Current location - Education and Training Encyclopedia - Graduation thesis - Thesis: Problems and Countermeasures of Risk Management Audit in China
Thesis: Problems and Countermeasures of Risk Management Audit in China
Audit risk; Audit risk identification; Audit risk assessment

Since the 1960s, due to the closure of a large number of companies or financial difficulties, the lawsuits against the CPA industry have exploded, and the CPA industry has become a high-risk professional profession. In particular, China is carrying out the reform of the accounting firm system, with the goal of establishing a system with certified public accountants as the main investors, so that the audit responsibility can be truly implemented on certified public accountants. In this way, the management of audit risk has become a problem that China's audit industry must pay attention to.

Audit risk exists objectively, which exists in the whole process of audit work. Strict control procedures and risk prevention measures are needed from negotiation, undertaking, risk assessment, planning, specific implementation of audit procedures, three-level audit and issuance of audit reports.

1 Identification of audit risks

Audit risk identification is the basis of audit risk management. Only by comprehensively and correctly identifying the risks faced by the auditing profession can risk estimation and control technology selection have practical significance.

In fact, auditors have assumed legal responsibilities while providing forensic services. These liabilities will be converted into liabilities or losses in some cases. Therefore, the first step of risk management is to identify various risks that the audit may face. There are two ways to identify audit risks. First, with the help of external forces, identify risks by using external risk information and data; The second is to rely on the strength of accounting firms to identify risks according to the characteristics of customers. Because audit resources are limited, auditors should concentrate their energy and resources on the areas that are most likely to cause risks (because they are detailed in general audit practice books, so they will not repeat them here), and pay attention to the following problems: 1 Avoid detailed procedural inspection, but focus on the continuity of disclosure and accounting policy selection; 2. Use the bankruptcy or merger prediction model to predict high-risk business; 3 avoid high-risk industries, or increase audit fees for high-risk industries; Adhere to conservatism.

2 Estimation of audit risk

Audit risk identification answers the question of what risks audit activities face and what risk factors exist. The next step is to determine the probability of audit risk, and how much is the audit risk loss? Under different specific circumstances and conditions, audit risks are different. Auditors can analyze, estimate and test the audit risks of some audit items and their possible hazards in view of various subjective and objective situations in the audit process, so as to determine a reasonable audit risk level and try to avoid and control the occurrence of audit losses.

The estimation of audit risk of specific projects includes three processes: information collection, evidence collection and empirical observation. This process can be subjective or objective. Objective estimation is based on sufficient historical data, using statistical methods or analytical methods to calculate, so as to get the probability of future audit risks. The basis of this estimate is objective and independent of the auditor's will. Subjective estimation is also a method that can not be ignored in the process of audit risk estimation. It uses limited information and is estimated by auditors according to their personal judgment. This estimate is based on current information and personal long-term accumulated experience. As long as this method is used properly, it can also have reasonable conclusions and make it close to objective estimation.

3 Audit risk assessment

Through audit risk identification, all kinds of risks and risk factors faced by auditors are fully revealed, and through audit risk estimation, the probability of audit risk occurrence and the severity of loss are quantitatively determined. However, is the audit risk greater than or less than the acceptable standard? How to make unacceptable audit risks acceptable through control testing? To what extent should these control measures be taken? Are there any new risk factors after taking control measures? All these need to be solved through audit risk assessment.

The socially acceptable standard of audit risk is to determine an acceptable boundary for the whole society based on economic and psychological factors on the premise that audit risk cannot be completely avoided through the analysis of a large number of damaging materials (including court decisions and out-of-court settlements), as a standard to measure the severity of the overall audit risk. Due to the limitation of objective conditions and people's long-term neglect of this issue, it is difficult for the audit community to determine a socially acceptable standard. Due to the limitation of data, the author can't draw a conclusion in this respect, but I think that the socially acceptable level of audit risk can be set at 5%, and the socially acceptable degree of loss is subject to the insurance premium rate of the insurance company. Using social standards to measure the risk of audit projects is the key to audit risk assessment. According to the measurement results, we can determine whether to take control measures and the degree of control. When the estimated loss probability and loss severity are greater than the social standard, it means that the audit project to be accepted is dangerous. At this point, if the gap is too large for auditors to take effective measures to control, they can consider not accepting this business, which is also called risk aversion. If the gap is not big, we can take some measures to control it and reduce the audit risk to an acceptable level, but at the same time, we should increase the audit cost or transfer some risks by other means, which is also called risk transfer; When the estimated result is less than the social standard, although there is some audit risk, people can accept that the audit is safe in a certain sense, but some control measures are still needed in the audit process to keep the overall audit risk within the socially acceptable level, which is also called risk retention.

Audit risk assessment must pay attention to:

First of all, audit risk factors must be considered comprehensively. Audit risk factors include subjective and objective aspects. Auditors should comprehensively consider and identify the main forming factors of audit risk, and take them as the focus of risk control according to the key points of coping with and reducing risks.

Second, the evaluation results must be expressed in a single number by integrating all factors. Therefore, it is necessary to understand the relationship between various factors and establish a mathematical model.

Third, any activity is accompanied by risks, and audit activities may also lead to risk factors of losses. Controlling audit risk elements needs to pay a certain economic price. Therefore, from an economic point of view, it is impossible to eliminate all the risk factors, only to reduce the risk to a certain extent. Therefore, audit risk assessment must also consider cost-effectiveness.

4 Prevention of audit risk

4. 1 Audit quality control procedures

The external and internal factors of audit risk are usually prevented by quality control. Generally speaking, the quality control procedures can be summarized as follows:

1) Create and maintain a business culture and organizational spirit centered on advocating professional ethics and prestige;

2) Select, train and motivate employees;

3) Develop standardized procedures, documents and manuals according to best practices;

4) Peer review and another partner review, etc.

4.2 Audit staff's risk prevention countermeasures

The prevention of audit risk factors is essentially the control of audit quality. Audit risk management procedure is difficult to be strictly divided, and it is an interrelated concept in the whole process. The countermeasures to control audit risk include external and internal factors to control audit risk. The design of some control countermeasures involves all aspects of audit risk management, which cannot be divided strictly according to internal factors and external factors or management procedures, and can only be explained one by one. On the whole, the countermeasures to control audit risk mainly include:

1) only deal with honest customers and introduce the evaluation procedure to them; 2) Recruit qualified personnel and provide them with appropriate training, supervision and guidance; 3) Abide by professional standards and professional ethics requirements; 4) Deeply understand the business of the entrusting unit; 5) Sign the business power of attorney and obtain the statement from the management authority; 6) Perform qualified audit; 7) Keep good communication with customers and publicize audit risks; 8) Buy enough liability insurance; 9) Maintain the independence of audit; 10) Establish and improve the quality control system; 1 1) strive for legislation in favor of certified public accountants.

Controlling audit risk is not only the responsibility of auditors, but also the direction that audit profession should strive for. Only relying on the strength of auditors without paying attention to the purification of audit practice environment can not achieve obvious results in controlling audit risks. Therefore, the control countermeasures of audit risk involve not only auditors, but also the audit industry and society.