Improvements in Audit Risks Related to Information Technology Frauds

In this paper, the authors examine how different types of fraud in most Information Technology IT environments affect an audit risk model from 2001 through 2008. Variations in IT fraud are questionable for determining the audit risks that affect audit quality and report. The data sources in this study came from the Computer Crime and Security Survey report CSI 2008. By relating different IT fraud to audit risk components through trend analysis in IT fraud improvements from 2001 to 2008, the authors measured declined percentages for control risks, inherent risks, and detection risks. They found that an improvement in control risks has been achieved up to 52.80%, 43% for detection risks, and 14% for inherent risks. An overall improvement in audit risk is 47.5%, which is a considerable development in audit quality. The study shows that progress in detecting IT fraud positively reduced audit risks and has significantly increased the audit quality since 2001.

[1]  W. Waller Auditors' assessments of inherent and control risk in field settings , 1993 .

[2]  Jonathan Harrison,et al.  AlphaCo: A Teaching Case on Information Technology Audit and Security , 2006, J. Digit. Forensics Secur. Law.

[3]  Robert D. Allen,et al.  A Longitudinal Field Investigation of Auditor Risk Assessments and Sample Size Decisions , 2003 .

[4]  J. H. Blokdijk Tests of Control in the Audit Risk Model: Effective? Efficient? , 2004 .

[5]  Maria Manuela Cruz-Cunha,et al.  Enterprise Information Systems for Business Integration in SMEs: Technological, Organizational, and Social Dimensions , 2009 .

[6]  Miklos A. Vasarhelyi,et al.  Audit Education and the Real-Time Economy , 2010 .

[7]  Maria Manuela Cruz-Cunha,et al.  Enterprise Information Systems Design, Implementation and Management: Organizational Applications , 2010 .

[8]  Michael B. Knight Enhancing virtual learning team performance: a leadership perspective , 2012 .

[9]  Vicky Arnold,et al.  The Impact of Enterprise Systems on Business and Audit Practice and the Implications for University Accounting education , 2007, Int. J. Enterp. Inf. Syst..

[10]  Alan D. Smith,et al.  Identity Theft and E-Fraud as Critical CRM Concerns , 2005, Int. J. Enterp. Inf. Syst..

[11]  Paul Munter,et al.  Will Technology Defeat Your Auditor , 2002 .

[12]  Dana R. Hermanson,et al.  Auditor Risk Assessment: Insights from the Academic Literature , 2006 .

[13]  J. Bedard,et al.  Information Asymmetry and Competitive Bidding in Auditing , 2005 .

[14]  Jaideep Motwani,et al.  Measuring the Impact of an ERP Project at SMEs: A Framework and Empirical Investigation , 2009, Int. J. Enterp. Inf. Syst..

[15]  Theodore J. Mock,et al.  Audit Programs and Audit Risk: A Study of Japanese Practice , 2006 .

[16]  Przemyslaw Lech Is it Really so 'Strategic'?: Motivational Factors for Investing in Enterprise Systems , 2011, Int. J. Enterp. Inf. Syst..

[17]  Evelyn R. Patterson,et al.  Audit Strategies and Multiple Fraud Opportunities of Misreporting and Defalcation , 2003 .

[18]  R. Power CSI/FBI computer crime and security survey , 2001 .

[19]  Grover S. Kearns Developing a Forensic Continuous Audit Model , 2011, J. Digit. Forensics Secur. Law.