Auditing Section Research Summaries Space

A Database of Auditing Research - Building Bridges with Practice

This is a public Custom Hive  public

research summary

    Client business models, process business risks and the risk...
    research summary posted March 22, 2016 by Jennifer M Mueller-Phillips, tagged 06.0 Risk and Risk Management, Including Fraud Risk, 06.05 Assessing Risk of Material Misstatement 
    Client business models, process business risks and the risk of material misstatement of revenue.
    Practical Implications:

    The study provides evidence on the extent to which auditors can implement the theory of business risk auditing, including the linkages between business strategies, business models, assessment of process-level business risks and the RMM of revenue. The study provides new insights on the ability of auditors to use non-financial information effectively to assess process-level business risks and relate them to RMM of revenue. The study also provides evidence that staff auditors can distinguish between many of the subtle and important business risk implications of the two different types of business strategies  product differentiation and operational excellence.


    Wright, W. F. 2016. Client business models, process business risks and the risk of material misstatement of revenue. Accounting, Organizations and Society 48: 43-55.

    Business risk auditing, risk-based auditing, risk assessment, analytic procedures, strategic management, business models
    Purpose of the Study:

    This study examines the theory of business risk auditing. Regulators, researchers, and practitioners indicate the importance of understanding the operation of a client’s business and its competitive environment to achieve an effective audit. A valid understanding of a company’s objectives and strategies and those related to the business risks is necessary to interpret results from analytical procedures and engage in effective professional skepticism for management’s assertions. The author focuses process-level (instead of entity-level) business risk assessment and tests for relationships between risk assessments given differing business strategies (product differentiation versus operational excellence) and the fundamental operating processes of a manufacturing firm. Process-specific business risks are important because they can cause misstatements and can cause entity-level business risks.

    Design/Method/ Approach:

    Experimental data was collected from accounting Masters students, a few weeks prior to their graduation. Evidence was collected prior to August 15, 2014. The participants read an introduction on auditor’s risk assessment context then a case describing a client’s strategic orientation, prevailing conditions and competition in the industry, details on the operation of each of the client’s five primary business processes, and the client’s current unaudited financial results with audited results from prior years. Participants provided judgments on which business strategy applied, assessed the performed and associated business risk of each of the five processes, and reported three risk of material misstatement (RMM) assessments.


    Overall, participants indicate business risk and RMM judgments that reflect significant understanding of the subtleties of business risk assessment. Specifically:

    • Participants provided process-specific business risk judgments consistent with RMM judgments for the critical processes of the product differentiation strategy.  
    • The process-specific judgments of business risk link the judgments related to the production process performance and the RMM of revenue.
    • When the three product generation processes were performing less well, participants correctly assessed the highest RMM of revenue.
    Risk & Risk Management - Including Fraud Risk
    Assessing Risk of Material Misstatement