Auditing in the Era of Big Data

Abstract

In an increasingly digital economy, many firms are under pressure to demonstrate that they have effective internal controls over their data. Accounting standard setters recently implemented a new framework for independent audits of these controls. Using hand-collected data, I find that 29 percent of firms in the S&P 500 receive these audits, and that these audits are associated with a $900,000 increase in audit-related fees per year after controlling for other factors (a dollar value that exceeds average fees for tax services). I also use novel audit-level detail to show that the internal controls evaluated for these audits (e.g., cryptographic data storage and external security threats) differ significantly from the internal controls evaluated for financial statement audits. Overall, this study provides some of the first systematic evidence on this important market for audit services, and demonstrates that audit firms have expertise in institutional settings beyond financial statement assurance.