Current location - Education and Training Encyclopedia - Graduation thesis - On the guidance of modern risk-oriented audit to internal audit
On the guidance of modern risk-oriented audit to internal audit
On the guidance of modern risk-oriented audit to internal audit

Paper Keywords: risk-oriented audit, internal audit-oriented application

Modern risk-oriented audit is a breakthrough and innovation of traditional audit methods, and it is the latest trend of internal audit development. Implementing modern risk-oriented audit in enterprises can organically combine the functions of internal audit with the objectives of enterprises and give full play to the important role of internal audit in enterprise risk management. On the basis of clarifying the related concepts of modern risk-oriented audit, this paper further expounds the necessity and implementation of modern risk-oriented audit in enterprise internal audit.

First of all, what is modern risk-oriented audit?

Risk-oriented audit is produced on the basis of account-based audit and system-based audit. The main signs of modern risk-oriented auditing are as follows: In June, 2003, 10, the International Auditing and Assurance Standards Committee (IAASB) revised the auditing risk standards and implemented a new risk-oriented model "audit risk = material misstatement risk x inspection risk". In February, 2006, China made major adjustments to the auditing standards and changed the traditional auditing standards. Modern risk-oriented audit is an audit method guided by system theory and strategic management theory, with the fundamental purpose of reducing information risk, the center of controlling audit business risk, the fundamental way of reducing audit risk, the guidance of business risk analysis and evaluation, and adopting the audit idea of "top-down, bottom-up".

Second, the understanding of the nature of modern risk-oriented audit? (A) Modern risk-oriented audit is a new basic audit method. In essence, the traditional audit risk model is still an extension of the system-based audit method. It starts with analyzing the inherent risk and internal control risk of customer's accounting statements, and determines the nature, time and scope of substantive testing according to the results of internal control testing. Modern risk-oriented audit starts with the strategic analysis of enterprises, and through the basic idea of "strategic analysis-link analysis-residual risk analysis of accounting statements", determines the nature, time and scope of substantive audit procedures, and establishes the logical relationship between the risks of accounting statements and the strategic risks of enterprises, making this method more scientific and effective.

(B) Modern risk-oriented audit abandoned the traditional cognitive mode of audit simplification and replaced it with the cognitive mode of complex system, and introduced strategic management analysis tools. The thinking method of modern risk-oriented audit is a complex system cognitive model guided by system theory. In order to effectively grasp the risk of misstatement of accounting statements, the audit must start from the strategic management activities of enterprises, analyze the strategic management activities and systematically analyze enterprises in a wide economic network. In terms of methods, modern risk-oriented audit stands higher, sees farther and understands the enterprise better than traditional system-based audit.

(C) Modern risk-oriented audit adopts the audit idea of combining "top-down" and "bottom-up". It adopts a combination of "top-down" and "bottom-up" methods to make a reasonable professional judgment on the risk of misstatement of accounting statements. We should start with the strategic management analysis of the enterprise, gradually deduce and implement the scope and focus of the audit through business risk orientation and strict logical reasoning, and determine the relevant audit objectives and audit procedures. Through the implementation of audit procedures and the results of evidence collection, combined with the judgment of importance, the risks of the whole accounting statement are summarized and judged, and the final audit opinion is formed.

Third, the understanding of modern risk-oriented internal audit? There is no unified definition of modern risk-oriented audit under internal audit. The first view is that the application of modern risk-oriented auditing in social auditing to internal auditing is a modern risk-oriented internal auditing, that is, an auditing method in which internal auditors base themselves on the analysis and evaluation of audit risks, and then make audit plans and implement audit behaviors as a starting point. The second view is that modern risk-oriented internal audit means that internal auditors pay attention to enterprise risks (not audit risks) from beginning to end in the audit process, select projects according to risks, identify risks, test managers' methods to reduce risks, and make audit reports centering on enterprise risks to help enterprises manage risks.

From the description of the second point, the so-called "risk" is not simply "audit risk", but refers to various enterprise risks faced by enterprises in the process of production and operation in a greater sense. Therefore, at this time, internal audit has become an effective tool to combine internal audit and risk management. The audit plan is related to the company's highest risk strategy. Internal auditors ensure that their audit plans are consistent with business plans through current risk analysis, and risk management principles run through the entire audit process. The focus of internal audit is no longer on test control, but on identifying risks and testing management risks. Using this view to define risk-oriented internal audit will run counter to the definition of audit risk in specific internal auditing standards.

The author believes that under the existing standards, the first view is more suitable as a modern risk-oriented internal audit, while the second view is not so much a modern risk-oriented internal audit as an internal audit function in enterprise risk management.

Fourth, the necessity and implementation of modern risk-oriented audit in internal audit

Don't draw a conclusion about the definition of modern risk-oriented internal audit, but the implementation of modern risk-oriented audit in internal audit is not only based on reducing audit risk, but also an effective tool for risk management in order to reduce business risks.

(A) the necessity of implementing modern risk-oriented audit in internal audit

With the transformation of internal audit's supervisory function to service management function, enterprises need internal audit to provide effective audit supervision and constructive evaluation on overall risk management, internal control and governance procedures, so as to help enterprises control risks and achieve their goals. Therefore, internal audit should not stay in the traditional audit mode, but should further develop modern risk-oriented audit on this basis, move forward and give full play to the early warning role. To sum up, it is of great practical significance to implement modern risk-oriented audit in enterprise internal audit.

(B) the use of modern risk-oriented audit in internal audit

1. Accurately determine the focus and scope of the audit. Using modern risk-oriented audit theory, starting with risk analysis, we can accurately determine the focus and scope of audit. In the audit preparation stage, we should strengthen the prevention, that is, by understanding the basic situation of the audited entity and analyzing the test results, we should pay full attention to the special risks of the audited entity, determine the overall audit risk probability and the risk probability of major misstatement, reduce the audit risk to a minimum, ensure that the internal audit can find major violations of laws and regulations and potential risks in business activities, and achieve the purpose of preventing risks.

2. Under the guidance of the Code of Practice for Internal Auditing, modern risk-oriented auditing procedures are implemented, so that risk management and internal auditing procedures can be coordinated with each other, resulting in synergy. First, when making an audit plan, according to the basis that may affect the risk assessment, make an audit plan and determine the audit items. Second, when preparing the audit plan, arrange the audit work on the basis of evaluating the risk priority. Third, when determining the audit scope, we should consider and reflect the strategic planning objectives of the whole enterprise, and evaluate the audit scope once a year to reflect the latest strategies and policies. Fourth, in the process of audit implementation, through the evaluation of internal control system, find out the omissions and weak links. Fifth, when compiling the audit report, we should evaluate the risk management, point out the loopholes and deficiencies in risk management, and put forward suggestions to strengthen management. Sixth, the risk is an important factor to determine the scope of follow-up audit.

Related articles
  • What is the relationship between information science and e-commerce?
  • Can newly treated syphilis patients eat beef, mutton and fish? Why? . .
  • In which year was the first phase of the landscape cloud residence in Changyuan, Henan Province built?
  • Why can't some HowNet documents be found?
  • The film paper is about 3000 words.
  • Is it easy to write a paper on gas safety?
  • Seek the title of the paper about WTO
  • What is the treasure of Guanfu Museum?
  • Brief introduction of traction power supply system of electrified railway
  • How to write the abstract of master's thesis

    • copyright 2024 Education and Training Encyclopedia All rights reserved