Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise
Descripción del Articulo
Purpose: The technical feasibility of using Benford's law to assist internal auditors in reviewing the integrity of high-volume data sets is analysed. This study explores whether Benford's distribution applies to the set of numbers represented by the quantity of records (size) that compris...
| Autores: | , , |
|---|---|
| Formato: | artículo |
| Fecha de Publicación: | 2022 |
| Institución: | Universidad ESAN |
| Repositorio: | ESAN-Institucional |
| Lenguaje: | inglés |
| OAI Identifier: | oai:repositorio.esan.edu.pe:20.500.12640/3019 |
| Enlace del recurso: | https://revistas.esan.edu.pe/index.php/jefas/article/view/605 https://hdl.handle.net/20.500.12640/3019 https://doi.org/10.1108/JEFAS-07-2021-0113 |
| Nivel de acceso: | acceso abierto |
| Materia: | Internal audit Benford’s law Relational databases Argentina Latin America ERP Audit data analytics Audit trail analysis Inherent risk State-owned enterprise (SOE) Auditoría interna Ley de Benford Bases de datos relacionales América Latina Análisis de datos de auditoría Análisis de seguimiento de auditoría Riesgo inherente Empresa de propiedad estatal (SOE) https://purl.org/pe-repo/ocde/ford#5.02.04 |
| id |
ESAN_bd40589b515a86e89e378a3e03b37afa |
|---|---|
| oai_identifier_str |
oai:repositorio.esan.edu.pe:20.500.12640/3019 |
| network_acronym_str |
ESAN |
| network_name_str |
ESAN-Institucional |
| repository_id_str |
4835 |
| dc.title.en_EN.fl_str_mv |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise |
| title |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise |
| spellingShingle |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise Morales, Héctor Rubén Internal audit Benford’s law Relational databases Argentina Latin America ERP Audit data analytics Audit trail analysis Inherent risk State-owned enterprise (SOE) Auditoría interna Ley de Benford Bases de datos relacionales Argentina América Latina ERP Análisis de datos de auditoría Análisis de seguimiento de auditoría Riesgo inherente Empresa de propiedad estatal (SOE) https://purl.org/pe-repo/ocde/ford#5.02.04 |
| title_short |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise |
| title_full |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise |
| title_fullStr |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise |
| title_full_unstemmed |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise |
| title_sort |
Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise |
| author |
Morales, Héctor Rubén |
| author_facet |
Morales, Héctor Rubén Porporato, Marcela Epelbaum, Nicolas |
| author_role |
author |
| author2 |
Porporato, Marcela Epelbaum, Nicolas |
| author2_role |
author author |
| dc.contributor.author.fl_str_mv |
Morales, Héctor Rubén Porporato, Marcela Epelbaum, Nicolas |
| dc.subject.en_EN.fl_str_mv |
Internal audit Benford’s law Relational databases Argentina Latin America ERP Audit data analytics Audit trail analysis Inherent risk State-owned enterprise (SOE) |
| topic |
Internal audit Benford’s law Relational databases Argentina Latin America ERP Audit data analytics Audit trail analysis Inherent risk State-owned enterprise (SOE) Auditoría interna Ley de Benford Bases de datos relacionales Argentina América Latina ERP Análisis de datos de auditoría Análisis de seguimiento de auditoría Riesgo inherente Empresa de propiedad estatal (SOE) https://purl.org/pe-repo/ocde/ford#5.02.04 |
| dc.subject.es_ES.fl_str_mv |
Auditoría interna Ley de Benford Bases de datos relacionales Argentina América Latina ERP Análisis de datos de auditoría Análisis de seguimiento de auditoría Riesgo inherente Empresa de propiedad estatal (SOE) |
| dc.subject.ocde.none.fl_str_mv |
https://purl.org/pe-repo/ocde/ford#5.02.04 |
| description |
Purpose: The technical feasibility of using Benford's law to assist internal auditors in reviewing the integrity of high-volume data sets is analysed. This study explores whether Benford's distribution applies to the set of numbers represented by the quantity of records (size) that comprise the different tables that make up a state-owned enterprise's (SOE) enterprise resource planning (ERP) relational database. The use of Benford's law streamlines the search for possible abnormalities within the ERP system's data set, increasing the ability of the internal audit functions (IAFs) to detect anomalies within the database. In the SOEs of emerging economies, where groups compete for power and resources, internal auditors are better off employing analytical tests to discharge their duties without getting involved in power struggles. Design/methodology/approach: Records of eight databases of an SOE in Argentina are used to analyse the number of records of each table in periods of three to 12 years. The case develops step-by-step Benford's law application to test each ERP module records using Chi-squared (χ²) and mean absolute deviation (MAD) goodness-of-fit tests. Findings: Benford's law is an adequate tool for performing integrity tests of high-volume databases. A minimum of 350 tables within each database are required for the MAD test to be effective; this threshold is higher than the 67 reported by earlier researches. Robust results are obtained for the complete ERP system and for large modules; modules with less than 350 tables show low conformity with Benford's law. Research limitations/implications: This study is not about detecting fraud; it aims to help internal auditors red flag databases that will need further attention, making the most out of available limited resources in SOEs. The contribution is a simple, cheap and useful quantitative tool that can be employed by internal auditors in emerging economies to perform the first scan of the data contained in relational databases. Practical implications: This paper provides a tool to test whether large amounts of data behave as expected, and if not, they can be pinpointed for future investigation. It offers tests and explanations on the tool's application so that internal auditors of SOEs in emerging economies can use it, particularly those that face divergent expectations from antagonist powerful interest groups. Originality/value: This study demonstrates that even in the context of limited information technology tools available for internal auditors, there are simple and inexpensive tests to review the integrity of high-volume databases. It also extends the literature on high-volume database integrity tests and our knowledge of the IAF in Civil law countries, particularly emerging economies in Latin America. |
| publishDate |
2022 |
| dc.date.accessioned.none.fl_str_mv |
2022-07-12T14:50:12Z |
| dc.date.available.none.fl_str_mv |
2022-07-12T14:50:12Z |
| dc.date.issued.fl_str_mv |
2022-07-08 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/article |
| dc.type.version.none.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.other.none.fl_str_mv |
Artículo |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
https://revistas.esan.edu.pe/index.php/jefas/article/view/605 |
| dc.identifier.citation.none.fl_str_mv |
Morales, H. R., Porporato, M., & Epelbaum, N. (2022). Benford’s law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise. Journal of Economics, Finance and Administrative Science, 27(53), 154–174. https://doi.org/10.1108/JEFAS-07-2021-0113 |
| dc.identifier.uri.none.fl_str_mv |
https://hdl.handle.net/20.500.12640/3019 |
| dc.identifier.doi.none.fl_str_mv |
https://doi.org/10.1108/JEFAS-07-2021-0113 |
| url |
https://revistas.esan.edu.pe/index.php/jefas/article/view/605 https://hdl.handle.net/20.500.12640/3019 https://doi.org/10.1108/JEFAS-07-2021-0113 |
| identifier_str_mv |
Morales, H. R., Porporato, M., & Epelbaum, N. (2022). Benford’s law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise. Journal of Economics, Finance and Administrative Science, 27(53), 154–174. https://doi.org/10.1108/JEFAS-07-2021-0113 |
| dc.language.none.fl_str_mv |
Inglés |
| dc.language.iso.none.fl_str_mv |
eng |
| language_invalid_str_mv |
Inglés |
| language |
eng |
| dc.relation.ispartof.none.fl_str_mv |
urn:issn:2218-0648 |
| dc.relation.uri.none.fl_str_mv |
https://revistas.esan.edu.pe/index.php/jefas/article/view/605/501 |
| dc.rights.en.fl_str_mv |
Attribution 4.0 International |
| dc.rights.es_ES.fl_str_mv |
info:eu-repo/semantics/openAccess |
| dc.rights.uri.none.fl_str_mv |
https://creativecommons.org/licenses/by/4.0/ |
| rights_invalid_str_mv |
Attribution 4.0 International https://creativecommons.org/licenses/by/4.0/ |
| eu_rights_str_mv |
openAccess |
| dc.format.es_ES.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
Universidad ESAN. ESAN Ediciones |
| dc.publisher.country.none.fl_str_mv |
PE |
| publisher.none.fl_str_mv |
Universidad ESAN. ESAN Ediciones |
| dc.source.none.fl_str_mv |
reponame:ESAN-Institucional instname:Universidad ESAN instacron:ESAN |
| instname_str |
Universidad ESAN |
| instacron_str |
ESAN |
| institution |
ESAN |
| reponame_str |
ESAN-Institucional |
| collection |
ESAN-Institucional |
| bitstream.url.fl_str_mv |
https://repositorio.esan.edu.pe/bitstreams/fb8fbd2f-8dcb-4e83-8e71-119cd79628a1/download https://repositorio.esan.edu.pe/bitstreams/b0aa0385-513d-4c14-9951-ef958754b0f7/download https://repositorio.esan.edu.pe/bitstreams/5e50addf-7f31-4135-a0dd-36a536a069f7/download https://repositorio.esan.edu.pe/bitstreams/46204f4a-0d02-4fcf-bb2f-4bf7a4b81726/download |
| bitstream.checksum.fl_str_mv |
8064f21ba03874ff9a9fd0d814179e3d 25b59ebc808d89bbe70148ce1c29b013 e1792381444eb3292d45fa6cc3aa4812 24a5a5a85823813fbb167a812f1ad7b8 |
| bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 MD5 MD5 |
| repository.name.fl_str_mv |
Repositorio Institucional ESAN |
| repository.mail.fl_str_mv |
repositorio@esan.edu.pe |
| _version_ |
1843261692028387328 |
| spelling |
Morales, Héctor RubénPorporato, MarcelaEpelbaum, Nicolas2022-07-12T14:50:12Z2022-07-12T14:50:12Z2022-07-08https://revistas.esan.edu.pe/index.php/jefas/article/view/605Morales, H. R., Porporato, M., & Epelbaum, N. (2022). Benford’s law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterprise. Journal of Economics, Finance and Administrative Science, 27(53), 154–174. https://doi.org/10.1108/JEFAS-07-2021-0113https://hdl.handle.net/20.500.12640/3019https://doi.org/10.1108/JEFAS-07-2021-0113Purpose: The technical feasibility of using Benford's law to assist internal auditors in reviewing the integrity of high-volume data sets is analysed. This study explores whether Benford's distribution applies to the set of numbers represented by the quantity of records (size) that comprise the different tables that make up a state-owned enterprise's (SOE) enterprise resource planning (ERP) relational database. The use of Benford's law streamlines the search for possible abnormalities within the ERP system's data set, increasing the ability of the internal audit functions (IAFs) to detect anomalies within the database. In the SOEs of emerging economies, where groups compete for power and resources, internal auditors are better off employing analytical tests to discharge their duties without getting involved in power struggles. Design/methodology/approach: Records of eight databases of an SOE in Argentina are used to analyse the number of records of each table in periods of three to 12 years. The case develops step-by-step Benford's law application to test each ERP module records using Chi-squared (χ²) and mean absolute deviation (MAD) goodness-of-fit tests. Findings: Benford's law is an adequate tool for performing integrity tests of high-volume databases. A minimum of 350 tables within each database are required for the MAD test to be effective; this threshold is higher than the 67 reported by earlier researches. Robust results are obtained for the complete ERP system and for large modules; modules with less than 350 tables show low conformity with Benford's law. Research limitations/implications: This study is not about detecting fraud; it aims to help internal auditors red flag databases that will need further attention, making the most out of available limited resources in SOEs. The contribution is a simple, cheap and useful quantitative tool that can be employed by internal auditors in emerging economies to perform the first scan of the data contained in relational databases. Practical implications: This paper provides a tool to test whether large amounts of data behave as expected, and if not, they can be pinpointed for future investigation. It offers tests and explanations on the tool's application so that internal auditors of SOEs in emerging economies can use it, particularly those that face divergent expectations from antagonist powerful interest groups. Originality/value: This study demonstrates that even in the context of limited information technology tools available for internal auditors, there are simple and inexpensive tests to review the integrity of high-volume databases. It also extends the literature on high-volume database integrity tests and our knowledge of the IAF in Civil law countries, particularly emerging economies in Latin America.Propósito: Se analiza la viabilidad técnica de utilizar la ley de Benford para ayudar a los auditores internos a revisar la integridad de conjuntos de datos de gran volumen. Este estudio explora si la distribución de Benford se aplica al conjunto de números representados por la cantidad de registros (tamaño) que componen las diferentes tablas que componen la base de datos relacional de planificación de recursos empresariales (ERP) de una empresa estatal (SOE). El uso de la ley de Benford agiliza la búsqueda de posibles anomalías dentro del conjunto de datos del sistema ERP, aumentando la capacidad de las funciones de auditoría interna (IAF) para detectar anomalías dentro de la base de datos. En las empresas estatales de las economías emergentes, donde los grupos compiten por el poder y los recursos, a los auditores internos les conviene emplear pruebas analíticas para cumplir con sus funciones sin involucrarse en luchas de poder. Diseño/metodología/enfoque: Se utilizan registros de ocho bases de datos de una empresa pública en Argentina para analizar el número de registros de cada tabla en períodos de tres a 12 años. El caso desarrolla paso a paso la aplicación de la ley de Benford para probar los registros de cada módulo ERP utilizando pruebas de bondad de ajuste de Chi-cuadrado (χ²) y desviación absoluta media (MAD). Hallazgos: La ley de Benford es una herramienta adecuada para realizar pruebas de integridad de bases de datos de gran volumen. Se requiere un mínimo de 350 tablas dentro de cada base de datos para que la prueba MAD sea efectiva; este umbral es superior a los 67 informados por investigaciones anteriores. Se obtienen resultados sólidos para el sistema ERP completo y para módulos grandes; Los módulos con menos de 350 tablas muestran una baja conformidad con la ley de Benford. Limitaciones/implicaciones de la investigación: este estudio no trata de detectar fraude; Su objetivo es ayudar a los auditores internos a detectar bases de datos que necesitarán mayor atención, aprovechando al máximo los recursos limitados disponibles en las empresas estatales. La contribución es una herramienta cuantitativa sencilla, económica y útil que pueden utilizar los auditores internos de las economías emergentes para realizar el primer análisis de los datos contenidos en las bases de datos relacionales. Implicaciones prácticas: este artículo proporciona una herramienta para probar si grandes cantidades de datos se comportan como se esperaba y, en caso contrario, pueden identificarse para futuras investigaciones. Ofrece pruebas y explicaciones sobre la aplicación de la herramienta para que los auditores internos de las empresas estatales en las economías emergentes puedan utilizarla, particularmente aquellas que enfrentan expectativas divergentes de poderosos grupos de interés antagonistas. Originalidad/valor: Este estudio demuestra que incluso en el contexto de las limitadas herramientas de tecnología de la información disponibles para los auditores internos, existen pruebas simples y económicas para revisar la integridad de bases de datos de gran volumen. También amplía la literatura sobre pruebas de integridad de bases de datos de gran volumen y nuestro conocimiento de la IAF en países con derecho civil, particularmente en economías emergentes de América Latina.application/pdfInglésengUniversidad ESAN. ESAN EdicionesPEurn:issn:2218-0648https://revistas.esan.edu.pe/index.php/jefas/article/view/605/501Attribution 4.0 Internationalinfo:eu-repo/semantics/openAccesshttps://creativecommons.org/licenses/by/4.0/Internal auditBenford’s lawRelational databasesArgentinaLatin AmericaERPAudit data analyticsAudit trail analysisInherent riskState-owned enterprise (SOE)Auditoría internaLey de BenfordBases de datos relacionalesArgentinaAmérica LatinaERPAnálisis de datos de auditoríaAnálisis de seguimiento de auditoríaRiesgo inherenteEmpresa de propiedad estatal (SOE)https://purl.org/pe-repo/ocde/ford#5.02.04Benford's law for integrity tests of high-volume databases: a case study of internal audit in a state-owned enterpriseinfo:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionArtículoreponame:ESAN-Institucionalinstname:Universidad ESANinstacron:ESANJournal of Economics, Finance and Administrative Science1745315427Acceso abiertoTHUMBNAIL53.jpg53.jpgimage/jpeg147514https://repositorio.esan.edu.pe/bitstreams/fb8fbd2f-8dcb-4e83-8e71-119cd79628a1/download8064f21ba03874ff9a9fd0d814179e3dMD51falseAnonymousREADJEFAS-53-2022-154-174.pdf.jpgJEFAS-53-2022-154-174.pdf.jpgGenerated Thumbnailimage/jpeg6315https://repositorio.esan.edu.pe/bitstreams/b0aa0385-513d-4c14-9951-ef958754b0f7/download25b59ebc808d89bbe70148ce1c29b013MD54falseAnonymousREADORIGINALJEFAS-53-2022-154-174.pdfTexto completoapplication/pdf332268https://repositorio.esan.edu.pe/bitstreams/5e50addf-7f31-4135-a0dd-36a536a069f7/downloade1792381444eb3292d45fa6cc3aa4812MD52trueAnonymousREADTEXTJEFAS-53-2022-154-174.pdf.txtJEFAS-53-2022-154-174.pdf.txtExtracted texttext/plain77004https://repositorio.esan.edu.pe/bitstreams/46204f4a-0d02-4fcf-bb2f-4bf7a4b81726/download24a5a5a85823813fbb167a812f1ad7b8MD53falseAnonymousREAD20.500.12640/3019oai:repositorio.esan.edu.pe:20.500.12640/30192025-07-09 09:29:43.597https://creativecommons.org/licenses/by/4.0/Attribution 4.0 Internationalopen.accesshttps://repositorio.esan.edu.peRepositorio Institucional ESANrepositorio@esan.edu.pe |
| score |
13.87115 |
Nota importante:
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
