This study develops a framework for a continuous data level auditing system and uses a large sample of procurement data from a major health care provider to simulate an implementation of this framework. In this framework, the first layer monitors compliance with deterministic business process rules and the second layer consists of analytical monitoring of business processes. A distinction is made between exceptions identified by the first layer and anomalies identified by the second one. The unique capability of continuous auditing to investigate (and possibly remediate) the identified anomalies in “pseudo-real time” (e.g., on a daily basis) is simulated and evaluated. Overall, evidence is provided that continuous auditing of complete population data can lead to superior results, but only when audit practices change to reflect the new reality of data availability.
Data Availability: The data are proprietary. Please contact the authors for details.