Academic journal article Auditing: A Journal of Practice & Theory

KRisk[SM]: A Computerized Decision Aid for Client Acceptance and Continuance Risk Assessments

Academic journal article Auditing: A Journal of Practice & Theory

KRisk[SM]: A Computerized Decision Aid for Client Acceptance and Continuance Risk Assessments

Article excerpt


This paper reports on an innovative client acceptance and continuance decision aid known as KRisk that was recently developed by the risk management unit at KPMG LLP (hereafter KPMG). KPMG developed this decision aid in response to changes in the audit environment and the existence of industry guidance emphasizing client acceptance and continuance decisions as key phases in audit quality control.

In response to changes occurring in the auditing industry such as increasing competition, litigation, and complexity in client business activities, audit firms' objectives in today's environment include effective control of auditor business risk (1) as well as audit risk. Authoritative guidance also recognizes the relationship between both types of risk. (2) For example, the Auditing Standards Board (ASB) has promulgated guidance for establishing and maintaining effective audit quality control through client acceptance and continuance policies and processes (ASB 1997, QC 20.14-20.16). Additionally, the Public Oversight Board (POB) stresses the importance of effective auditor business risk assessment in client acceptance and continuance decisions and the possible effects of such assessments on the nature, timing, and extent of audit testing. (3) For example, the POB recommends that "audit firms consider adopting sophisticated, computerized systems for identifying engagement risk that involve both quantitative and qualitative factors, including a search for potentially derogatory or other information about the entity and its principal owners and officers, and integrating those systems into their audits" (POB 2000, paragraph 2.39, pp. 17-18).

In response to these changes in the audit environment and professional guidance, audit firms continue to improve their processes for quality control in all phases of audit engagements, including risk management in client acceptance and continuance decisions. Recent technological advances and the growth of the Internet are facilitating the continuous improvement of these processes (e.g., Manson et al. 2001). New technologies provide opportunities for collecting and sharing information on a cost-effective basis that enables audit professionals to closely monitor client, industry, and market data. For example, digitized processes reduce the cost of collecting and analyzing data, thereby facilitating validation and refinement of risk assessment and audit quality control processes. In addition, computer portability, increased storage capacity, wired or wireless networks, and increased computer and database literacy on the part of audit professionals allow data collection at and from remote sites and the transfer of these data (and risk assessments made using such data) to central repositories for review and analyses.

Continued improvements in risk management strategies and processes are the logical result of changes in the audit environment, authoritative guidance, and information technology (Levitt 1999, 2000; POB 2000; Winograd et al. 2000). As they learn from past risk management experiences, and as new information technologies provide opportunities for cost-effective data collection and knowledge sharing, audit firms can now more quickly adapt their risk management strategies and processes to improve decision-making regarding their client portfolio choices. (4) Effective portfolio risk management in today's dynamic and complex business environment is critical to audit firms' long-term financial success and to the public interest at large (e.g., Simunic and Stein 1990). KRisk was designed by KPMG to assist partners in assessing and managing client acceptance and continuance risks and enabling firm-wide analysis of auditor business risk for its portfolio of audit clients.

In order to improve audit practice and education, and support research dealing with the auditor business risk assessment and management processes, it is important that audit firms, policy setters, regulators, and scholars share knowledge on best practices using a collaborative approach. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.