Auditing Section Research Summaries Space

A Database of Auditing Research - Building Bridges with Practice

This is a public Custom Hive  public

research summary

    Triangulation of audit evidence in fraud risk assessments
    research summary posted June 21, 2013 by Jennifer M Mueller-Phillips, tagged 06.0 Risk and Risk Management, Including Fraud Risk, 06.01 Fraud Risk Assessment, 09.0 Auditor Judgment, 09.03 Adequacy of Evidence, 11.0 Audit Quality and Quality Control, 11.09 Evaluation of Evidence 
    Triangulation of audit evidence in fraud risk assessments
    Practical Implications:

    Given the level of regulatory scrutiny surrounding auditor judgment and skepticism of audit evidence, the results indicate that when assessing the risk of fraud, there is a lack of reliance on third party evidence, particularly when management provides a compelling story with its internal evidence.  The results of this study are important in enhancing awareness for auditors to use and corroborate both internal and external audit evidence for purposes of assessing and supporting the level of risk of the audit client.  In addition, in a broader context, the same could be said regarding the evaluation of evidence for purposes of procedures throughout the various stages of the audit process.


    Trotman, K.T., and W.F. Wright. 2012. Triangulation of audit evidence in fraud risk assessments. Accounting, Organization and Society 37: 41-53. 

    Audit evidence, audit risk assessment, auditor judgment, adequacy of evidence, fraud risk
    Purpose of the Study:

    This study evaluates the impact that audit evidence has on an auditor’s fraud risk assessment using an evidence framework developed by Bell et al. (2005) called evidentiary triangulation.  The evidentiary triangulation framework is a way for auditors to evaluate complementary types of audit evidence and use the evidence to update any risk assessments.  Looking at how auditors use this notion of evidentiary triangulation is a key element in enabling audit quality improvement.

    The authors consider the following types of evidence within the study: evidence from management-controlled financial statement processes, evidence from management-controlled internal business processes, and evidence from third party external sources.   The use of evidence from a third-party external source is a key element in evaluating the concept of evidentiary triangulation with respect to fraud since it is not easily manipulated.     Using the framework, the authors specifically evaluate how auditors respond to different types of evidence when making fraud related judgments.  The authors test to determine if there are conditions that may exist whereby an auditor will alter their fraud risk assessment based on third party external evidence particularly when it contradicts the management-controlled evidence received by auditors. 

    Design/Method/ Approach:

    The authors perform a simulated case during a Big 4 audit firm’s training session with 102 participants with an average experience of approximately three years.   The authors perform a 2x2x2 subject design whereby evidence from a management-controlled financial statement process, a management-controlled internal business process, and an external source were manipulated to reflect either higher or lower fraud risk.  The dependent variable is the probability of a seeded fraud related to a higher than expected revenue from sales.  Using two different fraud concealment strategies (one where management provides a fraudulent explanation that is highly compatible to the business strategy and one that is not), the authors manipulate the management-controlled business evidence.  The participants are then asked to evaluate various pieces of information that are indicative of each of the manipulated concealment strategies and also external evidence from a customer that corroborates (or refutes) the information provided by management. 


    When evidence from the management-controlled financial statement process and management-controlled internal business evidence are inconsistent, auditors are more likely to request third party external evidence to corroborate management’s explanation.  The experiment shows that auditors will assess a higher risk of fraud when the third party external evidence contradicts the business objective that was provided by management only when there is conflicting internal evidence obtained from the management-controlled financial statement process and a management-controlled internal business process.  If the third party external evidence is consistent with management’s “story” (even though the “story” may be inconsistent with the internal evidence), the results indicate that it is less probable that auditors will assess a higher risk of fraud.

    Auditors do not rely on the third party external evidence when, on its own, both forms of the internal management-controlled evidence is deemed to be low fraud risk.  The results of the experiment indicate that auditors do not use the third party external evidence as a way to corroborate management’s internal evidence when management’s evidence seems trustworthy.

    Risk & Risk Management - Including Fraud Risk, Auditor Judgment, Audit Quality & Quality Control
    Fraud Risk Assessment, Adequacy of Evidence, Evaluation of Evidence

    home button