 |
An International Meeting of American Accounting
Association
|
The Nature of Audit Planning: The Relationship between Control Risk Assessment and Computer-Related Audit Procedures |
Diane J. Janvrin
Iowa State University
James Bierstaker
Villanova University
Jordan Lowe
Arizona State University
Abstract: Auditing standards require auditors to consider several risk factors, as they plan each engagement, and thereby, determine the nature, timing, and extent of audit procedures. Prior research examining whether auditors consider control risk when they determine the nature of testing (i.e., which audit procedures to use) provides conflicting results. This paper examines the association between control risk assessment and computer-related audit procedure usage. A field-based questionnaire was used to collect data from 168 auditors representing Big 4, national, regional, and local firms. Results indicate that 42 percent of respondents indicated that they relied on internal controls and thus assessed control risk less than maximum; however, this percentage increases significantly for auditors at Big 4 firms. Auditors who assess control risk at less than maximum are more likely to use computer-related audit procedures and IT specialists than auditors who do not rely on controls.