transformation: Automation is one small step in the journey

Hosted by Neil Amato

Transformation of the audit goes beyond simply automating rote tasks, as Amy Pawlicki, vice president–Assurance and Advisory Innovation at the Association of International Certified Professional Accountants, explains in this episode.

She details some of the ways that audits can be more data driven while still complying with standards.

The interview with Pawlicki is part four of a series on audit evolution in action. Here are links to the previous three parts:

Also, get caught up on several news items covered recently by the Journal of Accountancy:

What you'll learn from this episode:

  • Pawlicki's definition of a data-driven audit.
  • How a data-driven audit can help identify and manage risks.
  • An overview of the Dynamic Audit Solution (DAS).
  • Why Pawlicki says that automation is "one small piece" of audit transformation.

Play the episode below or read the edited transcript:

To comment on this episode or to suggest an idea for another episode, contact Neil Amato at


Neil Amato: Welcome to the Journal of Accountancy podcast. This is your host, Neil Amato. In this episode, we have part of a continuing series on the transformation of auditing and the opportunities in that realm. We will also share coverage related to a report on IRS processes, a proposal by the AICPA Auditing Standards Board, and more news. That's all coming up after this brief sponsor message.

[Ramp ad]

Amato: Welcome back to the Journal of Accountancy podcast. This is part four of an ongoing series on the podcast. The series is about audit evolution in action. Today's guest is Amy Pawlicki. Amy is the vice president–Assurance and Advisory Innovation at the Association of International Certified Professional Accountants. Amy, thank you for being on the podcast. First, why in your mind does the audit need to be transformed? What specifically about auditing needs to be transformed?

Amy Pawlicki: Whenever I talk about this topic, I like to address it more in terms of the opportunity than the need. I think firms are out there today performing quality audits every day, and that's great. They're also making a lot of progress in terms of utilizing new tools and integrating data analytics and other opportunities into the process to help them continuously adapt audits and leverage technology. But I do think there's a tremendous opportunity to go further than we've gone today.

When you think about the audits that are done today and the methodology that's used today or followed today by most firms, much of it was developed many years ago, long before firms had access to the technology that they have today in terms of computing power.

By computing power, I mean, processing power, the ability to use large quantities of data, analyze large quantities of data, and also storage. We didn't use to have the cloud storage that we have today. That represents a tremendous opportunity to transform methodology, to take advantage of and maximize what technology can do for us today.

Amato: You touched on those technology advancements and some of the opportunities they present. What are some of the opportunities in the area of client expectations and then also on the staffing and skill set front?

Pawlicki: To me, I think a lot of people maybe view this as a challenge, especially in terms of what's needed from a staffing perspective, but I actually think it's one of the most exciting things about the potential to transform the audit, that we can do a better job of supporting clients and client collaboration and the client experience through the audit by having more efficient connectivity and communications with the client throughout the process of the audit.

It's no longer the days where you're going into their office and holing up for weeks on end and going through file cabinets. The audit is done very differently today, and thank goodness, as we've gone through COVID, for example, that we have the ability to do remote audits where necessary, again, using technology. But it's not just a matter of being able to be remote, it's a matter of making the process more efficient and enjoyable for the clients.

Also in terms of the auditor experience, those same benefits that accrue to the client can also accrue to the staff auditor conducting the audit. We are hearing from a lot of new auditors entering the field that they really enjoy the incorporation of things like audit analytics into the process that enable them to dig deeper and to add more value and insight to their clients.

That's something that, yes, it requires additional analytical skill sets above and beyond what an auditor would have traditionally had, although I would argue auditors have always had statistical backgrounds that lend themselves to analytics. But today, definitely those needs are deeper. But I think that's also more exciting to new and younger auditors coming into the profession to actually attract them to the job and make it more exciting and something that they're more interested in pursuing from a career perspective.

Amato: In a pre-call, you said, "Most firms' methodology is checklist driven, not data driven." What do you mean by that?

Pawlicki: I think a lot of firms, as they're starting to incorporate data analytics into audits, they're trying to get to a place that is more data driven. They're trying to actually use the client data, and sometimes, in some cases, even external data, to help them understand risks with their client.

Historically, firms got to a place where they were more or less following the same approach as last year, you'll hear the term SALY, which means same as last year, where they would pick up last year's file, look at that, and then look at this year's data, and try to figure out if anything has changed. But that's not really a truly data-driven approach where you're bringing data analytics into the process from the very beginning, from risk assessment, even from the perspective of understanding the entity and its environment and using that data throughout the process repeatedly in an iterative way.

You're not just going through each phase of the audit in a linear way using data analytics in a particular spot and not in another spot. What we're trying to get to is a place where you're doing procedures throughout the audit to assess risk and respond to risk, and part of that is the integration of data analytics. Data analytics are essentially a set of procedures that you can use to understand what's happening at the client. That is really what we're driving towards and what we mean when we say data driven. I think a lot of people look at the audit as something that's compliance driven.

We are certainly all for doing an audit in compliance with the standards. The spirit of the standards and the objectives of the standards are right on point in terms of helping you to deliver a quality audit. But you can't achieve that through a checklist. You actually achieve that by doing things that help you identify and respond to relevant risks. That really is the focus of what we're trying to accomplish through the Dynamic Audit Solution, or DAS, which is a technology-enabled tool that the AICPA is working on together with and software provider CaseWare to help actually enable a technology-driven methodology in a workflow tool to help auditors implement that new methodology.

Amato: You use that word "methodology," you use the acronym DAS, Dynamic Audit Solution. What's different about the Dynamic Audit Solution methodology?

Pawlicki: A second ago, I just talked about the focus being on relevant risk, so not just the risks you saw last year. There may be some of the same risks that were in play last year, but there might be different risks. Things might have changed. You might have different suppliers, you might have a different customer base. There are lots of things that can change.

When you think about the COVID, post-COVID world that we live in today, supply chain is a huge issue. There are likely risks that have come into play as a result of that that weren't there last year or two years ago or three years ago. The focus of DAS is really on risk identification and assessment. What's different about DAS is instead of just thinking about risk at the assertion or the financial statement, line-item level, DAS looks at risk at the individual risk level. That is essential for really understanding and honing in on and doing assessment of what are the most relevant risks and responding to those risks. That is different and it does require a little extra work on the front end in terms of identifying individual risks.

But what it enables down the line is that truly data-driven audit where you are analyzing and responding to risks at the individual risk level. And as you're learning things throughout that data-driven audit, you're able to dive deeper and deeper into the areas where you see potential risk. You're truly using the data to drive auditor actions and steps throughout the process.

Amato: What do you think is different about DAS from other solutions as far as how it will benefit firms and clients?

Pawlicki: There's a couple things that are different. Well, probably more than a couple. There are a couple primary things that are different about the Dynamic Audit Solution, and truly different. First of all, there are a lot of great apps out there today that help auditors with certain aspects of the financial statement audit.

For example, there are great analytics tools. Many of them are starting to incorporate machine learning. Many of them incorporate technologies like robotic process automation to help automate rote or repetitive tasks so that humans can spend their time on the higher value, more analytic activities. Those things are all super important. They're all super valuable.

But DAS isn't just about automating what we've always done. It goes further to maximize the potential of technology to add additional value and bring additional insight to the audit and really enhance audit quality. That's a major difference. Not just automation, but actually transforming how we go about conducting the audit to really drive quality. Certainly, automation is part of that, but it's one small piece.

Another thing that's different is that most workflow tools, which DAS is a complete end-to-end audit workflow tool, don't incorporate these other apps that support things like data integration, data ingestion, and export. If you're trying to actually bring in data to analyze it, you may need a separate app to help you with that process. DAS is being built to help facilitate that because it's critical to the methodology and to the functioning of the tool.

Another example is analytics. Most analytics tools are sort of bolt-on, where you'll export the data out, do some analytics, bring the information back in, and try to integrate it into your workflow. With DAS, the data analytics are actually procedures that are suggested as you go through the process of the audit. They are legitimately integrated with the workflow in a very direct way, which is very different. The DAS audit workflow tool actually incorporates a lot of these different functions that firms today are having to look to other apps to be able to leverage.

Finally, the most different thing about DAS is that it has a tremendous amount of knowledge built into it to help guide the auditor in completing an efficient and quality audit.

What I mean by that is we are actually structuring and standardizing not only the data that's coming in, client data or external data that's being used for analytics, but also the auditor knowledge that accumulates through the process of actually conducting the audit.

By structuring all that and linking it all together, we are actually enabling the tool to make suggestions that guide the auditor through the process based on what the data is telling them. No one has ever done that before in a fully integrated fashion, and if you think about it, not only is that important to accomplishing a data-driven audit, it's also critical to being able to use artificial intelligence in a really meaningful way.

Specifically, I'm talking about machine learning, where as you build up data and auditor knowledge, eventually, you get to a point where not only are you using auditor insight as part of the process and benefiting from the auditor on the job, you can actually leverage the insight of multiple auditors and multiple audits through the use of machine learning.

You'll never get there if you don't structure the data and the knowledge to that level of specificity, but by building that infrastructure, we enable that bonus of bringing in artificial intelligence down the line, which really amplifies our potential of driving a more efficient and higher quality audit through the incorporation of the artificial intelligence and specifically machine learning.

We don't need that right away to benefit. Even from the earliest versions, that knowledge and that integration will benefit a guided audit. But again, once you build that infrastructure, you have the potential to amplify that benefit exponentially over time.

Just like if you think about the way that artificial intelligence has been used in other professions, like the medical profession. A doctor only has the benefit of their own experience, but through the use of a tool like Watson, you can benefit from the experience of thousands of doctors and thousands of diagnoses to better pinpoint what an appropriate diagnosis might be.

We have the same potential for the financial statement audit, but we can't get there unless we have structured standardized data similar to what you might see in medical files historically, which is why that profession has been enabled to use artificial intelligence so effectively.

Amato: That's a really good comparison. Amy, thank you very much.

Pawlicki: Thank you so much for having me. This is one of my favorite topics to talk about. After many years of having worked on it, I am super excited to see all the progress that's happening in the industry among firms and especially with the work that we're doing through the Dynamic Audit Solution.

Amato: In other news, Paul Bonner of the Journal of Accountancy has coverage of a recent report that takes a closer look at IRS processes. The pandemic and changes to laws were primarily responsible for the IRS failing to meet timeline standards for a majority of taxpayers' cases last year, but it was inefficiencies in staffing, equipment, and procedures that also made the backlog worse. That's one conclusion of an audit report by the Treasury Inspector General for Tax Administration, or TIGTA. You can find a link to that coverage on or in this episode's show notes.

And the Office of Management and Budget on Monday released the Biden administration's budget proposal for the federal government for fiscal year 2023. Among the provisions in that budget are a higher corporate tax rate, 28% instead of the current 21%, as well as a 20% billionaire minimum income tax on realized and unrealized gains and other income. Visit for more on that story.

Also, the AICPA Auditing Standards Board is seeking comments on a proposed Statement on Auditing Standards that seeks to strengthen the auditor's approach to planning and performing group audits and to improve the quality of such audits. Jeff Drew of the JofA has that story.

And, finally, Ken Tysiac has an article on how the wait is finally over for not-for-profits when it comes to implementing FASB's lease accounting standard. According to the article, organizations that have multiple buildings or a fleet of vehicles may face challenges in implementation, especially if they elected to put off implementation until now. That article and all the other content mentioned can be found on the Journal of Accountancy's website. We will also include links in this episode's show notes.

Thanks for listening to the Journal of Accountancy podcast.