Data Analytics in Risk Assessment

Possibilities to obtain a more thorough and efficient understanding of the entity and its environment during an audit, lays in the use of technology and data analytics presented for the auditor. In an environment with high volume of data and increasing complexity, there are potential to improve the quality of the auditor's risk assessment (IAASB, 2017, p. 7). However, research indicates that the use of DA is limited, despite the fact that it offers a variety of advantages and multiple audit firms have invested capital in the technology to enable the use of DA (Krieger et al., 2021). This is due to lack of knowledge, support, and acceptance from the standard-setters (Austin et al., 2021). Prior research has focused largely on DA in the audit process of obtaining evidence. The aim of this master's thesis is to provide insight on how DA is utilized in risk assessment and how this is affected by the guidance provided by the International Standards on Auditing (ISA). We have examined how data analytics is currently used, identified potential for growth and improvement, and looked at how the ISAs support the use of data analytics in risk assessment. Our dissertation contributes to this lack of empirical research and add a new perspective to the discussion by answering: “How data analytics are utilized in risk assessment and the role of the auditing standards in shaping its use”. To answer our research aim, we used a qualitative approach for gathering primary data. We conducted eight semi-structured interviews with informants with deep and broad knowledge within the auditing field. Our results shows that DA is widely used in risk assessment by larger audit firms, however, there are variations in how it is applied, prioritized, and defined. As a result, DA in risk assessment is currently not operating at its highest potential. By increasing knowledge and expanding access to standardized data, we may take a step toward achieving DA's promise in risk assessment. But in order for this to happen, the standards need to be updated. The present guidelines need to be modified since they neither discourage nor support the auditor to use DA. The criteria for employing DA, the auditor's skill requirements, or just more guidance and information about what may be used, might all be added to achieve this

Data Analytics in Risk Assessment

Possibilities to obtain a more thorough and efficient understanding of the entity and its environment during an audit, lays in the use of technology and data analytics presented for the auditor. In an environment with high volume of data and increasing complexity, there are potential to improve the quality of the auditor's risk assessment (IAASB, 2017, p. 7). However, research indicates that the use of DA is limited, despite the fact that it offers a variety of advantages and multiple audit firms have invested capital in the technology to enable the use of DA (Krieger et al., 2021). This is due to lack of knowledge, support, and acceptance from the standard-setters (Austin et al., 2021). Prior research has focused largely on DA in the audit process of obtaining evidence. The aim of this master's thesis is to provide insight on how DA is utilized in risk assessment and how this is affected by the guidance provided by the International Standards on Auditing (ISA). We have examined how data analytics is currently used, identified potential for growth and improvement, and looked at how the ISAs support the use of data analytics in risk assessment. Our dissertation contributes to this lack of empirical research and add a new perspective to the discussion by answering: “How data analytics are utilized in risk assessment and the role of the auditing standards in shaping its use”. To answer our research aim, we used a qualitative approach for gathering primary data. We conducted eight semi-structured interviews with informants with deep and broad knowledge within the auditing field. Our results shows that DA is widely used in risk assessment by larger audit firms, however, there are variations in how it is applied, prioritized, and defined. As a result, DA in risk assessment is currently not operating at its highest potential. By increasing knowledge and expanding access to standardized data, we may take a step toward achieving DA's promise in risk assessment. But in order for this to happen, the standards need to be updated. The present guidelines need to be modified since they neither discourage nor support the auditor to use DA. The criteria for employing DA, the auditor's skill requirements, or just more guidance and information about what may be used, might all be added to achieve this

Are Corporate Codes of Ethics and Risk Assessment by Internal Auditors Associated with Sustainability Audits by Internal Auditors?

An increasing number of organizations engage in sustainability reporting to the public. However, assurance of this disclosure is relatively new. In this study we investigate corporate codes of ethics and risk assessment by internal auditors as correlates of organizations’ engaging their internal audit functions (IAFs) in sustainability audits. Using data from a large sample of chief audit executives (CAEs) we find significant and positive associations between code of conduct and risk assessment and sustainability audits by IAFs. Also, we find positive and significant association between industry (environmentally sensitive vs. others), CAE experience, and CAE major (accounting vs. others) and sustainability audits by IAFs. Other control variables (organization size, CAE grad/undergrad degrees, and CAEcpe do not indicate significance in their association with sustainability audits by IAFs. These results have implications for design of sustainability reporting by various organizations and assurance of such reporting by internal auditors