Research Summary 2: Inherent Risk and Control Risk Assessments

Pervasive and specific risk factors share the floor.
BY WILLIAM F. JR. MESSIER AND LIZABETH A. AUSTEN

he AICPA’s audit risk model serves as the major framework for conducting audits of financial statements. Researchers and practitioners are critical of the model because its multiplicative form suggests the components of inherent risk, control risk, and detection risk are independent. Many argue the components are, in reality, dependent, which if ignored can result in a biased estimate of audit risk. Specifically, the model does not take into account the preventative aspect of control risk and, as a result, does not formally capture this dependence between inherent risk and control risk.

We argue that auditors recognize this dependency and make judgments accordingly. To examine this issue, 124 senior auditors and managers were asked to make inherent risk and control risk assessments on eight cases which varied four inherent risk factors and the results of control testing. The findings showed that pervasive and specific inherent and control risk factors significantly affected both auditors’ inherent risk and control risk assessments. We also found a significant positive correlation between auditors’ inherent risk and control risk assessments, indicating that the two judgments were dependent. The first result shows that the factors affected the auditors’ judgments. The second result shows that the auditors’ judgments were correlated—dependent. These results were consistent with our expectations that auditors are aware of this dependency and reflect it in their inherent risk and control risk assessments.

For the full text of the published work, see Auditing: A Journal of Practice & Theory, Fall 2000, vol. 19, no. 2, “The Audit Risk Model: An Empirical Test for Conditional Dependencies Among Assessed Component Risks.”

WILLIAM F. MESSIER, Jr., is the Deloitte & Touche LLP professor at Georgia State University. His e-mail address is bmessier@gsu.edu . LIZABETH A. AUSTEN is an assistant professor at the University of Arkansas. Her e-mail address is austen@walton.uark.edu .

With these articles the JofA begins a series based on work published in Auditing: A Journal of Practice & Theory. The intent is to bridge the gap between researchers and practitioners by offering concise practice summaries of cutting-edge research in the field of auditing.

SPONSORED REPORT

Cybersecurity threats proliferating for midsize and smaller businesses

This report details how SMBs can properly protect private information from breaches, design and implement a cybersecurity policy, and create safeguards for training and education.

QUIZ

News quiz: Senate health care bill in the spotlight

Reports related to the Republican bill to repeal many provisions of the PPACA, other tax issues, and the giant AICPA ENGAGE Conference offered a diverse reading list for June. See how much you know about recent news with this short quiz.