Understanding How Big Data Technologies Reconfigure the Nature and Organization of Financial Statement Audits: A Sociomaterial Analysis

ABSTRACT

This study focuses on the recent development in audit technologies, i.e., the rise of Big Data and Analytics (BDA) tools, and how auditors make use of them in audits. While prior audit studies have acknowledged that audit technologies shape and re-construct the market for audit services, they have not devoted much attention to the performative nature of such technologies and how their properties may shape the dynamics of technological change. Drawing on sociomateriality literature as well as observations, documentary materials and 25 semi-structured interviews with individuals directly engaging with BDA, this study explores how BDA users interact with particular properties of the technology in the course of an audit. We then consider how these interactions reconfigure aspects of the audit process and change the relational dynamics within audit firms. In particular, our findings suggest that properties of BDA such as scripts have afforded large-scale automation of audit routines, generating opportunities for expanding the evidential scope and depth of audit work. Further, we also show how the visualization dashboards have contributed to auditors’ ability to communicate and justify their claims and judgements. Finally, we demonstrate that BDA has reshaped the nature of work relationships and flows between audit firms’ different functions and service lines.

Keywords:

• Affordance
• Big Data Analytics
• Auditors
• Sociomateriality

1. Introduction

The application of technology-enabled analytical tools for Big Data (BD) in auditing referred to hereafter as Big Data and Analytics (BDA) has become a major talking point in debates by regulators (FRC, 2017, 2020; IAASB, 2016, 2018; PCAOB, 2018) and academics (Brown-Liburd et al., 2015; Eilifsen et al., 2020; Salijeni et al., 2019; Vasarhelyi et al., 2015). BDA may be understood as a suite of algorithmic tools which systematically extract and analyse large and diverse data sets, both structured and unstructured, so as to facilitate the identification and visualization of patterns and connections that might otherwise be invisible but that may provide valuable insights for decision making (AICPA, 2014; Appelbaum et al., 2017; Cao et al., 2015; Lehrer et al., 2018). Major audit firms have all made significant investments in the development and acquisition of artificial intelligence tools which include BDA, making claims that these tools are directly relevant to how they conduct audits (FRC, 2020; KPMG, 2017; PwC, 2017).

BDA developments represent the latest in a long series of changes in audit technology over the years such as the introduction of statistical audit sampling or Business Risk Auditing (BRA). The audit literature shows how these changes tend to require significant interpretation from auditors (Fischer, 1996; Power, 2003). Further, efforts to legitimize new technologies are sometimes achieved through narratives emphasizing potential enhancements in audit quality (Curtis et al., 2016; Jeppesen, 1998). Studies which centrally focus on auditors as interpreters of the new technologies highlight a number of important influences, including: the auditors’ understandings of the nature of audit work (Barrett et al., 2005; Curtis & Turley, 2007), their perceptions of the utility offered by the technology (Curtis & Turley, 2007; Fischer, 1996; Power, 1992), and their relationships with other parties and fields of expertise deemed necessary to make the technology work (Carpenter & Dirsmith, 1993; Robson et al., 2007). Other studies, often conducted in experimental settings, have instead placed a greater emphasis on the technology and understanding its ‘optimal’ application as well as its ramifications for auditor judgments and decisions (Bedard & Graham, 2002; Dowling & Leech, 2014; Wilks & Zimbelman, 2004). Nevertheless, these studies give only limited attention to how auditors make sense of the technology and its properties (Dowling et al., 2008; Pincus et al., 1999). In the context of BDA, studies have offered some early accounts of the nascent developments with regards to the growing use of the technology by auditors (Eilifsen et al., 2020; Salijeni et al., 2019). However, most academic contributions exploring the rise of BDA have provided normative perspectives on how ‘optimal’ application of the technology may better equip auditors to analyse client data and the practical challenges ensuing from this (Vasarhelyi et al., 2015; Yoon et al., 2015). Regulators have also added their voices to the debate, focusing in particular on the extent to which auditors’ claims of using BDA fulfills their commitment for audit quality (FRC, 2017, 2020; ICAEW, 2016).

Although the above accounts of BDA in audits have highlighted the technology as well as its users (auditors) as key influences on the trajectory of changes in audit practice, they fall short of offering a nuanced problematization of how both interact to effect these changes. In contrast, this study places a key emphasis on the constitutive nature of both – audit technology and its users – in influencing technological innovations in auditing. More specifically, we aim to provide a deeper understanding of such innovations as processes whereby the performative properties of the technology interact with its users to generate particular practice dynamics and opportunities for action (Faraj & Azad, 2012; Lehrer et al., 2018). By doing so we respond to the calls to explore the performative roles of information technologies not only ‘in detecting problems and anomalies in financial statements’ but also in ‘imposing a greater visibility and transparency on […] [auditors’] activities’ (Williams, 2013, p. 556), thereby transforming the very nature and organization of the audit process We pose the following research question: ‘How does the ongoing interaction between the properties of BDA and individuals employing the technology influence the conduct of audit engagements?’

To answer the above question, we draw on observations, documentary evidence and semi-structured interviews with individuals directly engaging with BDA within the audit field in the UK. We adopt a sociomateriality perspective (Orlikowski & Scott, 2008) and, specifically, the concept of affordance (Faraj & Azad, 2012; Gibson, 1977; Hultin & Mähring, 2014; Pollock & D’Adderio, 2012) to explore the particular properties of BDA tools and how they shape possibilities for action as auditors interact with such tools in their practice. This perspective helps us conceptualize BDA-related changes in audit as mediated by the agency both of the technology’s properties, which exist regardless of human intervention, and of its users (individuals working on audit engagements) (Lindberg & Lyytinen, 2013). BDA properties afford users varied possibilities for action, whereas users make contextualized decisions as to which of those properties should be taken up and how (Bérard, 2014; Leonardi, 2011). Our findings show how auditors’ interactions with BDA reveal the technology’s dispositional and relational affordances which produce opportunities for reconfiguring the execution of key audit steps (planning, evidence collection, and communication of audit findings) and vital relational dynamics within audit firms. We identify three key areas of change where the transformative potential of BDA is particularly salient.

First, properties of BDA such as scripts have afforded large-scale automation of audit evidence collection and analysis, and with it, opportunities to quickly expand the evidential scope of an audit and improve granularity and aggregation of data (operational depth) during the analysis of collected evidence. Although some auditors interpret the procedures performed by scripts embedded within BDA as a means to free up valued time and divert attention to areas of greater regulatory scrutiny and judgement, others question the efficacy of BDA and see the technology as an ‘add-on,’ rather than an alternative, to traditional audit approaches. This has led to some auditors combining new and legacy practices, resulting in over-auditing. Second, our findings explore the effects of the visualization dashboards used alongside BDA tools on auditors’ ability to make persuasive claims and judgements. Visualization dashboards have properties that afford auditors new opportunities for understanding client operations as well as constructing, justifying and communicating to the client their inferences and recommendations. Unlike much of the literature on auditor judgements which views new technologies mainly as decision aids (Solomon & Trotman, 2003), we show how BDA visualization dashboards constitute the very arenas where judgements are performed. They carry within them the ‘mechanisms of reactivity’ (Pollock & D’Adderio, 2012, p. 565), as in visually representing clients’ operational realities, they uncover inefficiencies that auditors feel compelled to react to. Further, these visualization dashboards also provide means to enhance the visibility of audit workflow, thereby making it easier for auditors to convey the narrative of audit quality. Third, we also show how the relational affordances of BDA reshape the nature of work interactions and flows, most notably between auditing and the firms’ other functions as well as between auditors and specialists such as data analysts working on audit engagements (Bauer & Estep, 2019). Non-audit functions such as data assurance not only supply analytical tools and specialists to maintain the operation of BDA-driven audits, they also serve as an umbrella which harbors key decisions about which technological ideas and tools to test out and use in the course of audit work. These developments, in turn, raise questions about what constitutes an essential audit knowledge base and potentially reveals the jurisdictional fragility of auditing as a distinctive field of practice.

2. Audit Technologies as Sociomaterial Objects and Their Affordances

Auditors can be key interpreters and promoters of changes in audit technologies. These new technologies are often shaped by dominant socio-economic imperatives, such as the advent of globalization, the complexity of business operations, and the stagnation in audit fees (Robson et al., 2007). Some scholars argued, for example, that statistical audit sampling was designed, inter alia, as a means of enhancing audit efficiency by reducing the volume of substantive audit testing (Matthews, 2006). Others have suggested that technological innovations are part of auditors’ quest to remain socially relevant and develop audits seen by regulators and clients as unique and credible (Curtis & Turley, 2007; Salijeni et al., 2019). In case of BRA, studies have shown how risk-based auditing was advanced as a means to bridge the boundaries between auditors’ regulatory and commercial concerns, and also how audit practitioners resisted these changes (Jeppesen, 1998; Robson et al., 2007). Curtis and Turley (2007), for example, demonstrate how the narratives of business expansion supplied by audit administrators to facilitate acceptance of BRA were rejected by auditors in the field, more concerned with the potential impact of the technology on daily practice, litigation and budgets. These findings echo other empirical accounts showing that the uptake of a new technology depends on how auditors make sense of its utility (Fischer, 1996), hence linking the outcomes of changes in audit technology to the interpretive preferences of its users (auditors).

In contrast to the above, other studies have adopted the perspective of technological determinism, seeing audit technology as determining how engagements should be conducted and, therefore, seeking to understand the various ways in which the technology leverages the audit process (Eilifsen et al., 2001). Studies in this stream are techno-centric in the sense that they view the technology as structuring auditors’ activities, behaviors and decisions (Dowling et al., 2008; Pincus et al., 1999). Auditors are regarded as recipients of the technology which has been exogenously appropriated (Bedard & Graham, 2002; Dowling & Leech, 2014). Failure to use the technology is largely seen as due to auditors’ cognitive deficiencies (Wilks & Zimbelman, 2004) and hence the role of the audit firms is to provide modalities (such as training) that would address those deficiencies.

Whilst the two aforementioned perspectives may well be justified by the researchers’ established ontological standpoints and methodological preferences, they offer only a limited insight into the dynamics of technological changes in audit practice. In contrast, this study develops an approach which links the two perspectives to offer a more nuanced account of technological changes as products of continuous interaction between the technology and its users (auditors) where both mutually shape and organize each other (Williams, 2013). To do so we employ a sociomateriality perspective (Orlikowski & Scott, 2008) to explore the application of BDA tools in audit firm environments. This perspective contests the seeming disconnect between the technological deterministic and socially constructed views of technological adaptations. Instead, it draws centrally on the ontological premise that ‘the social and the material are considered to be inextricably related – there is no social that is not also material, and no material that is not also social’ (Orlikowski, 2007, p. 1437). In this context, the social refers to human attributes such as language, habits, beliefs, and perceptions, whereas the material includes work programs, practice methodologies, manuals, and technological blueprints (Fayard & Weeks, 2014). Hence, the technology is not simply ‘used’ by the humans; its use is continuously negotiated as humans make sense of the properties embedded within it. In the same vein, a technology such as BDA has agency in the sense that it has properties with ‘capacity to act on [their] own’ (Lehrer et al., 2018, p. 426) irrespective of human intervention, whereas humans have agency because they make use of the technology to realize their goals (Leonardi, 2011).

By bringing the sociomateriality perspective into audit research we provide an alternative view of the relationship between auditing and the technological tools it relies on. There is evidence that the technologies that shape auditors’ everyday practices are not neutral but have the capacity to create meanings for auditors (Power, 2013; Robson et al., 2007). Power (2013, p. 526), for instance, conceptualizes ‘fraud risk as embedded in … . regulators, consultants, compliance officers and many other actors, including material [emphasis added] instruments such as fraud risk questionnaires and other diagnostic devices.’ He goes on to argue that it is through this assemblage that fraud risk is made ‘visible and auditable’ (p. 527). Likewise, Pentland (1993, p. 610) also notes how audit partners obtain comfort during the audit process ‘by reading the working papers … and through a series of repeated interactions with the members of the team.’ There is also evidence to suggest that auditors may feel constrained by the material technologies made available to them, as in the case of online communication tools and software packages for risk assessment promoted as part of Business Risk Auditing (Barrett et al., 2005; Curtis & Turley, 2007). The sociomateriality literature offers some useful insights into the nature and possible effects of technological properties, specifically through the delineation of the concept of affordance.

2.1. The Concept of Affordance

The concept was originally introduced in the field of ecological psychology by Gibson (1977) who viewed it as the fundamental properties of the thing that determines how that thing can be used. It has since been widely adopted in a variety of disciplines where scholars further elaborated its meaning (Hultin & Mähring, 2014; Leonardi, 2011; Pollock & D’Adderio, 2012). The concept now has a plethora of definitions, such as: ‘actual and perceived material properties of technology,’ ‘means of using technology’ and ‘emergent possibilities of action when humans and technology interact’ (for an overview, see Lindberg and Lyytinen (2013). Hutchby (2001)) further elaborates that a technology can offer humans several possibilities for action; however, the way it is used depends on the humans’ perceptions about what the technology can allow them to do. In other words, affordance is ‘a bridging concept that conceptually links the design and use of technology’ (Faraj & Azad, 2012, p. 254) (see also Lindberg & Lyytinen, 2013).

For the purpose of this study, we see affordances as ‘the possibilities for goal-directed action provided by an object in relation to a goal-oriented actor’ (Strong et al., 2014, p. 53). The definition helps to capture the use of BDA by auditors as a purposeful action designed to achieve set goals (legal or commercial); it also builds on a range of views advanced by Bérard (2014), Hutchby (2001), and Leonardi (2011). In line with these authors, we view the affordances of a technology as both dispositional (they predispose adopters to make use of the technology in a particular way – see Turvey (1992)) and relational (they give rise to a particular relational dynamic and represent ‘not just properties emerging from a system, but the relationship itself’ (Fayard & Weeks, 2014, p. 239)). Dispositional and relational views pertain to technologies, such as BDA, that possess not only physical (hardware) but also digital (data warehouses, software packages, in-memory technologies) features giving rise to a multitude of interactions between users and material artefacts (Lehrer et al., 2018). Furthermore, the relational affordances of BDA may be seen as having implications not only for how users interact with these artefacts but also the relationships that they develop in order to make the technology work. In our study, we focus chiefly on the relationships between two key user groups, auditors and data analysts, as they negotiate the application of BDA in audit practice.

In the accounting literature, the above perspectives on the concept of affordance have been empirically evidenced in Wagner et al.’s (2011) study of the implementation of an Enterprise Resource Planning (ERP) system at a University. They show how these systems were initially designed with features (dispositional affordances) to reflect the new institutional logics, but that they were met with resistance. Users’ reactions meant that the technology’s properties had to change to reflect users’ needs for relational affordances. Therefore, interpreting and enacting the technology’s affordances is an ongoing process and plays a crucial role in acceptance of any technology. Further, affordances draw upon the cultural frames governing a particular practice field (Hutchby, 2001); and hence changes in the cultural frames have a potential to produce new sociomaterial assemblages emerging from the interaction between the technology’s affordances and its users (Hultin & Mähring, 2014; Wagner et al., 2011). Pollock and D’Adderio (2012), in this regard, perceive the technology’s properties in terms of both affordances and constraints. In their study of the design of ranking systems, they show how the sociomaterial elements supporting the technology such as spreadsheets served to pattern and circumscribe the activities of the rankers.

By reference to the above, we make sense of a technological change in auditing (BDA) as a sociomaterial practice where different human/technology assemblages emerge with particular functionalities afforded by the technology. Here, affordances embedded within the technology shape possibilities for action available to users, whereas users make decisions as to which of the technology’s properties they take up and how (Pollock & D’Adderio, 2012). In case of BDA, we show, firstly, how analytics tools possess a variety of affordances that provide opportunities for reconfiguring key audit steps and procedures. Secondly, we also demonstrate how the properties of BDA necessitate changes in the nature of interactions between auditors and data analysts, while also drawing new relational boundaries between the firms’ audit and non-audit functions (Wagner et al., 2011).

3. Research Methodology

To investigate the use of BDA tools in audits, we first consulted a substantial body of documentary evidence, including transparency reports and other publications by audit firms (Big four and mid-tier firms) as well as brochures and policy materials prepared by audit professional and regulatory bodies (see Table 1). The documentary evidence offered an initial understanding of the developments in BDA within the audit field. It also allowed us to identify the firms that made significant investments in this area.

Table 1 Interviews and Documentary Evidence.

Interview participants
Interview Code	Organization	Audit experience	Position	Roles	Follow up interview
P1*	Big Four	> 15 years	Partner – Head of Assurance	BDA Development and Implementation *Member of Data Analytics Working Group (DAWG) at IAASB	No
P2*	Big Four		Partners – Audit Methodology		No
P3*	Big Four				No
P4*	Mid-tier				Yes
P5*	Mid-tier				Yes
P6	Big Four		Partners – Data Assurance and Analytics		No
P7*	Big Four				No
P8	Big Four				Yes
D1	Big Four	> 10years	Directors – Audit Methodology		Yes
D2	Big Four				Yes
D3	Big Four		Director – Analytics		Yes
M1	Big Four	>7years	Managers – Audit	BDA implementation	No
M2	Big Four				No
M3	Big Four		Managers – Data Assurance		No
M4	Mid-tier				No
M5	Mid-tier				No
DA	Big Four	>3 years	Data Analyst		No
A1	Big Four	> 3 years	IT auditors		No
A2	Big Four				No
A3	Big Four	> 1 year	Audit Associates		No
Documentary evidence (2013–2020)
Audit firms (Big Four and some mid-tier firms)		Transparency and annual reports; Brochures; BDA surveys; Audit reports; Minutes of meetings; Promotional videos.
Regulators and professional institutes (FRC, IAASB, ACCA, ICAEW)		Thematic reviews by Financial Reporting Council; Minutes of meetings, commentaries, promotional videos by the IAASB’s Data Analytics Working Group; Publications such as position papers and commentaries by professional bodies.

We also conducted 25 semi-structured interviews with auditors from both Big Four and mid-tier audit firms (primarily from the UK but also several firms from Belgium and Italy) as well as members of the regulatory community, including the then IAASB’s Data Analytics Working Group (DAWG). Interviews were conducted in 2015–2018, ranging in length between 30 min and 2 h. The interviews included five follow-up interviews with audit partners and directors to capture changes in practice and/or to collect more evidence on the significant issues identified during the initial interview round. All but four interviews were voice recorded and transcribed.

Initial interviewees were first identified at several practitioner-academic conferences discussing developments in audit practice and the rising importance of BDA (such as the Accountancy Europe audit conference in June 2015 in Brussels), and also through the authors’ personal contacts. A ‘snowballing’ tactic was later adopted whereby the initial interviews were used to build a network of contacts with experience in BDA. Interviewees were selected on the basis of both the length of their experience in audit practice and their engagement with BDA tools. The interviewees have mixed practice experience ranging from 1 to 20 years and have held responsibilities which demonstrate significant interaction with BDA tools, namely: (1) development of BDA toolkits, (2) implementation of BDA during audit engagements; and (3) evaluation of the impact of BDA for audit standard-setting and other forms of regulation (see Table 1). Hence, all interviewees were able to provide a meaningful assessment of the current state of development with regards to BDA in audits as well as reflect on the history of technological innovations in auditing over time.

Interviews started with general questions about the interviewees’ roles and how those related to BDA as well as the general developments in audit practice methodology over the years, before addressing BDA-related topics and issues. Interviewees were asked to elaborate on topics including the current state of development with regard to BDA in their respective organization; what properties and functionalities of BDA tools they and their colleagues find most useful in fulfilling their work tasks; how BDA may be shaping the way the audit process is conducted and organized; potential tensions and disagreements that may arise between different users of the technology over how BDA should be applied in practice and how those disagreements are resolved; and challenges of implementation of BDA tools. The number of interviews was deemed sufficient when additional interviews no longer generated any significantly new insights, hence indicating that empirical saturation had been reached. In crafting our findings, we adopted Malsch and Salterio’s (2016) approach and sought to enhance the trustworthiness of our findings by obtaining comments from practising auditors with expertise in BDA. The positive feedback we received as a result confirmed that our empirical findings were consistent with how the auditors experienced BDA in practice, while also providing clarity on some complex aspects of practical application of the technology.

In addition, one researcher also attended 5 observation sessions between 20 and 45 min long during which the use of BDA tools was demonstrated in a practical setting, with a possibility for follow-up questions and discussions. One session was conducted on the premises of a mid-tier audit firm, and the remaining sessions were in the offices of the Big Four firms. These sessions enabled the authors to gain a deeper understanding of the practical application of BDA tools and the particular properties of BDA that firms see as relevant to audit, including areas such as assessment of internal controls, analysis of journal entries, risk assessment, and compliance with particular auditing standards. The author was not allowed to voice record the sessions but did obtain the permission to take notes and to draw sketches of the functional aspects of BDA during and immediately after the sessions.

3.1. Data Analysis

Analysis of the empirical materials collected for the study was informed by the sociomateriality literature and, in particular, extant definitions of the concept of affordance (Fayard & Weeks, 2014; Leonardi, 2011). The objective was to understand how BDA tools are interpreted in the audit firm context as affording particular functional uses (affordances) and how, when enacted, these tools and their perceived affordances can be observed to generate change in the delivery and organization of the audit process. Both interview transcripts and documentary materials were populated onto the qualitative analytical software Nvivo. We then undertook a careful coding process following the approach identified by Miles and Huberman (1994). During the first round of coding, we sought to establish key areas of change in audit practice linked to the implementation of BDA tools as well as related challenges. We employed Malsch and Salterio (2016) to uncover contradictory patterns and, in particular, capture evident variations in how respondents from different firms discussed BDA properties in terms of their potential uses as opposed to their actual impact on audit practice.

During the subsequent rounds of coding, we focused on identifying the particular properties of BDA and their effects on the audit process. Specifically, BDA scripts were captured in the context of a computational modeling tool called Extract Transform and Load (ETL). This model became a focal point for pulling together BDA affordances and allowing us to better understand the roles of auditors and other BDA users (such as data analysts) and their relationships (see Table 2). ETL helped us to capture the affordances linked to BDA properties that were salient in changing (reconfiguring) the way audit procedures were carried out, such as expanding the operational scope and depth of audit evidence collection and processing. In this regard, ETL is a sociomaterial assemblage whereby the affordances of BDA emerge as a result of interaction between the technology and its users in the course of an audit. Furthermore, BDA properties were also found to produce significant influence on the dynamics of communication between different actor groups, such as auditors, other specialists (data analysts), and clients. We identified these as relational affordances of BDA which shape the interactions between the technology’s various users as well as user attributes (such as types of expertise and skillsets) perceived as necessary for the technology to work.

Table 2. A map of BDA affordances

Properties of BDA	BDA users	Dispositional affordances	Relational affordances
Scripts (e.g., Structured Query Language (SQL), Python)	Data Analysts, Auditors	Evidential procedures: Operational scopeOperational depth(Scalability, Granularity)	Automation of mundane audit tasks, Structuring of professional judgements, Constructing audit/BDA expertise.
Visualization dashboards (e.g., Halo®, Tableau®), Power BI®	Auditors, Audit clients and users of audit reports	Data manipulation and interrogation, Construction of insights, Increased visibility of audit processes and decision-making trails	Communication with clients and regulators, Communication between the audit firms’ different functions (e.g., audit and risk advisory), Justification of audit judgements.

The following section discusses two main empirical themes stemming from the above analysis: first, the influences of the dispositional affordances of BDA in the context of an ongoing re-configuration of key audit steps (audit planning, evidence collections and communication of audit findings) and, second, the effects of the relational affordances of the technology on the social interactions which sustain BDA operations, such as those between the firms’ different service lines and members of the engagement teams.

4. Findings

First, we provide a general overview of the development of BDA tools within audit firms. We then show how auditors’ engagement with these tools through the ETL process reveals the dispositional affordances embedded within the technology and also gives rise to the relational dynamics necessary to make the technology work. We consider the implications of these affordances for the delivery of the audit process.

4.1. The Development of BDA Tools Within Audit Firm Environments

The use of analytical tools in audit process is not a new phenomenon. Since 1960s, all major firms have made use of technologies such as Computer Assisted Audit Techniques (CAATs), Highbond by Galvanize (formerly known Audit Command Language – ACL), or CaseWare IDEA, to interrogate clients’ data for the purpose of detecting fraud and errors (Cushing & Loebbecke, 1986). Many such tools, such as Highbond and CaseWare IDEA, also had embedded capabilities for visualizing the analytical outputs produced. Packages such as Microsoft Excel also served as a common means for performing some basic analytical procedures such as re-calculations. Evidently, the more recent developments in audit methodology, from circa 2013 onwards, represent a substantively new developmental stage, one characterized by an unprecedented rise in the volume, variety and speed of data capture and the development of technologies for advanced data processing, both by audit firms and their clients. The interview excerpts below demonstrate how auditors emphasize the availability of the so-called ‘big data,’ and how the increasing use of analytics tools to interrogate such data is a distinguishing feature of contemporary audit practice:

[…] the basic analytic procedures performed today are not really that different from the ones performed historically. What’s really changed is the volume of data that can be incorporated in the [audit] procedures and the diversity in the source of the data being used. The big thing coming out of this is that there is software, both commercially available and not too cost-prohibitive, that is enabling auditors to sort of dump the raw data into a software package, get analytical outputs that satisfy certain parameters, and then make sense of those through graphical interfaces that would feel almost like using an iPad. (Partner, P4)

IDEA was there before, the reason we [auditors] didn’t use it is because you needed to get the data to run on it and getting the data was hard. What now happened is that it has become easier [to obtain data] and so it is used more widely within our client base. (Partner, P5)

The embedding of BDA technologies into the delivery of audits, particularly within large audit firms, was presented by these firms as an essential part of their programs for transforming audit practice and methodologies – such as KPMG’s (2014) ‘Value of Audit,’ Deloitte’s (2015) ‘Distinctive Audit,’ and EY’s (2015) ‘Audit Transformation Programme.’ By 2015, all Big Four audit firms had either acquired or developed in-house BDA toolkits for advanced data capture from multiple sources and data processing to enhance the performance of audit procedures. Some firms, such as KPMG (2014, 2015), chose to develop such tools in partnership with an external provider, McLaren Applied Technologies. As shown below, the choice of names given to these analytical tools may not be seen as value-neutral but rather as a means through which audit firms sought to convey the perceived affordances of these technologies. KPMG, for example, described the name of its in-house BDA tool called Clara (KPMG, 2016) as follows:

[it is a] latin adjective for ‘bright’ and ‘clear’. Combined with our professionals’ judgement and experience, these innovations enable us to look deeper and discover more about a business and its risks. (KPMG, 2016, p. 40)

As explained in their transparency reports at the time, the preferred approach in many firms was to combine the functionalities offered by their proprietary BDA tools, such as Halo (PwC, 2014) and Helix (EY, 2017), with off-the-shelf analytical packages (Alteryx, Lavastorm) and visualization dashboards (Spotfire). As an Audit Director from one of the Big Four firms explains:

We are making, as all other firms, strategic acquisitions and partnerships. For example, we have an ETL tool called Alteryx® which is very easy to use. We have also partnered with other providers such as Spotfire® for their visualization tool. (Director, D2)

The ETL processes referred to above can be described as ‘very special pieces of software, playing a very important and determinant role in the success of any data warehousing system (DWS)’ (Oliveira & Belo, 2016, p. 1) and, therefore, forming the core of the audit firms’ BDA capabilities for interrogating different types of client data (e.g., payroll, inventory, sales systems). Although such platforms date as far back as 1970s, the rise of big data led to an explosive growth in the number and sophistication of ETLs used by companies and their auditors, driven by demand for powerful solutions capable of handling billions of transactions as well as both structured and unstructured data from varied sources and of different formats. It was recently reported, for example, that KPMG alone had 25 different ETL projects ongoing just for the purpose of data extraction (Mcloughlin, 2019). An interviewee provides a succinct summary of the different stages of the ETL process:

For each piece of data analytics, there is a process […] that extracts the data from the client system, [that] once you have that data, […] transforms that […] into a common data model that […] loads [it] into a tool [which is going] to run a number of routines that have been set up by the audit team. The output of that tool is the data analytics and that’s what the audit team will get (emphasis added). (Director, D3)

Data analytics tools enable each of the three stages (Extract, Transform and Load) of the ETL process to be performed. In order to work, these tools have embedded within them essential properties called scripts – i.e., instructions or commands written in a computer language. Scripts afford automation by performing specific audit task(s) when prompted. They either come as part of a proprietary or off-the-shelf analytical software package (as in case of many mid-tier firms) or are developed according to set specifications. The first stage of ETL involves data analysts or IT auditors running scripts in order to extract data from the client’s ERP systems which may be stored in either the client’s proprietary or third-party data warehouses. It requires that auditors state what types of data they need to be extracted, depending on audit objectives and related audit procedures to be performed.

During the second stage, where data is stored in different formats, scripts are used to ‘transform’ it into a single format requirement so that transactional relationships and patterns can be identified. During the third stage, the transformed data is processed in the audit firm’s proprietary or off-the-shelf BDA tool where automated audit tests and procedures are performed. The data analysts usually run the scripts and produce an analytics report that is then presented to auditors for further action. Visualization packages such as Power BI, Qlik and Tableau, are often used to compliment this stage in order to present analytical outputs in ways which may inform judgement and generate insights (ICAEW, 2016). The degree of advancement of ETL processes and related BDA tools varies, depending on the nature of client systems as well as of the audit tasks at hand. This leads to auditors’ different degrees of reliance on data analytics specialists during an audit, as noted by the following interviewees:

There is a wide spectrum of data analytics right down from the very basic stuff like Excel right up to the top stuff like R and Python [programming languages] where you are having to write bespoke SQL [Structured Query Language] coding. At the low to middle end, auditors do that themselves. At the top end, a Data Analytics specialist would go and turn the wheel in terms of producing the analysis. Then it is the auditor who reviews the output and interprets it. (Manager, M2)

We have a specialist team of technology risk specialists with IT skills that we bring in on our large audits. They have a much bigger toolkit and far more skills in some areas. They do direct data extraction and organizing the data to give you feedback and trends. Most of them are both audit qualified and have IT audit skills, but some are more risk focused. The really important thing they bring to the party is that they understand what we are trying to get to from an audit perspective. (Partner, P5)

Thus, the ETL process is a complex operation that often requires significant expertise and knowledge of data processing toolkits. It is likely through a wider use of ETL platforms and related BDA tools that the professional jargons drawn from computer sciences have entered the audit domain. Further, the need for new specialized knowledge has meant that, in the course of an audit, auditors had to interact closely with other actors such as data analysts, software developers, and staff from the firms’ other functions, such as risk advisory. ETL therefore represents a sociomaterial assemblage bringing together both material (BDA tools, practices, related workflows) and social (actors using the technology – auditors and data analysts) elements which form essential parts of the audit firms’ BDA environments. The following sections of the paper provides a more nuanced discussion of how, through ETL, auditors’ interactions with the properties of BDA (such as scripts and visualization dashboards) showcase the extent to which dispositional affordances are utilized and the emergence of relational affordances that shape the delivery of an audit (see Table 2 above).

4.2. Audit Planning and Execution: Reconfiguring the Operational Scope and Depth

Auditors mobilize BDA tools in the context of the ETL process to obtain audit evidence that is deemed relevant, reliable and sufficient to enable them to form an audit opinion. Power (1992, p. 42) problematized the concept of sufficiency of audit evidence as a matter of representativeness and representationality. Representativeness relates to the operational scope of an audit and seeks answers to questions such as ‘How many transactions/balances need to be tested and on what basis may they be selected?,’ whereas representationality addresses issues of operational depth and questions such as ‘How much testing must be performed on each transaction or balance?.’ The operational scope and depth are means of ‘creating evidence’ that purport to represent the underlying economic ‘reality’ (Power, 1992, p. 42). As we show in this section, when an audit is conducted with the use of BDA tools, properties such as scripts afford auditors to discover new information sources, extend the volume (scalability) of audit evidence that may be deemed relevant for audit purposes (operational scope), and also enhance the level of detail (granularity) with which audit tests are performed (operational depth).

The planning of an audit where BDA tools are used, and particularly decisions regarding the operational scope and depth of audit work, involve auditors working together with data analysts to obtain an understanding of the types and volume of data to be interrogated. In order to understand auditors’ needs in terms of the data to be extracted, some audit firms distribute standard questionnaires to be completed by the auditors. A data assurance manager commented on processes informing data extraction during audit planning in their firm:

They [auditors] need to fill out a scoping questionnaire, so they will need to tell us what tests they want running. There is a standard list of tests but not all of them may be relevant to that audit. They pick all the tests they want, and they will also have to tell us something about the [client’s IT] system [because] there are different versions of SAP¹ and things to consider about the set-up. (Manager, M3)

Many, particularly large, audit clients record their operations in ERP systems utilizing large-scale databases such as Microsoft SQL Server or Oracle. In many cases, large volumes of information are retrieved from these platforms automatically with the use of scripts written in SQL, Python, R, and other languages. Audit firms also deploy similar BDA properties to interrogate clients’ databases easily and efficiently. Since auditors have limited expertise in script coding, a team of data specialists and IT auditors is usually assigned to develop scripts so that tests to auditors’ specifications can be performed:

[Data extraction] is always a bit tricky because you don’t want to break the client’s system. So, you take measures to stop that from happening. You test the tool [script] first or ask the client to do the extraction and, if they fail, you try to work with them and understand what kind of system they have. So, we design scripts which are non-invasive and won’t change client data. (Manager, M1)

While relying on the data analysts to extract client data, auditors (specifically, managers and partners) have the ultimate say in decisions about audit scoping and which specific types of information to request from the client. However, the collaborative work between analysts and auditors could be seen as significant in evaluating the reliability and integrity of data for determining the appropriateness of the audit evidence. A data analyst for one of the Big Four firms explains below how audit team members in their firm guide analysts to ensure the work they perform falls within the scope of an audit:

You stick to the scope because you wouldn’t go off-track to do something that an auditor is not interested in. When you do the actual work, you inevitably find errors with data issues. And, on that front, you need to talk to the auditors and see whether they want to carry on investigating or is there something they are interested in. If yes, then you do some extra work and extract more data. So, it depends on the scope set by the auditors. (Data Analyst, DA1)

Therefore, during the extraction stage of the ETL process, scripts, auditors and data specialists interact to generate data deemed necessary for audit purposes. Scripts play an inherently performative role here, in the sense that they yield opportunities to more easily control and, if necessary, modify the velocity, variety and volume of data being collected and collated. More specifically, by automating the extraction of large amounts of data, scripts enable auditors to widen and diversify, in a quick, seemingly effortless manner, the pull of transactions from which they may draw audit evidence. As the interviewee above points out, scripts help auditors to ‘do some extra work and extract more data’ which means that auditors are able to utilize the scalability effect of BDA technology. Scalability is a term often used in relation to BDA tools to denote their ability to quickly respond to changes in the volume or traffic of data being collected and processed, for example in response to shifts in auditors’ assessments of risk and materiality.

Auditors often made comparisons between the utility and efficacy of BDA in evidence collection as against traditional techniques such as statistical audit sampling. Some noted, for example, that audit samples might not be sufficiently representative of transaction populations (see, also, Matthews, 2006) and rationalized the superior utility of BDA on the basis that the technology enabled the analysis of entire transactional populations and more focused interrogation of potential exceptions:

The traditional audit model has been built around getting a relatively small number of items for sampling, testing those and then extrapolating results up. What the use of BDA allows you to do is to get all the information and then interpolate downwards. Compared to [statistical audit] sampling, it’s now full population and exceptions. So the exceptions get talked about a lot now. You used to say, “I’ve tested 30, there were two that were wrong, here’s the reasons why”. There’s a lot more of the type of evidence that says, “I’ve tested 30 million, 28 million were fine, 2 million have a problem, that’s not material”. (Director, D1)

Data analytics can help because you don’t need to scope it upfront, you run the analytics and it does the scoping, if you like, by helping you narrow down the risk areas. So it helps you cover much more than you perhaps would do traditionally. (Partner, P3)

Prior audit literature has indicated that statistical sampling enabled auditors to appear more knowledgeable (Carpenter & Dirsmith, 1993). In contrast, our findings suggest that this is no longer the case, and that the appeal of BDA tools is that they afford the testing of whole transactions populations, thereby providing auditors with more insight and comfort.

As discussed earlier, the operational scope of an audit refers to the volume of data collected for audit purposes. However, in order for this data to be classified as audit evidence, various forms of testing are carried out to enhance the operational depth of audit work (Power, 1992). BDA scripts afford auditors enhanced information processing capabilities by automating and streamlining audit procedures in ways which significantly increases the granularity (the level of detail) of audit testing. Scripts can be altered to respond to particular auditor needs. One auditor explains below how scripts such as SQL enable greater operational scope as well as depth during the analysis of purchase transactions:

We know we can take the whole of purchase-to-pay, process every transaction taken into our systems. [Moreover, we can also] recreate how every one of those transactions moves through the system, how the controls are operated and what happened. […] We can identify how many of those were subject to controls and how many weren’t? Then there is a question of how much more work you need to do. (Director, D1)

Scripts have an important affordance that interviewees commonly referred to, namely their ability to simultaneously perform multiple and varied audit tests. Scripts, for example, may be used to examine if the invoice amount generated and stored in the client’s ERP system has been correctly entered in relevant nominal ledgers, as well as checking whether segregation of duties has been performed on initiating and authorizing the invoice. An interviewee comments below on how scripted automated audit procedures enable the performance of both substantive testing and the testing of controls in case of an audit of accounts payable. This acknowledges the efficiencies that can be achieved from such hybridization:

In the past we did a manual three-way matching [i.e., comparing vendor invoices, company purchase orders and receiving reports] to say that that control was operating as designed. Now we look at [control] configuration to see if it is being configured to work in the system. With the automated way of doing some of the testing, you can have a look at different aspects that tell you the complete picture around a control. We then join that with the actual transactional data that proves it [control] works and also shows us if there are any anomalies. This allows us to have more insight in a way that we haven’t done before. For example, we went in to check the global SAP for our client that has got 90 countries and 120 different company codes most of which needed to be audited. So we checked duplicate invoice configuration across all of those to see if it was switched on [if it works] across the piece or not. Where it was not, we could then do the transactional analysis to see the implication of that, and what we saw was a wholesale epidemic problem because there were 150 people who had booked a duplicate invoice. (Partner, P8)

While emphasizing to us the operational efficiencies that can be achieved through the use of BDA, auditors sometimes also expressed a degree of uneasiness, as in the case below, about how the technology blurs the boundaries between audit procedures for risk assessment and substantive evidence gathering.

Risk assessment has traditionally been a high-level analysis of the results of a company. And then substantive evidence has been sample-based, aiming at a particular target confidence level. […] [BDA] blows up the whole concept of confidence levels. If I do get hold of an entire population, I quickly skim through it - and is that audit evidence or is that risk assessment? (Director, D1)

The commentary above is an example of how some auditors struggle to reconcile their prior experiences with the new audit realities. This, in turn, may lead to situations where some auditors continue to rely on traditional manual audit procedures alongside BDA tools, as a means of gaining sufficient comfort:

It would be great if we could use data analytics to give us better insight and release us from doing mundane tasks. The reality is auditors ended up still doing all the manual things, even though we did the data analytics, and then didn’t have enough time to do the exciting stuff that they could do. (Partner, P8)

Analytics has had a bit of a bad review because people have said, “Oh, it’s just a bolt-on, I’ve done my complete audit and then I’ve done this as well”. For example, they would do something over a three-way match but then still do a sample of 25 as well. (Manager, M1)

The comments above resonate with Curtis and Turley’s (2007) earlier observations made in relation to the adoption of BRA that auditors who felt sceptical about the technology chose to perform additional procedures resulting in over-auditing. Likewise, our interviews indicate that, alongside new BDA tools, the sociomaterial assemblages through which BDA is managed often contain traces of the old practice blueprints. This means that, whilst some auditors feel that they can derive necessary affordances from BDA alone, at least in relation to some audit procedures and steps, others express desire for additional reassurance by drawing on traditional audit routines with which they are more familiar.

4.3. Visualizing Audit Findings and Constructing Insights to Inform Audit Judgements

We showed in the previous sections how the ETL process enables data extracted from the client’s ERP systems to be transformed into a data model and loaded into formats suitable for further analysis. The analytics outputs produced within the ETL process enable, in turn, the mobilization of other BDA properties, particularly interactive dashboards designed to visualize the analytics outputs in ways which generate further affordances. The aim with such dashboards is to allow auditors to produce evidence that can be used to perform new or additional audit procedures, such as in the case of risk assessments, substantive, and analytical procedures. As we show below, visualization dashboards can afford the production of interactive reports that can inform audit judgements as well the communication of those judgements in a seemingly convincing authoritative manner to the parties external to the audit. In other words, the material elements of the BDA assemblages – such as ETL and visualization dashboards – generate connectivity between themselves which allows the relational affordances to emerge. The outcomes of ETL such as analytics outputs form the core of what can be visualized on dashboards.

During observations conducted for this study, visualization packages such as Power BI or Tableau were mobilized to summarize the data that had been transformed into representations such as graphs, charts, and pictures, among others. Excel is commonly used by auditors as one such visualization tool, and functionalities such as pivot tables and heat maps are employed to manipulate and exhibit salient areas. Even where more advanced tools are mobilized, the priority is often, as one interviewee put it, to ensure the ease of use by ‘combining the real powerful [visualization] tools with a simple interface for auditors’ (Director, D3).

Figure 1 provides an example of a more advanced visualization dashboard developed by PwC. It shows how it is mobilized to aggregate data for unusual patterns. This can prompt further investigation and analysis. Besides affording the data aggregation, the visualization dashboard offers granularity of individual transactions, such as those in a sales journal, so as to enable the users to easily break the transactions down to micro data points, such as the person making an entry, the time the entry was made, and the person who authorized it.

Figure 1. PwC’s Halo dashboard showing the posting of journal entries (PwC, 2017, p. 3)

Visual representations such as the one above may serve various objectives and have different uses, depending on the context in which they are employed and the particular needs of the users. Some auditors pointed out, for example, that, by providing a granularized view of client data and possibilities for slicing and dicing data in different ways and based on different parameters and attributes, visualization dashboards enabled them to see things differently, discover new insights and, if necessary, shift focus to new areas of concern that they would have otherwise missed:

[A dashboard] is essentially a map that’s telling us, for any account balance, what are the sources of the numbers that are coming into that account balance, and therefore helping us really identify where are the risks within that account balance … ; this is all about looking at the client’s data in 100% of the transactions taking place in a year and starting to investigate and look to see what’s unusual here. (Director, D1)

All our data analytics tools have a very heavy visualization front-end on them. […] Before, auditors would get sent massive amounts of spreadsheets with rows upon rows of numbers or separate individual documents like contracts that they would need to go through. Now they get a dashboard that shows the manual journal population. They can then break it down by different business units, company codes, values, or posting keys. They can choose all the different attributes that they want to look at. They can look not just at one dimension, like high-value manual journal entries, they can request all manual journal entries that have all the attributes. They can then add all those attributes together and, instead of looking at the manual journal entries which might be thousands and thousands, they get down to only those they need to focus on. (Partner, P1)

Figure 2 below provides an example of the kind of dashboard that was described in the interviews above. The dashboard is designed to provide auditors with an instant access to full volumes of journal entries and enables a more dynamic analysis of these data points as per specific audit objectives. In other words, it serves an exploratory function by facilitating understanding of the client’s financial reporting processes and flows in a way which may support or challenge auditors’ prior assessments.

Figure 2. PwC’s Halo dashboard showing tested journal entries (PwC, 2017, p. 3)

Dashboards such as the one above providing a granularized view of entire transactional populations afford auditors to recreate client’s reality and easily visualize the anomalies and outliers that warrant further attention. This means that auditors’ decisions with regards to issues such as risk assessment or what constitutes an appropriate amount of substantive testing are based not only on accumulated experience and understanding of the client business but also on the outputs of visualization. An audit partner explains this point as follows:

Let’s take fixed assets as a topic. I may have analyzed it, summarized it [with the use of a visualization tool], and I thought, “You know what? There seems to be something unusual with the assets under construction activity. Maybe there is an absence of activity?” This is a problem - the business says it’s building all these things but, from a risk assessment point of view, I am concerned. All I did was summarize it on a time basis to be able to then say, “Right, now I’ve got to go and audit fixed assets.” So I’ll go down and do an aging of all of the assets under construction to understand the profile. Why aren’t there any recent transactions? What is really going on? It wasn’t what I did for risk assessment, it’s now to support my substantive analytical review. (Partner, P1)

The above examples of some of the actual uses of visualization dashboards (such as visual representations of journal entries or tracing the sources of the numbers coming into account balances) demonstrate that such tools are not simply decision aids used to assist auditors in their judgements. They represent the very arenas where such judgements are performed in the sense that visualization of the analyses of client data generates insights that enables possibilities for new ways of understanding audit evidence that would likely not exist in the absence of visualization. This performative nature of visualization dashboards is inherent in their very design. As a means of drawing attention, visualization outputs, for example, are often designed to be expressed in color with the anticipation that the areas highlighted as requiring attention will be acted upon. During one observation, for example, a dashboard flashed red when account balances were outside the range considered acceptable. In this case, the auditors indicated that red signified areas of concern and the flashing acted as a red flag requiring attention. While this approach may not look new to the auditors, many of them appeared convinced that such warning signals served as an important means to prompt a response and potentially look at audit evidence from a different angle. Since some visualization dashboards are interactive, they give auditors the opportunity to interrogate the data in real time (Lehrer et al., 2018). An interviewee discussed how their firm make use of the geographical profiling afforded by dashboards in order to emphasize and report to the client areas of greater risk:

One example is where we used geographical profiling on a client, a mortgage provider, who initially said they did not do mortgages in Scotland. What we did was plot all the mortgages on a map. Just by looking down a mortgage book of hundreds of thousands of mortgages we would never notice that one was in Scotland. We put a map in front of the client and showed them [that they had mortgage clients in Scotland] as it might have implications for things like bad debt provisioning. The client loved it. (Manager, M1)

The above interview excerpt serves to show how visualization also serves an explanatory function. In other words, visualization dashboards represent important means for communicating key audit findings to the client management as well as other parties reliant on an audit report. These communications provide opportunities for evidencing and justifying auditors’ judgements and inferences. By doing so, they may serve to foster perceptions of auditing being a more observable and rigorous process, as clients and other parties are presented with carefully crafted representations of the key building blocks of audit evidence and decision-making trails enabled through visualization. An audit associate describes as follows the affordances of visualization dashboards that emerged during their audit work:

The benefits to me, it’s been a lot easier to now have discussions with clients, because you can quite clearly show them something on the screen, the outputs that we have found, and in a visual form that’s a lot easier for a client to understand. So if we found an outlier transaction, we can show them the transaction on screen and say “this has come up, the particular transaction we’re talking about, this is the impact it’s had on your financial statements”, and it helps aid this conversation a lot. Any reports that we’re presenting to audit committees or to board members, we are now able to show them some of these visualizations, show them some of the impacts and the trends that we have identified. So it has helped to demonstrate the [audit] outputs to our clients. (Audit Associate, A1)

In many cases, the individuals we interviewed stated that visualization dashboards represented one of the most significant properties of BDA. Also, since such tools enable auditors to better understand the client’s business environment and processes, they carry within them the potential for identifying other areas of the client’s business that require attention and that can be explored as part of non-audit service provision. One interviewee (Partner, P3), for example, noted to us that the visualization outputs supplied by their firm to a client later informed changes in the client’s processes for staff performance evaluation and planning.

4.4. The Relationality of Data and Analytics and Audit Functions in Constructing BDA Expertise

BDA tools are algorithmic technologies requiring, in many cases, advanced computer programing skills (such as script writing) which most modern auditors do not possess, and which usually do not form part of traditional professional accounting training. Therefore, as noted above, auditors often rely on computer programing capabilities from other functions within the firm, such as data assurance, or recruit data analysts from outside to maintain the operation of BDA. Furthermore, in some firms, data-related functions are placed higher in the organizational hierarchy than the audit function, which may be a signal that data and analytics functions assume a significant role in the application of BDA. Many interviewees recognized that a shift of data and analytics functions from the periphery to the center of the audit process in terms of the expertise it provides is a very significant development. Two audit directors describe below how the position of the data and analytics and audit functions in the Big Four firms has evolved as result of BDA:

Data analytics was purely advisory and had no contact with the audit business. Then I joined [another Big Four] as part of the advisory practice, again there was no contact with audit. The data analytics team there when I left in 2014 were still not talking to audit. (Director, D2)

[Now] there is a data analytics that sits on top of audit, which brings together audit and advisory. Data analytics is an umbrella. Within audit there are analytics teams, so we have a risk analytics team and the assurance analytics team sitting within audit. They report into audit but also report to this data analytics umbrella. The idea is that we try and bring the best practice from what we are learning in advisory, tax and anything else, and try to bring it into audit. (Director, D1)

As we showed earlier in the paper, data analysts from the data and analytics function assist auditors with the extraction and transformation of data used as audit evidence. In many firms, the need for these different specialisms to work together in the course of an audit necessitated permanent changes in the composition of audit teams. The interviewee from the Big Four audit firms noted, for example, that most audit teams in their firms now routinely include data analysts:

Eleven years ago, we had ten people on the audit team; all those were traditional ACA qualified auditors. Today, do you see the same resources? No, you need some people who have ACA qualifications; you need some people who are data analysts; and you need some people who are computer programmers. Today, you might have seven people as part of the core audit team, [and they will be] supported by three specialists who are doing the data analytics extract, transform and load process to allow the audit team to focus on high-risk areas. (Director, D3)

As a result of the above changes in the organization of audits the audit functions, particularly in the Big Four firms, are now finding themselves in a new type of relationship with data and analytics functions. That is data and analytics functions do not only provide analytics outputs and staff to maintain the operation of BDA-driven audits, they also set the tone and generates ‘new ideas’ about the potential uses of BDA tools, with auditing being essentially a testing ground where such ideas can be tried out. The same director continues their commentary on these developments as follows:

Data analytics has exploded across the whole business. It has certainly become the big thing that everybody is involved in. So, every aspect of our advisory business is looking at data analytics as well as audit. Everybody, in fact, has jumped on the same band wagon. What we tend to find with our advisory colleagues is, when they got a completely new idea, they would like to try it on the audit. (Director, D1)

The excerpt above points to at least a possibility that BDA tools may be created to serve the needs of the firms’ other service lines rather than reflecting a purely audit mindset, which may, in turn, raise further issues with regards to ethical considerations governing audit work.

The above findings demonstrate that the sociomaterial assemblages through which BDA is enacted in many firms constrain auditors’ ability to act independently, paving the way for a more intertwined and mutually dependent relationship between auditors and data specialists. However, the mutual construction of expertise among data analysts and auditors needed to support the operation of BDA tools is not unproblematic. Prior audit literature (Curtis & Turley, 2007; Fischer, 1996) has documented, in this regard, how the introduction of new audit technologies within the audit firm context often leads to tensions and disagreements between administrators promoting these technologies and the auditors that implement them in practical settings. In the context of BDA, our findings also show how these tensions arise between the technology users (auditors and data analysts) over who should lead the technological change. Interestingly, in some audit firms we interviewed, data assurance managers argued that directing the development of BDA was their responsibility:

We looked at all [the analytical packages] and looked at the advantages and disadvantages of each one, and we chose Alteryx. So, Alteryx is the predominant tool that the data group which I run will use. SQL is obviously a bigger tool that is used globally so we wouldn’t necessarily let auditors run these tools. These are [used] by specialists who understand how to use them. Predominantly, at the moment, auditors are using IDEA. (Manager, M3)

In the excerpt above, a data assurance manager appears to suggest that they have an upper hand in decisions about what tools should be used in the audit process. It also shows how BDA tools are implicated in the claiming of expertise by auditors as opposed to data analysts. More specifically, the choice of Alteryx, over the more popular and widely used IDEA serves to solidify the self-image of data analysts as experts possessing highly specialized knowledge that is not at auditors’ disposal. A respondent in one audit firm openly stated that the use of powerful BDA tools is closely monitored in their firm in order to prevent those with ‘insufficient expertise’ (mainly auditors) from accessing them in breach of audit firm policies. Some firms introduced a BDA accreditation policy to ensure that only experts (staff from the firm’s data and analytics function) are allowed to use certain analytics tools.

Some of these data analytics tools, like Altyrex, R or Python, are incredibly powerful tools and if you don’t know what you are doing with them, you could probably cause more damage than you realize. […] The way we do it internally, we have an accredited tools policy. So, certain tools can be used by everybody because we know that Excel, IDEA or Power BI are simple for people to use. For more complex tools, we say only specialists can use those. (Director, D3)

Some data analysts indicated that auditors’ lacking confidence in their BDA skills was an important source of their scepticism towards the technology. These observations were echoed in comments by the auditors themselves, such as one below, highlighting some dissatisfaction about having to deal with data analytics tasks independently:

There was initially a sense that they [data analytics specialists] would be doing the data analytics for the audit function, but we are actually having to do a lot by ourselves. There is a lot of organizational settling-down at the moment, to try to work out exactly who does what and how do we work together. (Manager, M2)

Thus, the above demonstrates how BDA tools have placed distinctive demands on auditing’s knowledge base and expertise, creating an impetus for the reconfiguration of the established relationships between audit and the firms’ other functions as well as within audit engagement teams. The creation of data and analytics functions within some firms to harbor BDA-related expertise has resulted in tensions between auditors and data analysts as they negotiate ways in which the technology should be embedded in the audit process, including who should have central authority for BDA. The sociomateriality perspective allows us to see how these competitive relational dynamics are as much a product of the actions of specific actor groups as of the particular demands that the technology itself places on its users (Faraj & Azad, 2012; Leonardi, 2011).

5. Discussion and Conclusion

Our findings demonstrate that the acceptance of technological change is ultimately dependent on the technology’s ability to bring ‘comfort’ and lead to the ‘realization of benefits’ for its users, such as enhanced evidential procedures, construction of insights, and communication between key parties during an audit process (Fischer, 1996; Pentland, 1993). In sociomaterial terms, these benefits are affordances which come to the fore as users interpret the properties of the technology during practice (Lindberg & Lyytinen, 2013). What we demonstrate is that the affordances are not simply determined by human agency (actions and decisions of the users) but are a product of ‘interpenetration’ (Orlikowski & Scott, 2008, p. 456) between the users and the technology’s properties. In our case, we drew key empirical insights from the analysis of the application of the ETL model which auditors use in order to interact with BDA tools during key steps of an audit process. We identified three key areas where the dynamic interaction between BDA and its users has reconfigured the nature and organization of audit. These are (i) the automation of procedures for collecting and processing audit evidence; (ii) the visualization of audit findings and the generation of insights to inform audit judgements; (iii) the relationships between practicing individuals (auditors and data specialists) as well as functions within audit firms (audit and non-audit functions).

5.1. Automation of Audit Routines

Our findings demonstrate that material properties of BDA such as scripts have been taken up as a key means for automating audit procedures, effectively re-assigning many of the key tasks previously performed by humans to technology (Alles, 2015; Cao et al., 2015). The deployment of software utilities and computer programing languages enables auditors to tackle one of the key practical challenges – insuring the sufficiency and appropriateness of audit evidence (Curtis & Turley, 2007; Power, 2003). Leveraging BDA tools to access large data warehouses and interrogate data stored in different formats affords an extended operational scope and depth for audit evidence collection and analysis. The problematic issue here is that processes of audit evidence gathering in BDA-driven audit environments are characterized by arguably greater uncertainty (Yoon et al., 2015). In contrast, statistical audit sampling and manual techniques previously produced more incremental and predictable approaches whereby audit evidence collection followed ‘closely last year’s audit plan, so long as nothing had gone wrong on that audit’ (Humphrey & Moizer, 1990, p. 227).

The performative agency of scripts is also evident in how they carry within them assumptions about sufficient confidence in the validity of BDA outputs, despite such outputs being generated with little human intervention (Lehrer et al., 2018; Lindberg & Lyytinen, 2013; Orlikowski & Scott, 2008). We show, however, how some auditors’ scepticism towards the reliability of outputs generated through BDA has led to practices where new (BDA-enabled) practices are supplemented with traditional (manual) techniques, or what Wagner et al. (2011) termed ‘legacy functionalities.’ This, in turn, has restricted the realization of the technology’s dispositional affordances with regards to audit process automation and, in some instances, has resulted in over-auditing.

5.2. Performing Professional Judgements and Constructing Audit Insights Through Visualization

Our findings show that visualization dashboards are among the most commonly used BDA properties. They also point to two interrelated areas of practice where their affordances are most evident. First, dashboards are increasingly important in enabling auditors to uncover areas of concern for audit purposes. Auditors’ decisions on issues such the appropriate amount of control or substantive testing are informed not just by their prior experience and accumulated knowledge but also by the outputs of visualization. In other words, professional judgements do not only reside within the auditors’ cognitive frames, they are also formed and articulated by reference to the insights generated through the use of BDA. Hence, visualization dashboards that form part of BDA do not simply visualize/represent, they perform by shaping both the client reality and audit practice. They carry within them the ‘mechanisms of reactivity’ (Pollock & D’Adderio, 2012, p. 565) by uncovering clients’ inefficiencies that auditors are then compelled to react to. The so-called ‘insights’ produced through visualization may also be framed as opportunities (for enhancing clients’ businesses) as they are inherently forward-looking (they can be realized if the client decides to act upon them). Data manipulation using interactive visualization dashboards may not only represent the underlying transactions but also serve to re-imagine the client’s business through rationalities of efficiency and competitive advantage. Here, such insights may be seen as affordances (Hultin & Mähring, 2014; Lindberg & Lyytinen, 2013) that auditors convey as they construct visually appealing operational realities for their clients which ‘unlock’ value and generate further business for their firms. There is indeed a possibility that visualization dashboards may serve to enable auditors to maintain their commercial viability and enhance their image of versatile business advisors (Guo, 2016; Robson et al., 2007).

Second, another key affordance resulting from auditors’ interaction with visualization dashboards is the enhanced visibility of what is subject to audit. With the help of dashboards, auditors are able to provide comfort to clients in cases of disagreements by projecting multiple dimensions through which a contested accounting issue or treatment can be viewed and explained, particularly in areas requiring significant judgement. Audit judgements are thereby made more ‘auditable’ (Power, 1997) through the BDA’s capability to visualize the workflow of the audit process and decision-making. This increased visibility may make it easier for auditors to communicate the narrative of audit quality to the parties concerned (clients and regulators) and maintain the notion that such quality is made more observable through visualization.

5.3. Relationality Effects of BDA

BDA affordances are also salient in areas that relate to the relationship between the firms’ audit and non-audit functions as well as between auditors and other specialists, such as data analysts, working as part of multi-disciplinary audit teams. More specifically, the audit functions in many Big Four firms we interviewed are located in close proximity to other functions that harbor expertise in developing and managing tools to exploit Big Data, such as the ‘data assurance’ or ‘risk advisory’ services. In case of BRA, Curtis and Turley (2007, p. 459) noted that it ‘would have benefitted from a different organizational structure, and one that was better equipped to provide the consulting services.’ Our findings demonstrate that audit firms seek to pursue new organizational arrangements to leverage the knowledge spill-overs generated through interactions with BDA technologies. Here, the audit function represents essentially a ‘pooling centre’ feeding data into the firms’ other business lines, such as risk advisory. While arrangements where auditing is closely aligned with functions having clear commercialistic intent inevitably raise questions about auditor independence, large firms appear to justify them on the basis that they enable the leveraging of diverse expertise to enhance audit quality.

Furthermore, ETL-related workflows have been geographically distributed across countries in the form of shared services centers. This places significant emphasis on the role of data analysts in the information supply chain feeding into the audit process. While prior studies showed how auditors relied on computer experts in areas where knowledge was sparse (Hux, 2017), BDA technologies arguably require a more fundamental shift towards knowledge co-production and closer interactions between BDA tools, data specialists and auditors. Such interactions are necessary because auditors lack the advanced competencies required to extract and transform data in the ETL model, including an ability to code queries and programs. However, a growing availability of more accessible coding tools may afford wider acceptance of BDA in the future, and also further reassessment what practice expertise should be essential in data-driven audit environments (Brown-Liburd et al., 2015).

Our findings also point to potential avenues for further research. While we focused on BDA-related changes in large audit firms, there is a real possibility that smaller audit entities may have markedly different experiences, incentives, and demands that may significantly influence their engagement with BDA. The outcomes of the changes are likely to vary also across the firms’ offices in different countries, which points to the need for both country-level and cross-cultural perspectives. Further, further research is necessary to gain a better understanding of the use of BDA tools, such as visualization dashboards, and how audit judgements and decisions are derived when these tools are employed. Finally, it appears that the explosion of BDA tools in audit environments has occurred in parallel with other related developments, such as artificial intelligence, including Robotic Process Automation (RPA), machine learning and blockchain accounting (FRC, 2020). There is evidence emerging of large audit firms developing proprietary toolkits to leverage these latter technologies (EY, 2018), which is likely to have significant implications for how they engage with BDA and the overall influence of these technologies on the nature and social relevance of audit practice.

Acknowledgements

The paper has benefitted from constructive feedback from Special Issue editors, two anonymous reviewers, Adam Aoun, Carolyn Cordery, Carolyn Whayo, Ed Vosselman, Edward Chikumbanje,Edward Zimba,George Ajassi, Leslie Kirsch and participants at 8th Organizations, Artifacts and Practices (OAP) 2018 Workshop and 10th European Auditing Research Network (EARNet) 2019 Symposium. We would also like to thank interview participants and practitioners who provided valuable feedback on the earlier drafts of this paper.

Disclosure statement

No potential conflict of interest was reported by the author(s).

Notes

1 SAP (Systems, Applications, and Products) is form of an ERP which most big organizations use to organize and integrate their business process and functions.