A Study On Constructing And Application Of The Risk-oriented Internal Audit Framework

As a result of technological and institutional innovation, modern enterprises operate in high-risk environment, and the uncertainty of their business environment and market competition is growing. Internal audit becomes an effective component of enterprise risk management, assessing and improving risk from the perspective of organizational goals, and provides advice and assurance services for professional risk management department or risk management professions.In addition, there are great changes in corporate governance environment, and external audit begins to call for risk-based audit and moves to internal audit, which all promotes the emergence and development of risk-oriented internal audit.Many scholars and organizations at home and abroad have researched on risk-oriented internal audit from different angles and different areas, which make important contribution to the development of risk-oriented internal audit. What's more, some domestic large enterprises start to explore the practice of risk-oriented internal audit.However, constructing risk-oriented internal audit framework is not easy due to the lack of theoretical basis and that establishing risk factors evaluation standard is very difficult, so the application of risk-oriented audit techniques and methods is confined mainly to the macro level. At the micro level, that is, in the implementation process of specific audit project, the application of this method is very limited.Therefore, this article attempts to find necessary theoretical support for the establishment of a comprehensive risk-oriented internal audit framework and further studies the design of risk factors evaluation standerds and processes as well as the specific application of audit projects from the practice perspective. This paper establishes a risk-oriented internal audit framework for domestic enterprises on base of a thorough literature study, combining a large number of case studies and using process reengineering theory. This framework includes five basic elements, which are strategic planning, business process, organizational structure, risk assessment system and sampling technique model. To verify the effect of its practical application, this paper has a case study in pilot project XX Company, which focus on analyzing the application and effects of concepts and technology of risk-oriented internal audit using in its annual audit plan and specific audit projects, then it puts forward a series of research recommendations according to the results of the study.This paper is divided into seven chapters.Chapter 1 is introduction. This chapter includes four parts: the background of the study; relevant research review at home and abroad; the objective and methods of the research; the path of research and possible innovations.Chapter 2 focuses on definitions of core concepts and basic theories. This chapter starts with concept of risk and researches on several audit risk and risk-oriented models. Then it introduces the content and features of risk-oriented internal audit and introduces the relationship between risk-oriented internal audit and risk management audit, social audit , internal control audit, management audit and performance audit, as well as the affiliation and distinction between risk-oriented internal audit and traditional audit modle.In the end this chapter focuses on discusses the contribution of development of accountability to the risk-oriented internal audit.Chapter 3 refers to experience and inspiration of risk-oriented internal audit practice at home and abroad. The author collects14 enterprises as real cases of risk-oriented internal audit, and then anlayzes their specific practice from five aspects, such as strategic planning, organizational structure, business processes, risk collection and identification system and risk assessment technology.Lastly, it comes to the conclusion of how to build the risk-oriented internal audit framework,how to establish strategic planning, organizational structure and business processes under the risk-oriented internal audit model and the the biggest difference between risk-oriented internal audit modle and traditional audit model lays in risk assessment.Chapter 4 focuses on The construction of risk-oriented internal audit framework. Basing on analyzing and comparing the risk-oriented audit theory and related theories such as enterprises innovation theory, the article constructs risk-oriented internal audit framework from aspect of processes innovation, which includes five basic elements: strategic planning, business processes, organizational structure, risk assessment systems and sampling technique model. This chapter also gives a brief description of the contents of risk-oriented internal audit framework, the features and functions of sub-systems, and the relationship among the sub-systems.Chapter 5 refers to the application of risk-oriented internal audit framework. This chapter introduces the specific application of risk-oriented internal audit framework in domestic enterprises from aspects of strategic planning, business processes, organizational structure, risk assessment system and sampling technique model.Chapter 6 is cases study of risk-oriented internal audit pilot project. This chapter studies the application of risk-oriented internal audit in XX Company, and summaries and analyzs the main measures taken and main effect achieved, emphasising on analyzing how to prepare the annual audit plan and implement specific projects using risk-oriented internal audit.Chapter 7 focuses on the main conclusions, recommendations and follow-up research direction. This chapter summarizes the main conclusions, policy recommendations of this article and makes suggestions about the follow-up research direction.The possible innovations of this paper are as follows:Firstly, it constructs an application framework for risk-oriented internal audit.Basing on the case study of 14 enterprises in home and aborad, the paper constructs innovation framework using business process reengineering theory under the support of risk-oriented audit theory and business process transformation theory. The paper considers the application of risk-oriented internal audit in enterprises as an innovation within enterprises, and establishes the five basic elements of risk-oriented internal audit framework: strategic planning, business processes, organizational structure, risk assessment system and sampling technique model. These five elements must be integrated considered in implementation of change. Secondly, it focuses on the research of risk-oriented internal audit framework application. It researches on the application of five framework elements and uses case study method to analyze the effect achieved.Thirdly, it introduces risk-oriented audit techniques into specific audit project. The paper not only analyzes how to prepare the annual audit plan using morden risk-oriented audit theory and techniques, but also introduces risk-oriented audit techniques into specific audit projects and makes follow-up analysis and also gives suggestions about how to improve the pilot projects.