The difference between modern risk-oriented audit and traditional audit

The traditional risk-oriented audit risk model transforms the risk of material misstatement of accounting statements into audit risk, and further makes audit risk = inherent risk × control risk × inspection risk.

However, the traditional risk-oriented audit is only an extension of the system-based audit, and its method is still the basic method of the system-based audit, but the content of quantitative risk analysis is added through the audit risk model, and quantitative risk assessment is used as a means of audit risk control.

The premise of traditional risk-oriented audit is to assume that inherent risk, control risk and inspection risk are independent of each other. However, both inherent risk and control risk are influenced by the internal and external environment of the enterprise, and they also influence each other. The connotation and extension of the concept of inherent risk are inconsistent, and the logic is inconsistent. Inherent risk refers to the possibility of material misstatement or omission of an account or transaction category alone or together with other accounts and transaction categories without relevant internal control. When evaluating the inherent risks (involving the level of accounting statements), we must start with internal control (control environment). The inconsistency between the connotation and extension of inherent risk greatly damages the scientific nature of the traditional risk-oriented audit model (Chen Zhiqiang, 1998). Therefore, with the close relationship between enterprises and internal and external environment, the reliability of this assumption is increasingly questioned.