What is modern risk-oriented audit?

It means that certified public accountants can judge the risk occupation of the audited entity, evaluate the risk control of the audited entity, determine the residual risk, and implement additional audit procedures to reduce the residual risk to an acceptable level.

Characteristics of modern risk-oriented audit

The most striking feature of modern risk-oriented audit is to put customers in a person's economic environment, use three-dimensional observation theory to determine the factors that affect the sustainable operation of enterprises, analyze and evaluate the audit risk level from internal and external aspects such as operating environment, conditions, management methods and management mechanisms, and implant the customer's business risk into their own risk assessment. Modern risk-oriented audit has the following characteristics:

1. The focus of audit moved forward, from focusing on audit testing to focusing on risk assessment.

Traditional risk-oriented audit can't meet the needs of modern statement audit, because its original risk assessment is not in place, and it can't effectively find high-risk audit fields, which leads to excessive or insufficient audit. Modern risk-oriented audit greatly strengthens the risk assessment procedure and truly embodies the concept of modern risk-oriented audit.

2. Risk assessment has changed from direct assessment to indirect assessment.

Traditional risk assessment directly evaluates the probability of material misstatement, that is, directly evaluates the audit risk, while modern risk assessment directly evaluates the audit risk, but starts with operational risk assessment. There are several considerations from the perspective of business risk assessment: on the one hand, the consideration of sustainable management; Business failure often leads to audit failure; Second, the impact of operational risk on audit risk. The higher the management risk, the greater the audit risk, that is, the greater the possibility of management fraud; Third, the potential material misstatement of financial statements can be found more effectively from business risks, because financial statements are the reflection of business; If business risks are not reflected in financial statements, financial statements are likely to be distorted.

3. Risk assessment is centered on analytical review.

Traditional risk-oriented audit pays insufficient attention to information reprocessing, and analytical review is mainly used for report analysis; Modern risk-oriented audit takes analysis as the center, and analytical review becomes the most important procedure. In order to meet the requirements of the expansion of analytical review function, analytical review began to diversify, analyzing not only financial data, but also non-financial data. The analytical tools fully draw lessons from modern management science and apply management methods to analytical procedures.

4. Risk assessment moves from decentralized to structured.

The two contributions of RBSSAA are: moving the focus of audit forward and introducing strategic analysis into audit; Structuring risk analysis. The biggest advantage of structured risk analysis is that on the one hand, various risk factors are considered, on the other hand, these factors are organically linked, which is convenient for comprehensive risk assessment.

5. Personalization of audit test procedures.

There are many problems in the standardization of traditional audit procedures. First, it can't suit the remedy to the case and doesn't implement the modern risk-oriented auditing thought. The second is the expectation of customers, because many customers' financial personnel are certified public accountants or have systematically studied auditing; Or have long-term experience in dealing with certified public accountants, so that certified public accountants can not break through the obstacles or preventive measures set by customers in advance. Personalization of audit test program is to overcome the defects of traditional audit test, and adopt personalized audit program for customers with different risks and different risk areas of customers.

6. The focus of professional knowledge of certified public accountants shifts, that is, from accounting and auditing knowledge to management knowledge and industry knowledge.

Due to the shift of audit focus, audit results mainly depend on risk assessment, not audit testing. Various risk analysis methods used in risk assessment are the application of modern management knowledge in audit, which must be based on industry knowledge (including market, R&D, production and other industry knowledge). In addition, the firm should also implement knowledge value chain management, integrate audit resources, form a professional consulting team of the firm or form a strategic alliance with consulting companies. When a firm separates auditing from consulting, it must re-integrate auditing and consulting resources, that is, it must meet the requirements of the new Accounting Law and pay attention to the application of consulting in the auditing industry. This kind of performance is that consulting provides professional services for auditing, and auditing expands business for consulting.

7. Personalization of audit test procedures.

There are many problems in the traditional standardized audit procedure. First, we can't prescribe the right medicine and fail to implement the risk-oriented audit concept. The second is the customer's expectation, because many customers' financial personnel are accountants, or have studied auditing systematically, or have long-term experience in dealing with accountants, which makes accountants unable to break through the obstacles or preventive measures set by customers in advance. Personalization of audit test program is to overcome the defects of traditional audit test, and adopt personalized audit program for customers with different risks and different risk areas of customers. Accounting is no longer a worker on the assembly line, but a repetitive mechanical job, as are audit project managers and audit assistants.

8, top-down and bottom-up combination.

The traditional risk audit starts with risk control, and its vision is too narrow, mainly relying on substantive testing. This bottom-up approach has the feeling of sitting on a well and watching the sky. SSA emphasizes top-down audit, but this kind of audit also has defects, so it also emphasizes the combination of transaction matters and strategic system audit. Modern risk-oriented audit advocates that two lines should fight at the same time, and confirm each other from bottom to top to improve efficiency. This is also called parallel operation, which is very effective and can form a double blow to customers.

9. The focus of audit evidence shifted to external evidence.

Risk assessment is a complex network, in which customers are interconnected in a wide economic network. With the focus of audit shifting to risk assessment, certified public accountants must fully understand the overall business environment of customers and obtain a lot of evidence from outside to assess the appropriateness of risk assessment, so as to assess the business risk and audit risk of customers. Why can the media find out the company's fraud before the CPA again and again? The reporter can't get the internal evidence of the enterprise (of course, there are internal reports), so the reporter starts from the periphery and breaks through the external evidence. Certified public accountants have the ability to establish their own databases (or use the results of consulting companies) and think about how to conduct risk assessment and audit tests on customers with the thinking of journalists or consultants. This should start with collecting external evidence.