I expect that EY does not have access to numbers and any account information. You give away as least information as you can because you cannot just trust auditing team from some 3rd party not to use that data in collusion with your competitors.
What I expect they do have access to is documentation for procedures and processes. They audit for example if all procedures are written down and check proofs for procedures that were done by employees.
So it is like you have to clean the toilet and you have procedure that whoever cleans the toilet signs list. Every end of the shift manager checks the list and checks toilet if it is clean.
Fun part is having signed list for a day does not tell you that for half of the shift employee was only signing the list but did not do any cleaning and you might have dozens of customers seeing how terrible dirty toilet was.
Quite the opposite, EY as an aidotor has, and is supposed to het, access to any financially relevant data, documents and transactions they need to their job. That includes, among other things, invoices to customers, suppliers, inventory data and transactions, bank statements, credit card data, contracts with clients and suppliers and so on and so forth. That is actually part of a financial auditors job and responsibility. Yryong to minimize data access is exactly what Wirecard did, and EY accepted for some reason. Which absolutely not normal, it is in fact a major red flag.
I expect that EY does not have access to numbers and any account information. You give away as least information as you can because you cannot just trust auditing team from some 3rd party not to use that data in collusion with your competitors.
What I expect they do have access to is documentation for procedures and processes. They audit for example if all procedures are written down and check proofs for procedures that were done by employees.
So it is like you have to clean the toilet and you have procedure that whoever cleans the toilet signs list. Every end of the shift manager checks the list and checks toilet if it is clean.
Fun part is having signed list for a day does not tell you that for half of the shift employee was only signing the list but did not do any cleaning and you might have dozens of customers seeing how terrible dirty toilet was.