Understanding the client’s business
In 2003, the use of clients’ business risks in the audit approach was formally implemented in international standards on auditing. This means that it is not enough any more to do a ‘balance sheet audit’ alone. Auditors also have to take into account a client’s environment, business model, positioning within the business, strategy and
entity level controls. In other words, the auditor has to understand the client’s business.
Whether and how non-Big 4 small and medium sized audit practices (SMPs) implemented these Business Risk Audit (BRA) perspectives was largely unknown. This was the main motivation for Professor Arnold Wright of the Northeastern University in Boston, Dr. Christopher Koch of the University of Mannheim and Nyenrode associate professors Joost van Buuren and Niels van Nieuw Amerongen to conduct a research project called ‘The use of Business Risk Audit Perspectives by Non-Big 4 Joost van Buuren
Audit Firms’. The IFAC, the International Federation of
Accountants, decided to provide Nyenrode with a significant grant to be spent on this research. The results were presented at a Research Seminar held on July 7 at Nyenrode. The seminar was hosted by Joost van Buuren.
38 interviews in Germany and the Netherlands
After a welcome from Rector Magnificus Maurits van Rooijen, Arnold Wright described the objectives of the project. The main objective of the study was to gain insights into the implementation and use of BRA-tools by SMPs in Germany and the Netherlands. Also, the
researchers wanted to contribute to the understanding of reasons for BRA implementation and to gain implications for standard setting.
Niels van Nieuw Amerongen explained the propositions the research team worked from. These propositions had to do with client complexity, the differences between the two countries and the level of audit technology investments. The researchers conducted 38 interviews with highly experienced audit practioners working for an SMP, equally distributed over the two countries.
Niels van Nieuw Amerongen
Impact of business risk audit perspectives is limited
The results of the project were presented by Christopher Koch. The results show that most SMP auditors consider the impact of BRA on their audit methodology to be limited. If explicitly asked about the move towards the use of BRA, about 55% of the auditors consider it a material change. The remaining auditors consider the change to be of a formal nature, for example due to changes in audit standards and in enforcement.
Auditors recognized that business risks could be valuable for audit strategies in more complex situations and with larger
clients. For smaller clients, they are often convinced that there Christopher Koch
are more efficient ways to get a sufficient understanding of the
client’s business (e.g., by having frequent client contact).
The results suggest consideration of a range of opportunities for standard setters, on a continuum from ‘no change at all’ to ‘developing a complete separate set of audit standards for SME audits.’
In 2003, the use of clients’ business risks in the audit approach was formally implemented in international standards on auditing. This means that it is not enough any more to do a ‘balance sheet audit’ alone. Auditors also have to take into account a client’s environment, business model, positioning within the business, strategy and
entity level controls. In other words, the auditor has to understand the client’s business. Whether and how non-Big 4 small and medium sized audit practices (SMPs) implemented these Business Risk Audit (BRA) perspectives was largely unknown. This was the main motivation for Professor Arnold Wright of the Northeastern University in Boston, Dr. Christopher Koch of the University of Mannheim and Nyenrode associate professors Joost van Buuren and Niels van Nieuw Amerongen to conduct a research project called ‘The use of Business Risk Audit Perspectives by Non-Big 4 Joost van Buuren
Audit Firms’. The IFAC, the International Federation of
Accountants, decided to provide Nyenrode with a significant grant to be spent on this research. The results were presented at a Research Seminar held on July 7 at Nyenrode. The seminar was hosted by Joost van Buuren.
38 interviews in Germany and the Netherlands
After a welcome from Rector Magnificus Maurits van Rooijen, Arnold Wright described the objectives of the project. The main objective of the study was to gain insights into the implementation and use of BRA-tools by SMPs in Germany and the Netherlands. Also, the
researchers wanted to contribute to the understanding of reasons for BRA implementation and to gain implications for standard setting. Niels van Nieuw Amerongen explained the propositions the research team worked from. These propositions had to do with client complexity, the differences between the two countries and the level of audit technology investments. The researchers conducted 38 interviews with highly experienced audit practioners working for an SMP, equally distributed over the two countries.
Niels van Nieuw Amerongen
Impact of business risk audit perspectives is limited
The results of the project were presented by Christopher Koch. The results show that most SMP auditors consider the impact of BRA on their audit methodology to be limited. If explicitly asked about the move towards the use of BRA, about 55% of the auditors consider it a material change. The remaining auditors consider the change to be of a formal nature, for example due to changes in audit standards and in enforcement.Auditors recognized that business risks could be valuable for audit strategies in more complex situations and with larger
clients. For smaller clients, they are often convinced that there Christopher Koch
are more efficient ways to get a sufficient understanding of the
client’s business (e.g., by having frequent client contact).
The results suggest consideration of a range of opportunities for standard setters, on a continuum from ‘no change at all’ to ‘developing a complete separate set of audit standards for SME audits.’
Using the roadmap and driving the car
Dr. Klaus Peter Feld, Executive Officer of the Institut der Wirtschaftsprüfer in Germany, reflected on the research study. He sees the traditional Audit Risk Model (ARM) and BRA as complementary pieces of a risked-based audit. BRA provides the auditor with the roadmap so that he knows in which direction he should drive and which alternative routes are available. ARM tells him how to drive on a given track. Together they will bring the auditor to his destination.
Klaus Peter Feld
According to Feld, SMPs have a sound basis for BRA and leveraging on it. He thinks scalability and flexibility of audit approach is the response to political proposals to abolish the mandatory audit for SMEs or to replace it with other kinds of assurance services. He also finds flexibility is the basis when searching for ways to improve the value of audits from the perspective of stakeholders. Improving value will probably be associated with an increased role of BRA.
The interaction of methodology and standards
After the break, Professor Stuart Turley of the University of Manchester looked at developments in audit approaches from an international perspective. Turley described the 
forces that drive internationalization of auditing. Large audit firms promote an international audit. But the methodology used by the firms does not necessarily become a standard. And adoption of a standard does not mean common auditing. An international perspective is unavoidable but there are limits to what that can achieve. The rhetoric of internationalization can hide differences rather than reveal them. In the end, Turley said, we have to be cautious in our faith in internationalization as a means of common audit approaches and commonly understood feelings about what auditing is.
forces that drive internationalization of auditing. Large audit firms promote an international audit. But the methodology used by the firms does not necessarily become a standard. And adoption of a standard does not mean common auditing. An international perspective is unavoidable but there are limits to what that can achieve. The rhetoric of internationalization can hide differences rather than reveal them. In the end, Turley said, we have to be cautious in our faith in internationalization as a means of common audit approaches and commonly understood feelings about what auditing is.Stuart Turley
Scalability of auditing standards
Is ‘scalability of auditing standards’ possible? In other words: are the auditing standards ‘one size fits all’, or can the application of auditing standards differ across audit firms with differential sizes and complexity? This subject was discussed by Professor Stuart Turley, Dr. Klaus-Peter Feld, Professor Arnold Wright and Professor Barbara Majoor, director of the Nyenrode
Center for Auditing & Assurance. The discussion was hosted by Professor Sally Wright of the University of Massachusetts in Boston.
Barbara Majoor suggested differentiation in audit approaches between audit firms. She believes that regulatory institutes should give audit firms more room to innovate. Arnold Wright stated that the input process of auditing should be adapted to the purpose of it. The question was discussed whether audit firms should differ in levels of assurance or rather in having different audit standards for different types of small or larger engagements. Majoor thinks differentiation in assurance is not possible, so the differentiation should be in the standards. Feld believes the standard should be applied according to the properties of the entity. In Turley’s opinion, there is no unique methodology, so scalability is possible.
In her final remarks Barbara Majoor stated that regulators should do more research before developing new regulations. The research project that was discussed in this seminar is a good start.
Sally Wright, Barbara Majoor and Arnold Wright
Please mail your comments on this article to: insights@nyenrode.nl
+31 (0)346 291 211
