Premium Essay

Risk Based Auditing

In: Business and Management

Submitted By audi1974
Words 720
Pages 3
Risk based internal auditing
Background
Over the last few years, the need to manage risks has become recognised as an essential part of good corporate governance practice. This has put organisations under increasing pressure to identify all the business risks they face and to explain how they manage them.
In fact, the activities involved in managing risks have been recognised as playing a central and essential role in maintaining a sound system of internal control.
While the responsibility for identifying and managing risks belongs to management, one of the key roles of internal audit is to provide assurance that those risks have been properly managed.
We believe that a professional internal audit activity can best achieve its mission as a cornerstone of governance by positioning its work in the context of the organisation's own risk management framework.
________________________________________
What is risk based auditing?
Our definition
IIA defines risk based internal auditing (RBIA) as a methodology that links internal auditing to an organisation's overall risk management framework. RBIA allows internal audit to provide assurance to the board that risk management processes are managing risks effectively, in relation to the risk appetite.
Is the organisation ready?
Every organisation is different, with a different attitude to risk, different structure, different processes and different language. Experienced internal auditors need to adapt these ideas to the structures, processes and language of their organisation in order to implement RBIA.
RBIA seeks at every stage to reinforce the responsibilities of management and the board for managing risk.
If the risk management framework is not very strong or does not exist, the organisation is not ready for RBIA. More importantly, it means that the organisation's system of internal control is poor. Internal

Similar Documents

Premium Essay

Risk Based Auditing

...135734 Difference Between Traditional and Risk Based Auditing Danny Spadaccini, Weatherford International Copyright 2010, Society of Petroleum Engineers This paper was prepared for presentation at the SPE Annual Technical Conference and Exhibition held in Florence, Italy, 19–22 September 2010. This paper was selected for presentation by an SPE program committee following review of information contained in an abstract submitted by the author(s). Contents of the paper have not been reviewed by the Society of Petroleum Engineers and are subject to correction by the author(s). The material does not necessarily reflect any position of the Society of Petroleum Engineers, its officers, or members. Electronic reproduction, distribution, or storage of any part of this paper without the written consent of the Society of Petroleum Engineers is prohibited. Permission to reproduce in print is restricted to an abstract of not more than 300 words; illustrations may not be copied. The abstract must contain conspicuous acknowledgment of SPE copyright. Abstract Auditors are trained to make detailed examinations of the internal control systems such as ISO 9001, ISO 29001, ISO 14001, OSHAS 18001, API, accounting systems and various legislative requirements and; focus their audit planning, testing, and reporting on internal controls in the business process. The Evaluation of controls without first examining the purpose of the business process and its risks provides no context for the results. How...

Words: 581 - Pages: 3

Premium Essay

Analyze to the Paper Risk Risk-Based Auditing, Strategic Prompts and...

...a. The issue being addressed in the paper: “Risk-Based Auditing, Strategic Prompts, and Auditor Sensitivity to the Strategic Risk of Fraud” written by Kendall Bowlin explains how auditors do not anticipate the strategic risk that arises when client managers anticipate auditors’ risk based resource allocations. The conventional auditing approach suggests that more (fewer) audit resources should be focused on higher (lower)-risk accounts. However, according to the paper’s author this idea is causing that low-risk accounts can actually have a higher risk of fraud associated. It is happing because in some occasions management anticipates this audit strategy and focus its audit resources on high risk accounts. At the end, the purpose of this paper is expose the potential threat which is being caused with the traditional risk assessment procedures. b. The paper shows, with a laboratory experiment, how auditors behave according to the conventional risk-based auditing approach (It means, auditors allocate more resources on accounts deemed to be riskier and fewer resources on accounts that seem less risky) and the consequences that it bring. The experiment consist in a group of students who interact in a multi-account audit setting, which reflects the essential strategic tension that exists between real-world auditors and managers. In this experiment, some student participants assuming the role of auditors and the others student participants assume the role of financial reporting...

Words: 1042 - Pages: 5

Free Essay

Risk-Based Auditing, Strategic Prompts, and Auditor Sensitivity to the Strategic Risk of Fraud

...Risk-Based Auditing, Strategic Prompts, and Auditor Sensitivity to the Strategic Risk of Fraud ACC650M Auditing Principles January 30th, 2015 a. What is the issue being addressed in the paper? This paper are focus on the risk-based auditing. As the paper mentioned that Risk-based auditing is a way to guide auditor to devote more audit resources to account that may take more misstated. On the contrary, fewer resources to those are focused on the less misstated. Kendall Bowlin expect to guide effective and efficient audits. In the other words, the inaccurate assess misstatement risk may result in misallocated of audit resources and undetected misstatement. In additional, Kendall Bowlin seemingly consider that the low risk accounts may also caused high risk of fraud, because of managers and auditors (business operating and audit strategy) allocated audit resources to high risk accounts. That means if the audit resource concentrate on high risk accounts, it may create opportunities for intention people to manipulation low risk accounts. The study’s purpose is to demonstrate the potential threat with risk-based auditing that lead auditors allocate resources among accounting with different of non-strategic risk and account specific misstatement risk, and use prompting strategic for auditors to reduces this threat. There are two important ways of prompting auditors in the paper. The first one is auditors allocate limited pools of resources among client accounts that...

Words: 934 - Pages: 4

Premium Essay

Information System Auditing Assignment

...Information System Auditing Assignment Name ACC/542 Date Sanders Moran Information System Auditing Assignment The article selected for this assignment is titled “Implementing the IT-Related Aspects of Risk-Based Auditing Standards”. It is an overview of the importance of performing a Risk-based audit and the necessary steps auditors take in implementing risk assessment within their audit. Two sets of standards drove the need for risk assessment for IT controls. The first; AICPA SAS 104-111 (Risk Assessment Standards Toolkit) which covers the risk assessment standards and the key points auditors need to consider when incorporating them in an audit. Second, PCAOB AS 5; Audit of Internal Control over Financial Reporting that is Integrated with an Audit of inherent risk. My paper will cover the following topics outlined in the article: benefits of risk-based auditing, planning a risk assessment procedure, gaining an understanding of the IT environment, risk assessment, determining whether further audit procedures (FAP) are necessary, designing and performing FAP, and evaluating Audit Findings. Recommended approach and Benefits of Risk-Based Auditing The layout of the article closely resembles the top-down approach that is required by AS 5. This approach is basically how the auditor performs their auditing procedures; not necessarily the order in which they do them. Top-down “begins at the financial statement level and with the auditor’s understanding of the overall risks to internal...

Words: 1103 - Pages: 5

Premium Essay

Prejudice Can Be Harmful and Destructive –How to Reduce Prejudice at Workplace- with Examples.

...The Effect and Importance of the Audit and the Performance of Auditing in Sudan This study by : Babiker Othamn Omer Saad This paper conducted to study in an in-depth research of the importance of the auditing performance , the subject matter of this research mainly focused on not having available quantitative measuring tools which evaluate the risk , therefore, we find that in most of the time there is threatening risk , based on that the auditing practice will not lead to trace the intrinsic forgery cases even when the agreed measurement of auditing is applied. The main aim of this study is to shade light on the types of risks in auditing performance and to build understanding of the importance of the relevant relation between tis and practice , the researcher uses the assumptions e.g the relation between auditing practice and the risk of auditing mainly depends on the evaluating and reporting of the auditor, planning of the audit process implies a comprehensive strategy of evaluating and implementing the auditing operation, this paper also proved that there is a relation between the quantitative audit reporting and enough clues of prove . This research proved that we cannot neglect the audit process and this considered as an entrance to better of the organization which will facilitate professional performance of the audit process. Based on the outcome of this study the researcher came out with the following recommendations: * The organizational firms should develop the...

Words: 479 - Pages: 2

Premium Essay

Continuous Accounting

...Continuous Auditing Jessica Hunt Accounting 510 Dr. Yining Chen December 3, 2014 Intorduction Generally auditing: is performed months after the business activities have actually occurred, based on a sampling approach, and includes reviewing of systems of approvals and reconciliations as well as policies and procedures. This method has been realized to provide auditors with only a narrow scope of evaluation and doesn’t really provide much value because of its lack of timeliness. Furthermore it has become evident that a need for timely and ongoing assurance over the effectiveness of risk management and control systems is crucial. This along with the environment of rising risks, and regulatory activity and compliance costs (complying with section 404 of the US Sarbanes-Oxley Act) makes this an optimal time to consider a new approach. Continuous auditing is a method used to perform control and risk assessment automatically on a more frequent basis (Coderre 2005). It enables auditors to continually gather from processes data that supports auditing activities (Deloitte 2010), and allows auditors to provide written results on the subject matter using one or a series of reports issued simultaneously (ISACA 2002). Continuous auditing leverages technology and opens database architecture to enable auditors to monitor a company’s systems over the internet using sensors and digital agents. Discrepancies between the records and the rules defined in the digital agents are transmitted...

Words: 2068 - Pages: 9

Premium Essay

Audit

...1 Session 4 Audit Planning; Materiality and the audit risk model Auditing: Principles and Methods 2 After studying this session you should be able to: 1. Discuss why adequate audit planning is essential 2. Make client acceptance decisions and perform initial audit planning 3. Gain an understanding of the client’s business and industry 4. Assess client business risk 5. Perform preliminary analytical procedures 6. Apply the concept of materiality to the audit 7. Define risk in auditing and the audit risk model Auditing: Principles and Methods 3 8. Consider the impact of engagement risk on acceptable audit risk 9. Discuss the relationship of risks to audit evidence 10. Answer the Review Questions Auditing: Principles and Methods 1. Audit Planning 4 Why is adequate audit planning essential? “The auditor must adequately plan the work and must properly supervise any assistants”. There are three main reasons why the auditor should properly plan engagements: to enable himself to obtain sufficient appropriate evidence, to keep audit cost reasonable and to avoid misunderstanding with the client. Auditing: Principles and Methods 1. Audit Planning 5 An important part of audit planning is assessing acceptable audit risk and inherent risk because it helps determine the amount of evidence that will need to be accumulated and staff assigned to the engagement. Acceptable audit risk is a measure of how willing the auditor is to accept that the FSs...

Words: 5316 - Pages: 22

Premium Essay

Auditing 2

...4.47: A. In this case Auditor 2’s argument is more persuasive. Risk management is a process that aims to help organizations understand, evaluate, and take action on all their risks. Business risk, financial reporting risk, engagement risk, and audit risk are the four critical components of risk that are relevant to conduct an audit. Risk is a pervasive concept. Organizations are at risk everyday they operate. Old fashioned audit was only looking for the financial risk. And auditors were over auditing. Company’s shareholders is expecting more than just financial auditing. Company management, audit committee, shareholders, public and creditors is expecting more from auditors. They want to get information about all the risks company facing. Auditor has to understand company’s strategy and the structure of its transaction to determine where the real risk of misstatement may be occurring. B. Risk based auditing is help to management and public to evaluate the company position. If a auditor can audit all the risk facing by the company is a plus point in the auditing. SEC and PCAOB recommend the risk based auditing. I am not supporting the auditor 3’s analysis. If a auditor can perform risk based auditing, it will more helpful to the public and management. c. Risk based audit approach is dependent on the auditor’s ability to understand the business to identify account balance that are more likely to be materially misstated and then a adjust audit procedures to increase the likelihood...

Words: 930 - Pages: 4

Premium Essay

Auditing Standard

...Overview of Auditing Standards Ethical Standards Ethical Standards (FRS, 2010) is issued by Auditing Practices Board. Its responsibilities are set up standards and guidance for auditing work. According to this standard, APB tries to enhance confidence on auditing process for public. ESs includes five requirements that auditors must adhere to and its primary objective is to give ‘true and fair’ opinions on financial statement. The credibility of audit opinions depends on the integrity, objectivity and independence of the auditor. Accordingly, it requires the quality of audit more stringent, especially the independence of auditors’ assurance. ES2 illustrates the guidance on some particular circumstances, which may generate threats to the independence and objectivity of auditors. ES3 states that senior positions have collaborated with audit engagement for a continuous period should be rotating. ES4 explains that there is no relationship between audit opinion and audit fees or other remuneration. ES5 shows that audit firm should consider whether non-audit service have significant effect on the threats to the auditor’s objectivity or independence. International Standards on Auditing ISA (FRS, 2009) copes with independent auditor’s overall responsibilities when implementing auditing process. These professional standards establish objectives of independent auditors together with explain the scope and nature of auditing process, which is designed to enable auditors to achieve...

Words: 1844 - Pages: 8

Premium Essay

Becker Review

...Following are multiple choice questions recently released by the AICPA. These questions were released by the AICPA with letter answers only. Our editorial board has provided the accompanying explanations. Please note that the AICPA generally releases questions that it does NOT intend to use again. These questions and content may or may not be representative of questions you may see on any upcoming exams. 2007 AICPA Newly Released Questions – Auditing 1. CPA-05465 Which of the following categories is included in generally accepted auditing standards? a. b. c. d. Standards of review. Standards of planning. Standards of fieldwork. Standards of evidence. ANSWER: Choice "c" is correct. Generally accepted auditing standards include three categories: general standards, standards of fieldwork, and standards of reporting. Choices "a", "b", and "d" are incorrect, based on the above explanation. 1 2007 AICPA Newly Released Questions – Auditing 2. CPA-05466 A retailing entity uses the Internet to execute and record its purchase transactions. The entity's auditor recognizes that the documentation of details of transactions will be retained for only a short period of time. To compensate for this limitation, the auditor most likely would: a. b. c. d. Compare a sample of paid vendors' invoices to the receiving records at year-end. Plan for a large measure of tolerable misstatement in substantive tests. Perform tests several times during the year, rather than only at year-end. Increase...

Words: 11286 - Pages: 46

Premium Essay

Impact of Internal Audit on Risk Management

...THE IMPACT OF INTERNAL AUDIT ROLE ON RISK MANAGEMENT IN UAE PHD proposal Presented to (Dr Puah Chin Hong) Faculty of Economics and Business University of Malaysia Sarawak Presented By Muhammad Usman Research Proposal for PHD Admission: Presented By Muhammad Usman Page 1 TABLE OF CONTENTS 1.0 2.0 INTRODUCTION BACKGROUND 2.1 2.2 2.3 2.4 3.0 4.0 A brief history of internal auditing The role of the internal auditor Role of the risk management function The internal auditor and the risk management process PROBLEM STATEMENT RESEARCH OBJECTIVES 4.1 Specific Research Questions 5.0 6.0 7.0 8.0 9.0 IMPORTANCE OF STUDY SCOPE OF STUDY RESEARCH DESIGN THE LITERATURE REVIEW DATA COLLECTION & SAMPLING 9.1 9.2 Survey by questionnaire and interviews Sample selection 10.0 11.0 DATA ANALYSIS REFERENCES Research Proposal for PHD Admission: Presented By Muhammad Usman Page 2 1.0 INTRODUCTION The audit function has been performed at least since the fifteenth century. However internal auditing has developed most rapidly throughout the twentieth century as a core tool of risk assessment. Today, in businesses worldwide, the internal audit function is becoming very important for achieving the objectives of organizations. In recent years, UAE market has recognized the importance of the internal audit function, which is why that function has been established in some public as well as private companies. These companies setup audit functions to deal with the assessment...

Words: 2567 - Pages: 11

Premium Essay

Flat

...Internal audit Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.[1] Internal auditing is a catalyst for improving an organization's governance, risk management and management controls by providing insight and recommendations based on analyses and assessments of data and business processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform the internal auditing activity. The scope of internal auditing within an organization is broad and may involve topics such as an organization's governance, risk management and management controls over: efficiency/effectiveness of operations (including safeguarding of assets), the reliability of financial and management reporting, and compliance with laws and regulations. Internal auditing may also involve conducting proactive fraud audits to identify potentially fraudulent acts; participating in fraud investigations under the direction of fraud investigation professionals, and conducting post investigation fraud audits to identify control breakdowns and establish...

Words: 3415 - Pages: 14

Premium Essay

Human Resource Management

...designing projects as measuring the outcomes of the projects in line with the target goal of the organisations (Elliot, Barry & Elliot, Jamie, 2004). Organisations maintain their financial reports with the help of accounting theories and policies. The international financial reporting standards also help to keep the accounting practice effectively, efficiently, and correctly. The efficient management will be built if the organisation follows the international reporting standards accurately. As a mandatory course unit of myself I need to prove my understanding about the financial systems and auditing through this report. I will gradually demonstrate my understanding on the purpose, use, importance of accounting records, accounting systems, computerised accounting system, manual accounting systems, business risk, audit risk, internal and external control systems, importance of auditing, and planning audit assignment as well as preparing audit report in the body part of my report. Task One Purpose and Use of Different Accounting Records Accounting records represents the management of all source of information in different records books. These records are ledger, journals, bank statements, adjusting journals, statement verification, invoice, brochure, and etc. The purpose and use of different accounting record in the following. Purpose To illustrate the purpose of accounting records we chose main two types of accounting record. These are journal and ledger. The journal represents...

Words: 2394 - Pages: 10

Premium Essay

Acct 525 Isb vs. Asb

...efforts is the Auditing Standards Board making to clarify auditing standards? There are efforts on the United States side to clarify the auditing standards. The Auditing Standard Boards [of the United States], which sets auditing standards for nonpublicly traded entities, has launched the Clarity Project in an effort to make U.S. Generally Accepted Audited Standards (GAAS) easier to read, understand, and apply. The Clarity Project includes the goal of working toward convergence of U.S. auditing standards with International Standards on Auditing (ISA). This convergence project is attempting to make auditing standards coordinated or comparable throughout the world. Additionally, the Public Company Accounting Oversight Board (PCAOB) adopted a suite of eight auditing standards related to the auditor’s assessment of, and response to, risk in an audit. The eight new risk assessment standards address the audit procedures from the initial planning stages through the final evaluation of audit procedures and results. As a result, the PCAOB auditing standards and ISAs have more similarities than ever before. 2. Describe the five key differences between ISA’s and US Auditing Standards. Even so, there are still some differences between ISA’s and U.S. Auditing Standards. The five key differences between ISA’s and US Auditing Standards are: documentation of audit procedures; going-concern considerations; assessing and reporting on internal control over financial reporting; risk-assessment...

Words: 864 - Pages: 4

Premium Essay

The Factors Which Changed Auditing

...world has changed over time physically, economically, and culturally. As the world has evolved, so has business, and as business has evolved so has auditing. The concept of auditing is as old as civilization. The need for a knowledgeable, external, third person to verify transactions or accounts and detect fraud has been present since the advent of trade and accounting. Thus the goal of auditing, in this sense, has not changed since. Teck-Heang Lee observed that “auditing serves as a mechanism to monitor conduct and performance, and to secure and enforce accountability (Lee 2008). All in all, an audit function plays a crucial role in maintain welfare and stability in society.” However, what has changed is how the roles and responsibilities of auditors have changed to reflect the needs of the business environment of the time. As such, auditors and the auditing profession have always played a very important role in business and, more recently, in society in general. As business in today’s world becomes more dynamic, accounting (and therefore by extension auditing) must also evolve to become more dynamic. The evolution of auditing is a complicated history that has always been changing through historical events. This can be seen in the shift in the role of external auditors from a cyclical audit approach to now more of a top-down risk-based continuous audit. The factors that have played a major role in this shift of role and responsibilities are the cycle of fraud, regulation, and compliance;...

Words: 5760 - Pages: 24