Supporting Continuous Monitoring Using Control Charts
May 2003
1
Supporting Continuous Monitoring Using Control Charts
Abstract
There is currently much being written about increasing the frequency and timeliness of
financial reporting. Comments frequently support the desirability and question the feasibility of
continuous reporting. Under our current paradigm, if we report continuously, we also must
monitor and audit on a continuous basis. Current audit standards generally address the
outcomes, rather than the detailed procedures the auditor must follow to meet the objectives of
the audit. The purpose of this paper is to propose and demonstrate a technique for continuously
monitoring financial information using control charts of accounting information.
In this study, financial data were collected and used to implement control charts. The
authors suggest that charts similar to these can be used in conjunction with statistical and
analytical techniques to detect signals that financial processes are not in control. Refinements of
this technique should assist those internal and external to organizations, who are concerned with
the reliability of information produced and reported by the organization.
2
Introduction
Over the past two decades, the proliferation of technology has led to the increased availability
of financial information. Although the timing of financial reporting has not changed significantly,
currently there is much being written about increasing the frequency and timeliness of financial
reporting and assurance (Vasarhelyi 2002). Technology advances have generally increased system
capabilities enabling integrated packages to simplify and accelerate the mechanical process of financial
reporting. Generally, people agree that increasing the frequency may be useful, but have reservations
about the feasibility of the implementation of continuous reporting and assurance. For example,
Searcy, Woodroof, and Behn (2003) report the following quote from a Big 4 audit partner.
The process we have is good but is designed for the annual audit… We will need
the ability to push a button at any point in time and have the system summarize
for the engagement team process issues identified to-date that can lead to risk
that the financial statements are inaccurate, rather than rely only on a
traditional review of workpapers, manual summarizations of issues and followup.
[We need to be able to] use technology to actually audit as opposed to using
technology to automate manual auditing procedures.
Although continuous assurance was proposed over a decade ago (Groomer and Murthy 1989;
Vasarhelyi and Halper 1991; Vasarhelyi, Halper, and Ezawa 1991), to move assurance from the
current periodic model to a continuous process, auditors will need to look to non-traditional tools
3
and techniques. Furthermore, Kogan, Sudit, and Vasarhelyi (1999) have called for and
suggested research to be completed that would support the development of continuous assurance
and audit.
The current research suggests using control charts to assist auditors and other decisionmakers in the identification of patterns in the underlying processes that produce financial
statements. Control charts have historically been used for monitoring manufacturing processes
and identifying when processes become “out of control”. Once interesting patterns are
identified, decision-makers may focus on the processes that generated the patterns.
The objective of continuous monitoring is detecting data abnormalities as near as possible
to the time of occurrence of the underlying event that generated the data. If an error or
irregularity occurs and is detected, the situation can often be corrected, and the effect quickly
mitigated. Overall, the purpose for monitoring financial information is to gain confidence that
the systems are operating as intended, through the ability to identify and resolve errors,
irregularities, or inconsistencies. The current research demonstrates a tool, the use of control
charts, to detect abnormal patterns in data, providing support for additional analysis and
detection of potential problems in the underlying system.
The remainder of the paper is organized as follows. In the following section, background
literature is provided for the research described in this paper. This background includes material
addressing continuous auditing and assurance, and an overview of control charts and their use.
The next section provides a description of the methods used to transform the data for use in
control charts. The third major section discusses the results obtained. The final sections provide
4
descriptions of some of the limitations, future research directions, and conclusions based on this
research.
Background
Continuous Auditing and Assurance
As pointed out above, continuous audit and assurance was proposed over a decade ago.
Groomer and Murthy (1989) proposed embedding audit modules into a client’s software. By
using this method it would be possible to capture and evaluate relevant information in a more
continuous manner.
Vasarhelyi and Halper (1991) described an alternative audit approach called the
Continuous Process Audit Methodology (CPAM). In this approach, they suggest that
“continuous process auditing can be considered as a meta form of control and can be used in
monitoring control … by scanning for the occurrence of certain patterns …” (Vasarhelyi and
Harper 1991, p. 180). Furthermore, they propose that by having online systems monitored in a
continuous manner, auditing will become more of an audit by exception instead of a periodic
audit, i.e., when an exception occurs, an audit will be required based on the nature of the
exception.
In 1997, a joint committee of the AICPA and CICA issued a report that suggested CPAs
and CAs will need to monitor the functioning of a firm’s systems in order to assure the reliability
of the data provided by the systems (AICPA 1997). They suggested that the CPA/CA would
need to “either (1) embed some level of monitoring or control in the client’s system or (2) direct
regular inquiries into client processing systems/databases” (Vasarhelyi 2002, p. 261). The
5
approach described in the current paper provides the auditor an aid to determine when and where
to query a client’s system.
As reported by Searcy et al. (2003), a Big 4 audit partner suggests that “the use of
technology tools that assist with auditing through our clients’ systems will become increasingly
important.” They also provide evidence that as continuous auditing of continuous reporting
increases, that the Big 4 partner’s believe that the clients’ expectations of an auditor’s ability and
responsibility will increase in the areas of (1) reporting on going concern problems in a more
timely manner, (2) detecting fraud, and (3) determining the reliability of financial information.
Based on the above, it seems that as the audit profession moves toward a more
continuous audit by exception philosophy, the auditor must be able to monitor the financial
status of a client firm in a real-time manner. In the next subsection, the use of control charts is
described, as a basis to raise alarms to notify an auditor to further investigate a possible problem
within a client’s system.
Control Charts
The control chart, also known as a Shewhart chart, was created in the 1920s by Dr.
Walter A. Shewhart of the Bell Telephone Labs. It was initially created to provide a way to
monitor manufacturing processes in a more statistically sound manner. The control chart
continues to be one of the primary tools used in statistical quality control. There are many
different types of control charts; each type is essentially a run chart that plots the values of
observations taken from a manufacturing process. The values are plotted around the mean. As
long as the observations do not stray too far from the mean for too long, the underlying process
is considered to be under control (Brassard 1989 and Harris 1996).
6
Manufacturing processes have been monitored frequently through the use of control
charts (Shirland 1993). If a process is in control, the control chart will appear as if the variation
in the control chart is randomly distributed. If a process is out of control, the data will appear to
have a pattern or some abnormality. Even if a process is in statistical control, it does not
necessarily guarantee that the process will produce a valid or usable product. However, if a
process is out of control, the likelihood of the process producing a usable product is low
(Shirland 1993). Wheeler (1993, 130) indicates that each signal identified on a control chart
provides the decision-maker with “an opportunity to gain more insight into the process.”
Metaphorically speaking, financial statement creation parallels a manufacturing process;
raw materials (data) are purchased (collected) and processed providing the finished goods
(financial reports). As control charts are overlaid on the process, one should be able to determine
if the raw data or financial statement creation process is going “out of control.” Through the
application of this manufacturing metaphor in conjunction with control charts, it is possible to
identify potential problem areas within the financial statements. Such data or processing
problems could be due to information systems problems, fraud, and/or accounting irregularities.
The control charts only serve to raise flags to notify decision-makers that additional
investigations may be necessary. Because the control charts provide an alert of a potential
problem, it is important that they are operating at an appropriate sensitivity level. Control charts
that are too sensitive will raise flags when not appropriate, causing unnecessary investigations
and other problems for decision-makers. Control charts with too little sensitivity may lead a
decision-maker to overlook serious problems that may exist. As such, control charts should be
7
only one of many tools used by decision-makers to monitor information identified as “high risk”
to the financial health of an organization.
Methods
To illustrate the application of control charts to monitoring of financial reporting, the
authors developed control charts from certain historical financial data collected from several
firms within three industries. The data used to develop the control charts in this paper were
collected from Compustat. Due to the increased reporting frequency over annual data, quarterly
data were selected. Currently, there is not a common source of data with more frequent
periodicity and reliable financial data available for companies and industries. The data selected
for this study encompassed the periods from first quarter 1993 through fourth quarter 2002 (ten
years).
The authors selected financial information relating to three companies with a history of
financial irregularities. These firms include WorldCom, Rite Aid, and Oxford Health Plans. For
comparison purposes, the authors also chose two additional firms in each of the corresponding
industries of the “problem” firms. For the purpose of this paper, industry is defined as
companies with identical SIC codes. The two additional firms that were chosen are not known to
have a history of financial irregularities. The comparison firms for WorldCom included AT & T
and BellSouth, for Rite Aid, CVS, and Walgreen’s, and for Oxford Health Plans, Aetna and
Cigna.
8
Selected account balances of the “problem” firms were also compared to the related
account average values for their respective industries. The specific accounts investigated are
based on suggestions by Mulford and Comiskey (2002) and Schilit (2002).
The accounts used to illustrate the control chart concepts varied by company, based on
the type of irregularity that was known to exist within the company. For WorldCom, the
irregularity involved improperly classifying cost of sales as long term assets (SEC 2002a); the
authors selected the cost of goods sold account to use for analysis in the current paper. Rite Aid
was charged by the SEC (2002b) with a variety of accounting irregularities. Among these
irregularities were erroneous inventory markdowns, leading the authors to use the inventory
account as the illustrative account. The third company, Oxford Health Plans’ accounting
irregularities were apparently unintentional and based on billing issues related to a computer
upgrade (Schilit 2002). For Oxford Health, the authors looked at Net Income, an aggregation of
the nominal accounts.
For this paper, the authors extracted quarterly information for a ten year time period,
providing forty data points for the preparation of control charts and data analysis. In practice, an
individual monitoring the financial statements ideally should have access to the actual values in a
more continuous manner.
Several procedures were used to standardize the raw extracted data. For demonstration
purposes, Table 1 shows only the results from standardization procedures for the first two years
(eight quarters) of the Cost of Goods Sold account data for the WorldCom analysis. Table 1
begins with actual values for the Cost of Goods Sold and Sales accounts. Following Schilit
(2002) and Welsh, Zlatkovich , and White (1976), the data were “common sized” by dividing the
9
selected accounts by the total sales, for the income statement accounts (Cost of Goods Sold for
WorldCom and comparables), or total assets, for the balance sheet accounts (Inventory for Rite
Aid and comparables), for the same period. In the Table 1 example, Cost of Goods Sold was
divided by Sales (see Common-Sized Values). Second, a moving average of four data periods
(quarters) was used to provide the base line for the control chart. In this case, the first period in
which a moving average was computable was for Dec-92 (see Moving Averages in Table 1).
Next, a moving standard deviation was computed, that in conjunction with the moving average
could be used to compute a Z-score for each of the “4-period windows” (see Moving Std
Deviations in Table 1). Finally, a “z-transformation” of the data was used to set the base line to
zero and standardize the periodic data (see Z-Score Transformation in Table 1). Based on the ZScore values, control charts were created and analyzed (See Discussion below).
There are many different rules on which to base the control chart analysis. Within this
paper, the authors investigate the use of rules regarding runs in z-transformed account values to
identify areas for additional investigation. For example, if the z-transformed value of a specific
account has a set of seven positive (or negative) values above (or below) the moving average in
seven consecutive time periods, there could be a problem with the underlying process. The
probability of seven values in a row being above (or below) the mean is less than two percent.
This is the so-called “rule-of-seven” (Shirland 1993).
Through the application of control charts and the appropriate rules to monitor the
accounts, the authors believe that it is possible to identify problem areas within the financial
accounts, in a manner that it has been applied in manufacturing, before the accounts go “out of
control” and potentially before irreversible consequences occur.
10
Results and Discussion
The three examples of using control charts to identify potential problem areas are
described in this section. First, control charts associated with WorldCom and its competitors and
industry are presented. Next, control charts are presented for the data associated with Rite Aid
Corporation and its competitors and industry. Finally, the results associated with Oxford Health
Plans and its competitors and industry are presented in control chart format. The control charts
are presented in Figures 1 through 6. In Figures 1, 3 and 5, data points that fall under the rule-ofseven are identified with an oval.
Figure 1 is a control chart demonstrating the behavior of WorldCom’s cost of goods sold
from the first quarter of 1992 through the fourth quarter of 2001 (data points identified by
diamonds). An industry comparison for values of cost of goods sold is shown on the chart with
squares. An examination of the WorldCom data shows in quarters 21 through 31 (Quarter 1,
1997 through Quarter 3, 1999 consisting of 11 data points), the data points are in “violation” of
the rule of seven, indicating that there may be some systematic problem with cost of goods sold
during the period. This pattern is consistent with the type of issues that are covered in the
allegations made against WorldCom. The company has since restated financial results from
2001 and 2002. Had auditors considered the authors’ proposed method of analysis during 1998,
it is likely that cost of goods sold would have received additional scrutiny during the period
under question. As a control, the industry data for the cost of goods sold account is also
presented (industry data points are shown as squares). Based on the stated criteria, there do not
appear to be any systematic patterns in the industry as a whole.
11
As an additional control, Figure 2 displays cost of good sold information for two other
companies in WorldCom’s industry, BellSouth (diamond) and AT&T (square). Analysis of this
data also shows no systematic patterns to suggest that underlying systems used to report cost of
goods sold for these companies are out of control.
The example of Rite Aid is provided in Figure 3. Rite Aid’s data are shown using the
diamond symbols, while the industry data are identified with squares. Rite Aid’s various
problems with inventory prompted their inclusion in this study. In examining the data in Figure
3, there are two time periods that are identified when applying the rule-of-seven. The first
period, includes the seven periods from the second quarter of 1996 through the fourth quarter of
1997 (inclusive). The second includes the seven periods from the first quarter of 1998 through
the third quarter of 1999 (inclusive). The SEC (2002b) complaint against Rite Aid indicates
problems existed from May 1997 through May 1999, a period that overlaps the time periods
where Figure 3 would support additional investigation. The industry data presented in Figure 3
does not indicate the existence of a systemic problem within the industry as a whole.
Figure 4 shows data collected from the two other companies selected from within Rite
Aid’s industry, Walgreen’s (diamond) and CVS (square). The same methods and criteria that
were used to evaluate Rite Aid do not provide support for the existence of out-of-control
inventory systems at Walgreen’s or CVS.
Net income data from Oxford Health Plans (diamond) is presented with the
corresponding industry data (square) in Figure 5. Schilit (2002) describes the circumstances
surrounding a 1997 New York State Insurance Investigation ending with a $3 million fine for
Oxford and mandated $50 million increase in insurance reserves. Also in 1997, the value of the
12
company’s common stock fell 62%. At the heart of the problem was a 1996 computer upgrade
that did not work properly, negatively impacting earnings. The results displayed in Figure 5
indicate the potential for a problem in the nine periods prior to the actual problem (second
quarter, 1994 through second quarter 1996, inclusive). It is likely that these results do not
identify the actual problem, but may identify systematic issues that precipitated the need for the
system upgrades. Once again, the industry data does not provide any support for the existence of
an “industry based” problem.
In the final example, Figure 6 presents net income data from two members of Oxford’s
industry, AETNA and CIGNA. The data provided for these companies do not indicate a
problem exist in their systems or underlying data.
For each company that was identified as having prior public disclosures of significant
problems within their financial accounting and reporting system, the figures show relevant
accounts and how using control charts and the rule-of-seven may help identify problems that
might go unnoticed for a significant amount of time, increasing financial damage to the company
and ultimately to its investors. Concurrently, industry data were provided that indicated the
problems were not industry-wide, but rather company specific. In addition to the industry data,
two other companies within each industry were presented to support the validity of the rule to not
only identify problems, but also to “non-identify” companies that do not have problems.
Limitations and Future Research
This study is an initial attempt to investigate the usefulness of control charts, a tool
created and refined for use in manufacturing environments, but applied to financial accounting
13
information systems by the authors. As an initial study, the authors recognize and acknowledge
several significant limitations of the study. Many of these limitations are being addressed in
other research currently in process by the authors.
One of the main limitations of this research is the lack of true continuous data for the
range of instances examined – multiple variables across three industries and nine companies;
three of the companies with known accounting irregularities. Although the use of quarterly data
is “more continuous” than annual data, it is far from continuous in reality. To address this issue
will require corporate transparency; a requirement that is complicated by the need for data from
companies with irregularities. Typically, one would not expect a company to agree to disclosing
data if an irregularity or investigation is known to be in process. In the near future, as
technologies such as XBRL are implemented, it might be possible to accumulate instances of
near-continuous data for a study of active companies.
In addition to issues surrounding limited continuous data availability, there are also
potential limitations in applying control charts to financial processes. Since this is a new domain
for this application, the rules to interpret the charts and identify “out-of-control” systems may
need to be modified. Alternatively, new rules may need to be developed. Other common rules
(to manufacturing) that are currently under investigation by the authors include:

If an individual point is above (or below) three standard deviations from the
mean, then the underlying process is potentially out of control

If the values trend in the same direction (increasing or decreasing) for seven
periods, then it is likely that the underlying process is out of control.
14

If the values for two or more periods are greater than two standard
deviations (Z = 2), but within the actual control limits, then it is likely that
the underlying process is out of control.

If the values for four or more periods are greater than one standard deviation
(Z = 1), but within the actual control limits, then it is likely that the
underlying process is out of control.
With any control chart rule, one must consider the frequency of reporting; examining the
usefulness of standard control charts when monitoring accounting processes at all reporting
frequencies, including continuous reporting.
It is likely that companies at different levels of maturity may need to be evaluated by
different rules. For example, a start-up company would likely be in a growth mode, making the
likelihood of a “false” out of control identification a possibility. There also may need to be
variation of rules based upon company size, if it is determined that the size of the firm has an
effect on the cost or asset structure of a firm.
Conclusion
In this research, the authors suggest that control charts may provide a way to
continuously monitor business and financial processes. Control charts have been successfully
used to monitor manufacturing processes and to identify processes when they become “out-ofcontrol”. As demonstrated by the provided examples, they may also be beneficial when
monitoring financial processes, by helping identify patterns that may indicate a problem with
underlying accounting data.
15
Currently, the usefulness of the concept is probably highest for auditors, internal and
external, as an additional analytical review procedure. Ultimately, as companies increase the
frequency of reporting, the concept also may be beneficial to other decision-makers, through the
identification of systemic problems within an organization.
16
Table 1: Two years of Values for Cost of Goods Sold for
AT&T, Bell South WorldCom, and the Industry
Based on Compustat Quarterly Account Data (March 1992-December 2001)
Actual Account Values
COGS – Industry
WorldCom – COGS
Bell South – COGS
AT&T – COGS
Sales – Industry
WorldCom – Sales
Bell South – Sales
AT&T – Sales
Common-Sized Values
COGS – Industry
WorldCom – COGS
Bell South – COGS
AT&T – COGS
Moving Averages
COGS – Industry
WorldCom – COGS
Bell South – COGS
AT&T – COGS
Moving Std Deviations
COGS - Industry
WorldCom - COGS
Bell South - COGS
AT&T - COGS
Z-Score Transformations
COGS - Industry
WorldCom - COGS
Bell South - COGS
AT&T - COGS
Mar-92
600.6124
105.252
2,153.10
8,578.00
1083.617
183.748
3,738.70
15,375.00
Jun-92
614.8397
112.311
2,170.10
8,788.00
1090.765
197.815
3,764.10
15,845.00
Sep-92
538.8757
116.821
2,216.10
9,023.00
1033.385
205.78
3,736.00
16,180.00
Dec-92
618.7917
123.8
2,371.20
9,713.00
1149.957
213.41
3,910.10
17,504.00
Mar-93
623.2446
129.2
2,262.00
9,517.00
1092.328
219.011
3,833.70
15,719.00
Jun-93
641.5731
148.003
2,279.60
10,263.00
1132.138
251.514
3,906.90
17,337.00
Sep-93
644.2354
158.088
2,316.70
10,284.00
1116.206
281.788
4,014.90
17,225.00
Dec-93
712.2872
222.546
2,436.30
11,571.00
1190.136
392.401
4,124.80
19,070.00
0.554266
0.572806
0.575895
0.557919
0.563678
0.567758
0.576526
0.554623
0.521467
0.567699
0.593175
0.557664
0.5381
0.580104
0.60643
0.554902
0.570566
0.589925
0.590031
0.605446
0.566692
0.588448
0.583481
0.591971
0.577165
0.561018
0.577026
0.597039
0.598492
0.567139
0.590647
0.606765
0.544378
0.572092
0.588006
0.556277
0.548452
0.576371
0.59154
0.568159
0.549206
0.581544
0.593279
0.577496
0.563131
0.579874
0.589242
0.587339
0.578229
0.576632
0.585296
0.600305
0.018571
0.005854
0.014658
0.001756
0.022776
0.010755
0.012276
0.024896
0.023486
0.010193
0.009652
0.02513
0.017238
0.013294
0.012629
0.022328
0.014184
0.014722
0.006397
0.00703
-0.33805
1.368816
1.256839
-0.78326
0.97091
1.260149
-0.12297
1.497719
0.744516
0.677388
-1.0151
0.576025
0.814154
-1.41844
-0.9673
0.43443
1.42861
-0.64481
0.83659
0.918808
17
Figure 1: Control Chart - Cost of Goods Sold
WorldCom and Industry Quarterly Data (March 1992-December 2001)
2
1.5
1
0.5
WorldCom - Cost of Goods Sold
0
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
Industry - COGS
-0.5
-1
-1.5
-2
18
Figure 2: Control Chart – Cost of Goods Sold
BellSouth and AT&T Quarterly Data (March 1992-December 2001)
2
1.5
1
0.5
Bell South-COGS
39
37
35
33
31
29
27
25
23
21
19
17
15
13
11
9
7
5
3
1
0
AT&T - COGS
-0.5
-1
-1.5
-2
19
Figure 3: Control Chart – Inventory
Rite Aid and Industry Quarterly Data (March 1992-December 2001)
2
1.5
1
0.5
Rite Aid - Inventory
0
1
3
5
7
9
11
13
15
17
19
21
23
25
27
29
31
33
35
37
39
Industry - Inventory
-0.5
-1
-1.5
-2
20
Figure 4: Control Chart – Inventory
Walgreen and CVS Quarterly Data (March 1992-December 2001)
2
1.5
1
0.5
Walgreens - Inventory
0
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
CVS - Inventory
-0.5
-1
-1.5
-2
21
Figure 5: Control Chart – Net Income
Oxford Health Plan and Industry Quarterly Data (March 1992-December 2001)
2
1.5
1
0.5
OHP - Net Income
0
1
3
5
7
9
11
13
15
17
19
21
23
25
27
29
31
33
35
37
39
Industry - Net Income
-0.5
-1
-1.5
-2
22
Figure 6: Control Chart – Net Income
AETNA and CIGNA Quarterly Data (March 1992-December 2001)
2
1.5
1
0.5
AETNA INC - Net Income
0
1
3
5
7
9
11
13
15
17
19
21
23
25
27
29
31
33
35
37
39
CIGNA CORP - Net Income
-0.5
-1
-1.5
-2
23
References
American Institute of Certified Public Accountants (AICPA) Report of the Special
Committee on Assurance Services, Systems Reliability Assurance Segment; 1997.
Available at: http://www.aicpa.org/assurance/scas/reliab/index.htm .
Brassard M. The Memory Jogger Plus+: Featuring the Seven Management and Planning
Tools. Goal/QPC, Methuen, MA: Goal/QPC; 1989.
Groomer M, Murthy U. Continuous Auditing of Database Applications: AN Embedded
Audit Module Approach. Journal of Information Systems 1989;3(2): 53-69.
Harris RL. Information Graphics: A Comprehensive Illustrated Reference. Atlanta, GA:
Management Graphics; 1996.
Kogan A, Sudit E, Vasarhelyi M. Continuous Online Auditing: A Program of Research.
Journal of Information Systems 1999;13(2):87-103.
Mulford CW, Comiskey EE. The Financial Numbers Game: Detecting Creative
Accounting Practices. New York, NY: John Wiley; 2002.
Schilit H. Financial Shenanigans: How to Detect Accounting Gimmicks & Fraud in
Financial Reports, 2nd Ed. New York, NY: McGraw-Hill; 2002.
Searcy D, Woodroof J, Behn B. (2003) Continuous Audit: The Motivations, Benefits,
Problems, and Challenges Identified by Partners of a Big 4 Accounting Firm. In:
Sprague R Jr., editor. Proceedings of the 36th Hawaii International Conference on
System Sciences. Los Alamitos, CA: IEEE Computer Society Press; 2003.
Securities and Exchange Commission (SEC). Re: WorldCom, Inc: Revised Statement
Pursuant to Section 21(a)(1) of the Securities Exchange Act of 1934; 2002a.
Available at: http://www.sec.gov/news/extra/wcresponserev.htm .
Securities and Exchange Commission (SEC). SEC Announces Fraud Charges Against
Former Rite Aid Senior Management; 2002b. Available at:
http://www.sec.gov/news/press/2002-92.htm .
Shirland LE. Statistical Quality Control with Microcomputer Applications. New York,
NY: John Wiley; 1993.
Vasarhelyi MA. Chapter 12: Concepts in Continuous Assurance. In: Arnold V, Sutton SG,
editors. Researching Accounting as an Information System Discipline. Sarasota,
FL: American Accounting Association, 2002.
Vasarhelyi MA, Halper F. The Continuous Audit of Online Systems. AUDITING: A
Journal of Practice and Theory 1991;10(1): 110-125.
Vasarhelyi MA, Halper F, Ezawa K. The Continuous Process Audit System: A Unix-Based
Auditing Tool. The EDP Auditor Journal 1991;3: 85-91.
Welsch GA, Zlatkovich CT, White JA. Intermediate Accounting. Homewood, IL: Irwin;
1976.
Wheeler DJ. Understanding variation: the key to managing chaos. Knoxville, TN: SPC
Press; 1993.
24