In other words, if the financial difficulties they encounter are the fault of the auditing firm, they will have protection from any legal ramifications they may have encountered from faulty accounting or auditing measures. Preventive measures are also part of the internal controls of the auditing firm itself, so that each person who works with that firm knows the measures that are to be taken to make sure auditing is performed correctly (Cascarino, 2012). The more preventive measures a company has, the more likely that company will be to have good, strong audits that work out acceptably for everyone involved. That may not always be the case, because having preventive measures does not mean that nothing can go wrong. Still, preventive measures typically cost less money and take less time than working to correct a problem after it has already occurred (Cascarino, 2012). Problems can quickly spread, becoming very expensive.
Risk has a strong relationship to the auditing process. There is always some risk in financial transactions, no matter how successful the business actually is or how much it has to offer. The business takes a risk in trusting the auditor, of course, but the auditor also takes a risk in trusting the business to provide it with the correct information on which the audit can be conducted (Cascarino, 2012). Some businesses will go out of their way to have books (or computer programs) that provide information that is not factual. By doing that, they assume that they can turn that information over to be audited and get through the audit without being detected. While companies may have gotten away with that in the past, and some may still be able to do so, most of the issues that could be covered up and hidden by companies can no longer be easily disguised. The auditing company takes on risk when it decides to audit a company and determine that the company has handled its financial transactional appropriately (Cascarino, 2012). Once the audit comes back "clean," the company is assumed to be safe and financially sound.
That is good news for the company, but it may be a problem for stakeholders if the company really is not as sound as was assumed. Those who invest their money into the company can lose out based on a bad audit (Cascarino, 2012). Overall, there are many good auditors available. There are also some that are less well-prepared and some that can be guided to take the direction the company they are auditing wants them to take. Enron was not the only scandal that showed accounting and auditing in a bad light, as there have been plenty of others where financial information that was assumed correct has changed and been a serious problem for the investors and stakeholders of the company who were not expecting any difficulties with the investment they had chosen. Investments are always risks, but poor auditing can provide more risk than would otherwise be expected.
There are advantages and disadvantages to audit planning. These audit plans are difficult or nearly impossible to accurately follow, however, because there are so many concerns that surround them. Depending on the database used, the information provided by the company, and the work done by the particular auditor, the plan may seem to differ greatly from another plan for another company (Cascarino, 2012). By planning an audit, it is easy to have a "blueprint" of sorts for the way it will be carried out (Cascarino, 2012). The work gets done faster and more easily and conveniently, because the auditor has a specific plan to follow (Cascarino, 2012). Any time a person has a good plan for the work he or she must do, it is possible for that person to move forward with courage and conviction, and to focus more directly on the task at hand (Cascarino, 2012). That is good news for the auditor, but it is also good news for the client who would like to see the audit completed as easily as possible in order to ensure that it does not take up too much time (Cascarino, 2012).
The reporting of the audit and the allocation of the work will be better with a plan (Cascarino, 2012). However, plans can be a detriment in some ways, because they provide too much structure and rigidity (Cascarino, 2012). If an auditor is not willing to have any flexibility, or if a company is too strict about the way their auditors process information, it is possible that the plans the auditor has to follow will actually slow them down, because they will be required to perform steps that could easily be avoided otherwise (Cascarino, 2012). That does not mean that auditors should take shortcuts, but only that there are often several ways to do something - including auditing a company properly and ensuring that it is continuing to perform its financial duties correctly. Each company that struggles to keep its finances in order could find itself with a serious issue due to an audit, and audit planning must be flexible enough to be adjusted when necessary to catch these kinds of problems (Cascarino, 2012).
There is a strong relationship between audit management and audit quality assurance. Audit management is just what it sounds like - managing audits and ensuring that they are taking place correctly. Audits have to be managed by the auditors who are handling them in order to ensure that they have not been manipulated or that there is nothing deceitful taking place (Cascarino, 2012). Audit quality assurance is part of good audit management, since each auditor must ensure that he or she is performing duties correctly and following all rules that pertain to auditing companies (Cascarino, 2012). That does not mean that every auditor will do everything exactly the same, because there is room for flexibility. However, each auditor must work within the confines of the overall rules. Those auditors also have to work with the rules provided to them by each company (Cascarino, 2012). That is where audit management comes into play, because the company manages its auditors and the auditors must also manage themselves (Cascarino, 2012).
Internal control is very important to auditors, because they must have a high level of control over the processes in which they are engaged. They cannot be swayed by their clients, and they must be sure of the rules and regulations they are following (Cascarino, 2012). Performing quality control on an audit is similar to a management function and often falls under management, but is also considered to be more significant than that because quality control allows the company to see what its auditors are actually doing each time they perform an audit (Cascarino, 2012). The goal is to ensure that the auditors are consistently doing things correctly, and that they are clear about the regulations and the rules they must follow. If there are quality control problems, it is vital that they are caught quickly so that they can be corrected (Cascarino, 2012). Allowing a quality control problem to continue could be highly detrimental to the auditor and also the company being audited.
In the auditing evidence process there is certainty of risk. The risk can be reduced in other evidence processes by various methods. The use of simulations such as the Monte Carlo, game theory, and queuing theory allow for the determination or classification of risk. This is done through using specific methods to decide just how much risk is being undertaken by a certain aspect or a specific choice (Cascarino, 2012). Some companies are much more risk averse than others, and those companies often do not end up with great rewards because they do not take the kinds of risks that can result in bigger rewards (Cascarino, 2012). Great risk can equal great reward, but great risk can also backfire and end up causing many problems for a company. Those problems can extend to the stakeholders and investors for that company, as well (Cascarino, 2012). When an investor is considering a company, he or she will want to know how the audits have been done and what they have shown. Risk has to be measured, or it will not be possible to accurately audit the company and provide enough information to the potential investors and stakeholders (Cascarino, 2012).
Running simulations will allow an auditor to see what could, potentially take place in any given scenario. Once the auditor sees that, he or she will be able to better determine which scenarios have acceptable risk and reward, and which are too much and too dangerous for investors and stakeholders (Cascarino, 2012). Not all simulations are appropriate for all scenarios and all companies, of course, and it is also a good idea to try more than one simulation for a company, because the risk may come out much differently in one scenario than it may…