Auditor Struggles, Part 1

Some auditors struggle with basic auditing. So when these auditors try to data analysis, well you can imagines how that goes.

I recently met with a team of auditors to give them input on what data profiling would be appropriate to perform. And what analytics might be insightful.

This is Part 1 of a 4-part Case File series that describes how real auditors tried to apply questionable methods to auditing and data profiling. Do not try these methods at home or work. Don’t even dream about them, awake or asleep. 

Continue reading →

Advertisements

xLookup Coming to Excel Near You!

Microsoft announced that they are adding a big brother to vLookup named xLookup.

The best things about xLookup: 1) it fixes some of the limitations of vLookup, 2) it is easy to understand and use, and 3) it replaces hLookup also.

Also, vLookup and hLookup are not going anyway, so if any of your colleagues struggle to learn new things, they can continue to use them as is.

Continue reading →

A Sneaky Way to Analyze IT Controls

When auditors need to identify and understand IT controls, they search the company intranet, review policies, look for Github repositories, review inventories, schedule meetings, and analyze IT asset data.

I stumbled on a better way to get insight into the IT controls in my company, and I didn’t have to email anyone, do any research, or frankly, anything outright. The IT controls came after me.

Fortunately, the IT controls were blind to the fact that I am an IT auditor. To them, I was just an ordinary bloke. But that didn’t last long (more on that later).

It Began a Few Years Back

It all started a couple years ago when I was building the infrastructure required to support our data analytic efforts in internal audit.

Continue reading →

Before You Analyze Data

Before you start analyzing data, you need to 1) know you have the right data, and 2) understand the data and the process that produced it.

This post assumes, of course, that you already accomplished some of the hardest tasks already: figuring out what data you need, where to get it, and actually getting the data. Good luck with that. :)

This post is part of the Excel: Basic Data Analytic series.

Continue reading →

How to Profile Data

Before you analyze data, you should profile it.

Otherwise, your analysis may not be too broad, too narrow, or you may miss some important insights or errors.

This post is part of the Excel: Basic Data Analytic series.

Data profiling is developing a profile of your data, just as facial profiles of a person, taken from various angles, helps you size up a person’s nose, identify whether his chin is sagging, and how far apart the person’s eyes are.

Continue reading →

Is ACL Analytics Dying?

I fear that ACL Analytics is dying, and has been as long as I’ve been ranting about it.

Making Laurie Schultz their CEO helped, but I don’t think it has been enough.

NOTE: I wrote this well over a month ago, long before I posted the ACL Officially Changes Name & Spots post; I just got sidetracked and forgot about this post. I stumbled across it today in my Drafts folder. I decided to publish it ‘posthumously’ (so to speak) to show 1) how much I’m agonizing over ACL’s direction, 2) how I’ve always felt about ACL’s software, and 3) provide some balance to my previous post.

Continue reading →

Quote of the Weak – Clean Data Manually

If you are in IT, audit, or security (or any other job requiring data analysis), you should NOT be cleaning data manually.

Let me share a recent experience with you….

A young IT auditor texted me at work and asked for some Active Directory user account data that I capture automatically every week, using some scheduled ACL scripts.

If you’re not familiar with my ‘Quote of the Weak’ series, I described it briefly in About. For a list of posts in this series, see here.

Continue reading →