Auditing Section Research Summaries Space

A Database of Auditing Research - Building Bridges with Practice

This is a public Custom Hive  public

research summary

    Auditor Risk Assessment; Insights from the Academic...
    research summary posted April 12, 2012 by The Auditing Section, last edited May 25, 2012, tagged 06.0 Risk and Risk Management, Including Fraud Risk, 06.01 Fraud Risk Assessment, 06.05 Assessing Risk of Material Misstatement, 06.08 SAS No. 99 Brainstorming – effectiveness 
    Auditor Risk Assessment; Insights from the Academic Literature
    Practical Implications:

    This article provides a very informative summary of current research related to the risk assessment process that supports the audit.  By outlining both general audit risk insights as well as fraud risk insights, the authors provide a clear and informative summary that should be of use to any audit firm attempting to better understand the current theoretical and practical research related to this emerging area.  Finally, by utilizing the PCAOB questions, the discussion also provides insights directly relevant to the current regulatory process.


    Allen, R.D., D.R. Hermanson, T.M. Kozloski, and R.J. Ramsay. 2006.  Auditor Risk Assessment: Insights from the Academic Literature.  Accounting Horizons 20(2): 157-177.

    Risk assessment; PCAOB risk assessment project; industry specialization, fraud risk assessment; audit risk model.
    Purpose of the Study:

    This paper summarizes insights from academic literature related to risk assessment in financial statement audits project.  Using the February 16, 2005 PCAOB Standing Advisory Group (SAG) briefing paper on risk assessments as the organizing framework, the authors provide a literature review of topics related to: business risk, inherent risk, control risk, fraud risk, linking risk assessment to subsequent testing, and the audit risk model. 

    Design/Method/ Approach:

    The authors organize the auditor risk assessment literature review around the PCAOB briefing paper’s ten questions.  While cknowledging that fraud risk is integral to the overall audit risk, the uthors separate audit risk and fraud risk in their responses to further acknowledge he special problems in identifying, assessing, and responding to fraud isk.  Therefore, for each question, the authors discuss general audit risk assessment issues first, followed by those ssues specific to fraud risk assessments.

    • While using a business process focus in assessing client risks appears to be an advantage in the audit, additional guidance for using this approach may be helpful to address the diverse approaches utilized by the firms.  Decision aids and analytical procedures may increase effectiveness.
    • Industry expertise and specialization are critical to effective risk assessment.
    • Considering fraud risks separately from misstatements due to error, brainstorming and strategic thinking about management’s efforts to commit and conceal fraud all enhance fraud risk assessment effectiveness.
    • Systems dynamics, a methodology for studying and managing complex feedback systems, may provide auditors a framework to assess potential risk.  Authors suggest further examination of this and models in other fields for use in the audit process would be beneficial.
    • Auditor fraud risk assessments may not be well calibrated to the presence of risk factors.  Evidence on the effectiveness of fraud risk decision aids is mixed.
    • Inherent risk assessments (a) often are not meaningfully applied to each assertion; (b) may be decreasing over time, possibly to promote audit efficiency; and, (c) sometimes are combined with control risk into one risk factor.
    • While auditors may respond to global factors (e.g., management integrity, corporate governance) during micro-level risk assessments, proper weighting of global factors is challenging in a fraud context.
    • Testing of and reliance on internal controls have increased markedly in recent years.
    • Limited research suggests subsequent audit testing is weakly positively related to assessed risks, thus supporting efforts to improve linkages.
    • While the audit risk model appears to be sound as a conceptual tool, there are some significant limitations as a mathematical equation. In particular, it does not consider the blurring of inherent risk and control risk, the risk of incorrect rejection, the quality of evidence, or inconsistencies that may exist with actual auditor judgments.


    Risk & Risk Management - Including Fraud Risk
    Fraud Risk Assessment, Assessing Risk of Material Misstatement, SAS No. 99 Brainstorming – effectiveness
    home button