alt Hacker NewsPerhaps the auditing needs to be done on the workflow process and once the automated code is in place there needs to be a traceable chain of modifications to it that need to be justified.
The "audit" certifies a certain hash of a repo that produces known-good results, and if you use a different commit in that repo you have explain in an SEC filing why you modified things.
Basically reproducible builds for financial results:
I know a few accountants, and I do not think this is possible. There is an incredible amount of manual adjustments that have to occur to get the books in order. I suspect the official process is 100% GAAP approved and great, but the messy reality has thousands of tweaks that were massaged all over the place to correct for one thing or another.