Modeling of the Audit Risk Assessment Process at the Assertion Level Within an Account Balance.
研究了在账户余额内认定层面定义固有风险和控制风险的问题,提出概率定义方法,并分析了如何汇总认定层面风险评估以得到账户余额层面整体风险,对审计实务有指导意义。
Abstract For more than a decade auditing standards have called for explicit consideration of significant financial statement assertions in planning an audit and in evaluating audit findings. Until recently, however, auditing standards dealing with audit risk assessment have focused on the account balance or class of transactions as the lowest level of detail at which various risks should be assessed. With the recent promulgation of SAS No. 55. the auditor, in planning an audit, is now required to extend risk analysis down to the level of specific assertions within an account balance or class of transactions. This paper examines issues involved in appropriately defining inherent risk and control risk at the assertion level within an account balance and aggregating assertion-level risk assessments to obtain overall risk at the account balance level. Simulated cases are presented that demonstrate inconsistencies which may arise in current practice between assertion-level and balance-level risk assessments. A probability definition of inherent risk at the assertion level is proposed that reflects a range of error magnitudes rather than a single point estimate of error. Control risk at the assertion level is then defined in such a way as to articulate with the corresponding definition of inherent risk. The paper identifies conditional independence among assertion-level assessments as a basic requirement that must be met in order to achieve coherent aggregations of assertion risks. Two alternative approaches to aggregating assertion-level risk assessments are examined in terms of their ability to achieve the conditional independence property. The two approaches essentially reflect different structures in which the risk assessment task may be performed. The transaction-stream-oriented structure is identified as most conducive to achieving conditional independence among assertion-level assessments. The conceptual modeling ideas developed in the paper are summarized with a flowchart that identifies the manner in which assertion-level risk assessments may be integrated within the audit planning process.