Improvements in Audit Risks Related to Information Technology Frauds

نویسندگان

  • Saeed Askary
  • David Goodwin
  • Roman Lanis
چکیده

In this paper, the authors examine how different types of fraud in most Information Technology (IT) environments affect an audit risk model from 2001 through 2008. Variations in IT fraud are questionable for determining the audit risks that affect audit quality and report. The data sources in this study came from the Computer Crime and Security Survey report (CSI) 2008. By relating different IT fraud to audit risk components through trend analysis in IT fraud improvements from 2001 to 2008, the authors measured declined percentages for control risks, inherent risks, and detection risks. They found that an improvement in control risks has been achieved up to 52.80%, 43% for detection risks, and 14% for inherent risks. An overall improvement in audit risk is 47.5%, which is a considerable development in audit quality. The study shows that progress in detecting IT fraud positively reduced audit risks and has significantly increased the audit quality since 2001. DOI: 10.4018/jeis.2012040104 International Journal of Enterprise Information Systems, 8(2), 52-63, April-June 2012 53 Copyright © 2012, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited. new or enhanced standards for all U.S. public company boards, management, and public accounting firms. The ultimate purpose of the legislation would be ideally to produce the most reliable financial information for different user of that information. If auditors are supposed to achieve this goal, they should manage and reduce the audit risk. The lower audit risks inevitably increase audit report quality. Recent corporate collapses and the new guidelines and legislation of Sarbanes-Oxley Act emphasize the importance of audit risks. Risk assessment in an audit environment is one of essential tasks of every external auditor. Adams et al. (2005) argue that “... clients with greater risk of fraud are less likely to engage prospective auditors in competitive bidding, consistent with the theory that these companies seek to limit access to information that might reveal their high-risk status” (p. 417). Audit risks have three components in a classic view including inherent risk, control risk and detection risk. Auditors of the financial statements are practically exposed to minimize audit risk at the actual lowest possible level. If an auditor fails to do this, then not only nature, timing and extent of other substantive procedures will be affected but also it sometimes causes to issue a wrong audit report that indeed bears auditors with heavy legal penalties. As a result, the risk of producing wrong audit reports is high when audit risk is high. According to Chemuturi (2008, p. 6): “Evaluating fraud risk factors is probably the most difficult part of assessing overall audit risk, and owes its complexity to the fact that human behavior cannot be predicted with certainty. A recent study by the Association of Certified Fraud Examiners estimated that US organizations lose approximately 5% of annual revenue to fraud.” The reliability of information is significantly affected by the design of the computerized internal controls systems (Kearns & Baker, 2011). As IT systems prevail all over today business entities’ systems of almost all-type sizes and integrated with the internal control systems in many ways (Fukukawa et al., 2006), therefore auditors should consider their due care and skill for understanding the internal control to perform control tests during audit engagements (ISA 315). IT systems are complex by its natures and detecting any types of risks related to information systems, frauds, crimes and IT attacks causes many financial and non-financial damages to their clients. As a result, IT frauds are complex in nature and auditor expose to higher risks to those IT frauds where those frauds eventually will affect the reliability of financial statement of auditors’ client. Despite how to detect IT frauds, we evaluate how did IT frauds detections audit risks’ components in this study. Although there are recently plenty of research on audit risks and fraud, but effect on a lack of investigation exists on how the IT frauds impact on audit risk model. This research enhances to the previous literature by establishing a contractual framework to analysis IT frauds in audit risk model. Then, we measure arithmetically the frauds in term of either increase or decrease in audit risk components and model. This investigation is innovative by looking at the CSI survey to understand the trend in different IT frauds and integrated them with inherent, detection and control risk to measure the level of improvements in whole audit risk model. This paper relates theoretical and practical issues of audit risks with different IT frauds. The rest of the paper is organized in five sections. First, a discussion is provided about the audit risk and defines the auditors’ responsibilities to understand and have enough knowledge and skills of their client IT environment and IS. Then, IS risks are identified following up the methodology and results of the study. This is followed by the study’s conclusions and limitations.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The hybrid approach based on genetic algorithm and neural network to predict financial fraud in banks

Audit has become an essential topic in the world because there is much evidence about deliberate manipulations in the reports. One of the concerns in the field of audit is discovery and search of the financial statements and the high volume of bulk data. This study tried to suggest the appropriate method to detect these frauds due to the data which has been available and a proposed algorithm. R...

متن کامل

The hybrid approach based on genetic algorithm and neural network to predict financial fraud in banks

Audit has become an essential topic in the world because there is much evidence about deliberate manipulations in the reports. One of the concerns in the field of audit is discovery and search of the financial statements and the high volume of bulk data. This study tried to suggest the appropriate method to detect these frauds due to the data which has been available and a proposed algorithm. R...

متن کامل

An Empirical Analysis on Effects of Internal Control System on Tax Revenue Audit Performance; Evidence from Ethiopian Ministry of Revenue South and Southwestern Districts

This study analysis the effects of internal control system on Tax revenue audit performance in Ministry of Revenue South and southwestern districts under explanatory research design. The study employed primary data sources and analyzed it using a multiple regression analysis on SATA 14 software. The regression analysis results exhibited that control activities, control environment and informati...

متن کامل

Ethical Guidelines for Internal Audit Reporting Lines

The present study identifies ethical ways of auditing reporting, which define the relationship between internal audit and the various authorities of the organization. Defining these lines as determinants of impartiality and independence of internal audit is of great importance. In this research, the structural equation model has been used to test the proposed model. The information required for...

متن کامل

Standards and Frameworks for Information System Security Auditing and Assurance

Most organizations in all sectors of industry, commerce and government are fundamentally dependent on their information systems (IS) and would quickly cease to function should the technology (preferably information technology – IT) that underpins their activities ever come to halt [15]. The IT developments may have enormous implications for the operation, structure and strategy of organizations...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IJEIS

دوره 8  شماره 

صفحات  -

تاریخ انتشار 2012