Learn how to provide accurate and complete evidence
Information Produced by the Entity (IPE) is a term used in compliance and auditing that regards the actual information used by the auditor in order to assess, test, and draw conclusions about controls, and ultimately, the audit opinion.The Completeness and Accuracy aspects are key in ALL pieces of IPE:
- Completeness: This ensures that all transactions are included i.e. if the report extract has 10 entries, we need to be able to prove and verify that there were exactly 10 transactions in the report, as it was on the system.
- Accuracy: This ensures that the correct amount, value, and totals are disclosed in the information. This is not limited to numerical values only and could include hash values of a text file for example.
In summary, whenever any piece of information is needed as audit evidence, it is critical that we can show where the information is coming from when it was extracted (to prove it is relevant to the audit), what was applied to the data before extraction (filters/manipulation), and we can verify it comes from the source system itself.
Scytale is taken care of it
An IPE file is generated by Scytale for each of the evidence that was collected automatically. The IPE file provides assurance that the query used to collect the evidence was complete and accurate. This improves the "trust" in the evidence and provides assurance for the auditors to rely on the evidence for testing purposes.
IPE file in Scytale application
Scytale provides an IPE file for each of the evidence that was collected automatically, as per the attached screenshot below. The IPE file is generated on a daily basis with the evidence.
So you can relax and trust the automated evidence collected by Scytale and focus on the manual tasks.
For more information, please take a look at our Glossary!