Inherent Risk

Topics: Internal control, Audit, Auditing Pages: 32 (9634 words) Published: October 12, 2011
THE RELATIONSHIP OF RISK ASSESSMENTS AND INFORMATION TECHNOLOGY TO DETECTED MISSTATEMENTS

Lizabeth A. Austen Assistant Professor University of Arkansas Aasmund Eilifsen Associate Professor Institute of Accounting, Auditing and Law Norwegian School of Economics and Business Administration William F. Messier, Jr. Deloitte & Touche Professor Georgia State University Professor II Institute of Accounting, Auditing and Law Norwegian School of Economics and Business Administration

Preliminary Draft: Do not quote without authors’ permission.

December 2000 Please address all correspondence to:
Professor William F. Messier, Jr. School of Accountancy J. Mack Robinson College of Business Georgia State University P. O. Box 4050 Atlanta, GA 30303-4050 Office: 404-651-4465 Email: bmessier@gsu.edu

Funding for this research was provided to Professors Eilifsen and Messier by grants from the Norwegian Institute of Public Accountants and the Research Council of Norway.

THE RELATIONSHIP OF RISK ASSESSMENTS AND INFORMATION TECHNOLOGY TO DETECTED MISSTATEMENTS ABSTRACT

In this paper we empirically examine the relationship of (1) risk assessments and (2) the extent of computerization of accounting systems to the incidence and magnitude of misstatements. The six largest public accounting firms in Norway provided misstatement data from 58 audits. The results show that inherent risk factors related to personnel issues are related to the incidence of misstatements at the financial statement level. These factors plus factors related to management integrity and prior period accounting adjustments are related to the magnitude of the misstatements. Inherent risk assessments at the account level had a marginally significant relationship with both the incidence and magnitude of the detected misstatements. On the contrary, we find that the auditors’ CR assessments are not associated with the detected misstatements. All of the sample companies have partial or completely computerized accounting systems. Significantly more misstatements occurred in partially computerized companies due to inadequate segregation of duties and auditor disagreement with management’s judgments. The client’s internal control system failed to detect more misstatements in partially computerized systems because appropriate controls were missing or not properly applied. Finally, the

magnitude of misstatements in a complex EDP environment were less than those in a noncomplex environment.

Keywords: Inherent risk, control risk, misstatements Data Availability: Data is available from the authors upon request.

2

THE RELATIONSHIP OF RISK ASSESSMENTS AND INFORMATION TECHNOLOGY TO DETECTED MISSTATEMENTS

I. INTRODUCTION For more than 20 years, audit practice has been guided by a risk-based approach in which the nature, timing, and extent of testing is determined by assessing the risk that financial statement assertions are materially misstated (Cushing et al. 1995). An assumption underlying this risk-based audit approach is that the presence of certain types of risk factors is indicative of possible misstatements in the client’s accounts. Following a risk-based approach requires the auditor to assess the risks that are likely to lead to material misstatements, and then conduct audit procedures based on those assessments to determine if misstatements have occurred. Thus, the accuracy of the auditor’s risk assessments can direct affects the effectiveness and efficiency of an audit. Throughout the 1980s, a number of studies examined archival data to determine the relationship of auditors’ risk assessments to detected misstatements.1 The last decade has seen tremendous growth in information technology (Elliott 1994). Most mid- to large-size companies have automated their accounting and information systems. Automated systems (e.g., enterprise resource programs) have built-in controls that should limit the occurrence of errors in routine transactions. During the same...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Essay on Assessing Materiality and Risk
  • Essay about Inherent Risk in Auditing
  • Audit Risk Essay
  • Audit Risk
  • Auditing Risk Essay
  • Preliminary Assessment, Inherent Risk and Key Assertions of an Audit Essay
  • Evaluation of Comptronix Corporation: Identifying Inherent Risk and Control Risk Factors Essay
  • Essay on Audit Risks and Materiality Sample Questions

Become a StudyMode Member

Sign Up - It's Free