Development and Application of Modern Risk-oriented Auditing Methods

Development and Application of Modern Risk-oriented Auditing Methods

Risk-oriented audit is an important way of modern audit. Do you know what a risk-oriented audit is? The following is my understanding of risk-oriented audit. Welcome to reading.

1. What are the three stages of risk-oriented audit development? Enron incident? And then what? Yin event? The successive outbreak of audit failures at home and abroad makes the audit risk really put in front of the CPA industry. Risk-oriented audit takes audit risk as the starting point of audit work. By evaluating all the links that generate risks, paying attention to every important link that generates risks and defining high-risk projects, the audit process becomes a process of constantly overcoming and reducing risks. The development of risk-oriented audit method can be divided into three stages:

(A) the traditional risk-oriented audit

The traditional risk-oriented audit method thinks that audit risk includes inherent risk, control risk and inspection risk. The traditional risk-oriented audit method focuses on the evaluation of account balance and transaction risk, but the economic environment, industry status, business objectives, strategies and risks of enterprises will have a series of effects on accounting statements. If we don't consider these factors comprehensively, we can't have a reasonable expectation of the balance of accounting statements. When management is involved in fraud, internal control will also fail. Therefore, the traditional risk-oriented audit method has inherent defects.

(B) Risk-based strategic system audit

In the process of improving the traditional risk-oriented audit, the professional community has created a risk-based strategic system audit. The essential differences between them are as follows: firstly, strategic system audit based on risk combines auditing, system theory and business strategy, and pays more attention to the risks faced by enterprises. Secondly, the starting point of audit moves forward, and the starting point of risk-based strategic system audit is the business strategy and business process of the enterprise. Thirdly, the adoption of risk-based strategic system audit is conducive to saving audit costs and overcoming audit risks caused by the lack of comprehensive views. However, there are still inherent defects in the risk-based strategic system audit: using the traditional audit risk model; The implementation of substantive procedures is limited. When there are defects in internal control and CPA fails to find or test the internal control deficiency, the audit risk borne by CPA will greatly increase.

(C) modern risk-oriented audit

Modern risk-oriented audit is an important innovation of audit technology and method based on system theory and strategic management theory. It is guided by the strategic business risk of the audited entity and passed? Strategic analysis? Process analysis? Business performance evaluation? Residual risk analysis of financial statements? The basic idea of this paper is to link the risk of major misstatement of accounting statements with the operational risk, so as to put forward the concept that auditors analyze and find the misstatement of accounting statements from the source. Modern risk-oriented audit aims at the shortcomings of traditional risk-oriented audit, such as insufficient risk assessment and failure to effectively find high-risk audit areas, which leads to excessive or insufficient audit, greatly strengthens the risk assessment process, makes risk assessment the center, and truly embodies the concept of risk-oriented audit.

Second, the description of modern risk-oriented auditing methods Compared with the traditional auditing risk model, modern risk auditing pays attention to understanding the industry status, business objectives, business strategies and business processes of the audited entity and related business risks, and grasps the risks faced by the audit from a macro perspective and regards it as an indispensable auditing procedure; Pay attention to the analysis procedure, identify possible misstatements, and reduce the test of various transactions and account balances approaching the expected value; In the case of evaluating the effectiveness of internal control, pay attention to exceptions and conduct detailed audits; Expand the connotation of audit evidence, and take the information obtained by understanding the audited entity and its environment as audit evidence.

Three. Application of Modern Risk-oriented Auditing Method According to the dual model of audit risk, China Certified Public Accountants divided the audit business process and procedures into three parts, which enhanced the effect of implementing audit procedures. The Auditing Standards for Certified Public Accountants in ChinaNo. 12 1 1 "Understanding the auditee and the environment and assessing the risk of material misstatement" emphasizes the identification and assessment of special risks, pointing out that special risks are usually related to major unconventional transactions and judgments, and the risk assessment procedures are insufficient to provide sufficient and appropriate audit evidence for issuing audit opinions. Certified public accountants should also design and implement further audit procedures, including control tests and substantive procedures.

(1) risk assessment procedure

1, risk assessment procedure

Auditors need to analyze the customer's strategy first, and then analyze the customer's process. When analyzing, they can understand the process from the aspects of process objectives, inputs, operations, transaction types, risks threatening process objectives and so on. So as to understand the way customers create value, competitive advantages and disadvantages, threats, and evaluate process management risks. Then on this basis, the inherent risk is preliminarily evaluated. Auditors have understood and evaluated internal control from the overall level of the enterprise when analyzing customers' strategies and processes. On this basis, they should pay attention to and evaluate other aspects of internal control, especially the control of important types of transactions. Based on the understanding of internal control, auditors make a preliminary assessment of control risks. Auditors must also make a comprehensive evaluation of the two, and the evaluation result of common risk is the basis for auditors to decide the nature, time and scope of substantive procedures. Finally, according to the control test results and the level of joint risk assessment, auditors comprehensively assess the risk of major misstatement of accounting statements, thus determining the risk of checking accounting statements and further determining the nature, time and scope of substantive procedures.

2. Specific methods of risk assessment

The methods of risk assessment mainly include observation, inspection, confirmation, inquiry, walk-through testing, analysis procedures and other audit methods. Under the modern risk-oriented audit, risk assessment takes the analysis procedure as the center and becomes the most important procedure. Moreover, with the continuous expansion of the functions of the analysis program, the analysis program began to diversify, and auditors not only analyzed financial data, but also analyzed non-financial data. Due to the diversified application of analytical programs, a large number of analytical tools and modern management science have been applied to analytical programs. For example, Boston Matrix (BCG) is used for process analysis; Performance analysis uses the balanced scorecard and other analytical techniques.

(2) Carry out further audit procedures in view of the assessed risk of material misstatement.

The Auditing Standards for Certified Public Accountants of ChinaNo. 123 1 "Implementation Procedures for Assessed Significant Misreporting Risks" points out that the acceptable inspection risk level should be determined according to the relevant assessment results of identified significant misstatement risk levels, and the identified risk level should be considered, and then control tests and substantive procedures should be planned and implemented accordingly, and overall countermeasures should be formulated. The certified public accountant shall reasonably design the nature, time and scope of the control test.

Four. Suggestions on implementing modern risk-oriented audit in China (1) Improve laws and regulations.

Perfecting laws and regulations is to modify some corresponding laws and regulations in time to meet the needs of the new situation in view of the new situation of modern risk-oriented auditing. Although the current company law and CPA law stipulate the responsibilities of certified public accountants, they are mainly administrative responsibilities, supplemented by civil and criminal responsibilities. Therefore, we should improve laws and regulations, increase the accountability and punishment of CPA's illegal behavior, strengthen CPA's awareness of legal risks, and improve the "true effectiveness" of auditing.

(B) the establishment of risk-oriented audit information system resources * * * sharing mechanism

In the implementation of modern risk-oriented audit, certified public accountants need to obtain a lot of information for risk assessment. Enterprise information of government departments, banks, securities companies, trade associations and other units can be shared in the form of network, supplemented by promoting the establishment of enterprise credit system in society. The accounting firm itself should also establish a huge database, so as to facilitate the accounting firm to implement risk assessment procedures. Establishing the resource sharing mechanism of information system can save a lot of manpower and financial resources, shorten the risk assessment process and make the risk assessment more accurate and effective.

(C) establish and improve the internal control mechanism of enterprises

The quality of enterprise internal control is closely related to the audit risk of certified public accountants. At present, the imperfection of corporate governance structure and internal control system objectively hinders the application of risk-oriented audit. Therefore, enterprises should establish and improve the internal control mechanism under the framework of optimizing corporate governance, emphasize the control responsibility of management and attach importance to the evaluation of enterprise risks.

(D) Strengthen the training mechanism

The popularization and application of a new audit mode will inevitably require an adaptation process, so it is very necessary to strengthen the training mechanism. By learning from the international practice of modern risk-oriented audit, we can catch up with the development trend of audit practice and reduce audit risk. In addition, intensive training has enabled some certified public accountants to quickly master the methods and concepts of modern risk-oriented auditing in a short period of time, and has been popularized and fully implemented throughout the country.

;