The Business Risk Approach to Auditing
In recent years the broader concept of business risk has been developed by the larger firms. It was the subject matter of the ICAEW auditing road show ‘Tomorrow’s audit today’ in the late 1990s in UK. The notion has not been fully refined although its major principles are now well established.
Business risk is the hazard that an event or action will harmfully affect a business’s capability to achieve its ongoing objective. It can be split among external and internal factors.
The business risk approach to auditing includes examining the business in it’s wholly and evaluating the various risks to which it is exposed. The business risks are factors that affect the company’s capability to meet its goals. The risks might be controllable (to a few extents) or uncontrollable (for illustration, external factors). It may be possible to trade-off some risks (e.g. assurance). The auditor is anxious about those risks which might impact upon the financial statements and thus needs a full understanding of the business and its risks in order to do this. The auditor will then plan the audit policy with these business risks obviously focused in mind.