Academic journal article Auditing: A Journal of Practice & Theory

Allocating Internal Audit Resources to Minimize Detection Risk Due to Theft

Academic journal article Auditing: A Journal of Practice & Theory

Allocating Internal Audit Resources to Minimize Detection Risk Due to Theft

Article excerpt

SUMMARY

We analyze internal audit resource allocation strategies and employee theft strategies in a setting in which there are many asset types or "locations" controlled by a single employee where theft can occur. The term "location" refers to an auditible group of assets of equal value and identical audit sampling cost for each unit in the group. Theft detection likelihoods are based on a discovery sampling formulation (the Poisson approximation to the binomial distribution) commonly used in theft and fraud scenarios; detection risk depends on the extent and allocation of auditing, the extent and allocation of theft, and the size of locations.

In our analysis, the auditor, by choice of a sampling strategy, minimizes detection risk, or equivalently maximizes the probability that theft is detected. The agent maximizes the expected net gain from undetected theft, where an increasing penalty is imposed on the agent as the amount of detected theft increases.

Using these behavioral assumptions, we find that the auditor's strategy involves allocating to each location a share of the audit budget proportionate to the ratio of the cost of auditing the entire location to the cost of a complete (100 percent) audit of all locations. One implication of this result is that if the sampling cost at a location increases, then, contrary to an optimal allocation in a non-interactive setting, the auditor allocates more resources to the more costly location. We also find that the agent's theft strategy involves more theft from larger locations and from locations with higher audit costs.

Key Words: Strategic auditing, Auditing for theft, Audit allocations.

INTRODUCTION

In this paper, we analyze the internal audit problem of allocating audit resources to minimize detection risk associated with employee theft when there are numerous asset types or "locations" from which theft may occur.(1,2) The term "location" refers to an auditible group of assets of equal value and identical audit sampling cost for each unit in the group. Thus, a location can characterize an asset group that is physically separate (if separation results in different audit costs) or that has a common site and identical value and audit cost per unit. For example, an auditor must decide how many of various types of inventory to examine, with each type distinguished in terms of per unit value and audit cost.

We focus on this problem for two reasons. First, the extent of employee theft is significant. Albrecht et al. (1995, 12-13) list theft of inventory as one of the most common employee frauds and indicate that "organizations suffer most fraud losses from employees rather than from customers. Several retail studies ... have revealed that shoplifting accounts for 30 percent of retail fraud losses, while employees take 70 percent."(3)

The second reason we consider the allocation problem is that the internal auditor has a responsibility to (and perhaps more importantly, is expected by the organization to) safeguard the organization's assets.(4) Furthermore, internal auditing standards indicate that the internal auditor has a responsibility to exercise "due professional care" in the effort to detect fraud (IIA 1993, Section No. 280). However, professional standards give virtually no clues regarding how the auditor might efficiently attempt to detect employee theft.(5) Indeed, Albrecht et al. (1984) find that only 18 percent of the 212 frauds they analyze were discovered by internal audit departments.

The internal audit activity involves several stages. First, the firm's management (or the board of directors) allocates an overall budget to the audit department with various objectives in mind, including operational auditing, evaluation of internal controls, and prevention and detection of fraud and theft, among others. The internal audit department, determining its work plan for the period, then allocates its total budget to various subunits of the organization. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.