Volume 10, Issue 1 pp. 41-65

Full Access

Audit Programs and Audit Risk: A Study of Japanese Practice

Hironori Fukukawa,

Hironori Fukukawa

Nagasaki University, Japan

Search for more papers by this author

Theodore J. Mock,

Corresponding Author

Theodore J. Mock

University of Southern California, USA and Universiteit Maastricht, The Netherlands

Professor Theodore J. Mock, Leventhal School of Accounting, University of Southern California, Los Angeles, CA 90089, USA. Email: [email protected]Search for more papers by this author

Arnold Wright,

Arnold Wright

Boston College, USA

Search for more papers by this author

Hironori Fukukawa,

Hironori Fukukawa

Nagasaki University, Japan

Search for more papers by this author

Theodore J. Mock,

Corresponding Author

Theodore J. Mock

University of Southern California, USA and Universiteit Maastricht, The Netherlands

Professor Theodore J. Mock, Leventhal School of Accounting, University of Southern California, Los Angeles, CA 90089, USA. Email: [email protected]Search for more papers by this author

Arnold Wright,

Arnold Wright

Boston College, USA

Search for more papers by this author

First published: 31 August 2006

https://doi.org/10.1111/j.1099-1123.2006.00298.x

Citations: 24

Share a link

Email
Wechat
Bluesky

Abstract

The current paradigm in audit practice for evidential planning is the Audit Risk Model. However, the notion of relevant risks has broadened with the adoption in recent years of holistic audit approaches encompassing business and process risks and an increased focus on fraud risks. This study examines whether audit planning is ‘risk adjusted’ using archival data from 235 clients from a well-established audit firm in Japan. We address all four aspects of audit planning (nature, extent, timing and staffing) and examine a wider variety of client risks than prior archival studies in order to reflect the current holistic audit approaches of global auditing firms. The main results indicate that although audit planning is based on the level of and change in assessments of many audit risk variables, the associations between client risks and audit plans are rather modest. In this respect, our findings are consistent with those from prior research. We also find that client risks that comprise business risk and fraud risk affect audit planning to some extent. Finally, we report exploratory results suggesting a substitution effect between audit planning judgments in response to higher client risks such as increasing the extent of validity tests while decreasing the extent of confirmations.

SUMMARY

The current paradigm in audit practice for evidential planning is the Audit Risk Model which suggests that audit decisions concerning the nature, timing, extent, and staffing of audit tests should be ‘risk adjusted.’ This approach is prescribed in both international and US auditing standards (IAASB ISA 200, 2003a; AICPA SAS No. 47, 1984). However, the effectiveness of the risk-based approach is questioned (Weil, 2004) and prior archival studies provide conflicting results regarding the extent to which such an approach is descriptive of audit practice (Bedard et al., 1999). Further, with the exceptions of Quadackers et al. (1996), Blokdjik et al. (2006) and De Martinis (2005), these studies were conducted using US data. Therefore, little is known about the extent to which audit planning is risk-adjusted outside the US.

Further, virtually all of the prior studies use data from engagements conducted in the early 1990s. Significant changes have occurred since then. For instance, audit firms have adopted a more holistic, business risk audit approach (Bell et al., 1997, 2005; Winograd et al., 2000; Lemon et al., 2000), and major new standards have been promulgated in the US and internationally (e.g., fraud risk assessment and detection responsibilities –AICPA SAS No. 99, 2002, in the US; JICPA statement No. 10, 2002b, in Japan).

Using data from Japan, this study extends prior research in three important ways. First, examining program planning decisions for engagements conducted outside the Anglo-Saxon countries is important because practice needs to understand the extent to which audits are risk-adjusted in other economic settings in which there are a variety of economic, social, and cultural differences, as well as differences in accounting and auditing standards, that might affect audit planning decisions. Given the rapidly developing global economy, understanding audit planning in multiple economic environments is valuable because planning judgments impact both audit effectiveness and efficiency and ultimately the efficiency of the global capital market.

Second, we examine the relationships between assessed client risks and all four evidential planning dimensions (timing, staffing, nature, and extent) identified in auditing standards (IAASB ISA 200, 2003a and ISA 330, 2003b; AICPA SAS No. 47, 1984). Prior archival research (e.g., Mock & Wright, 1993, 1999) provides little evidence on the relationships between client risk assessments and staffing and timing decisions. Third, our models include an expanded array of important risk factors that are relevant to contemporary audit engagements including business risk and fraud risk; some of which were not considered in prior archival research.

Furthermore, data for this study are gathered on risk assessments and evidential plans in the accounts receivable area from the working papers of engagements of a well-established audit firm in Japan. A total of 285 engagements are randomly selected from the list of statutory audit clients, yielding data for a sample of 235 engagements. The size of the sample is very large compared to those in prior studies (Bedard et al., 1999).

The main results indicate that although audit planning is based on the level of and change in assessments of many audit risk variables, the associations between client risks and audit plans are rather moderate in terms of adjusted R²which lie primarily in the 0.1–0.3 range. In this respect, our findings are consistent with those in prior research.

In addition, we provide results that are unique to this study. In particular, we find some statistically significant relations between audit planning variables and both business risk and fraud risk factors. Further, we report exploratory findings suggesting a substitution effect among planning judgments such as increasing the extent of one audit test while reducing the extent of another.

DEVELOPMENT OF RESEARCH QUESTIONS

Background and prior research

As noted, prior archival research has shown mixed results regarding whether the nature and extent of audit tests reflect the level of or change in client risks.¹ For example, Mock & Wright (1993, 1999) find that there is no clear and strong association between client risks and audit plans in the US context. Quadackers et al. (1996) examine the relationships between client risks and program plans in the Netherlands and find that risk assessments and program plans vary across clients, while both vary little over time. On the other hand, Mock & Turner (2005) find evidence that extent, staffing, and nature of audit tests are associated with fraud risk and overall client risk assessments. Also, some archival studies that examine the relationships between client risks/characteristics and audit resource allocation decisions consistently provide evidence that client attributes such as client size, complexity of the business, financial risk and client status (public/private) influence the mix of audit resources (e.g., O’Keefe et al., 1994; Stein et al., 1994; Hackenbrack & Knechel, 1997). Bedard & Johnstone (2004) find a positive effect of earnings manipulation risk on planned audit hours and billing rates and the effect is greater for clients that have heightened corporate governance risk. De Martinis (2005) shows that client business and strategic risks affect audit production outcomes such as aggregate audit hours, disaggregate audit hours and audit fees.

Although such studies begin to provide the set of research results needed for the profession to evaluate the extent to which program plans are adjusted to address client risks, additional research in other important economic settings such as Japan is needed. While Fukukawa et al. (2005) focus on the relationships between audit resource allocation decisions at the engagement level and client risk factors in the Japanese setting, in this study we examine the relationships between audit planning decisions at a particular account level and individual client risks.

Historically, the financial statement audit was formally introduced in Japan in 1957 and was based upon US standards and practice. Thus, the purpose of the financial statement audit and the role that auditors play are formally the same as in the US and in countries that have adopted international auditing standards. On the other hand, there are many economic, cultural and other differences between Japan and other economic settings that might affect audit planning. Among the differences in the audit environment, we focus on the differences in level of litigation risk, corporate financing, and corporate governance because these factors relate to auditors’ incentives or clients’ general characteristics and thus may have an impact on auditors’ responsiveness to various client risks.

First, it is generally known that Japan is much less litigious than the US (Wollschläger, 1997; Ginsburg & Hoetker, 2004). Consistent with this general propensity of Japanese society, there has been relatively little auditor litigation in Japan (Wingate, 1997). Litigation risk is an important determinant of auditor business risk ( Johnstone, 2000). The higher the litigation risk, the more responsive one would expect auditors to be in audit planning to protect themselves from litigation. This means that auditors in Japan have a weaker incentive to be responsive to clients’ risks that relate to litigation risk.

Second, there are important differences in corporate financing. Generally, Japanese companies have utilized debt financing rather than equity financing to a much greater extent than in countries such as the US or the UK. Often, a ‘primary bank’ that plays a major role in financing a company also plays a role in managing the company. This might involve direct consultation or discussion with the management on strategic issues and influencing the election of a particular board member to the company. Also, major shareholders’ interests have been much more stable through cross-shareholding with a ‘primary bank’, suppliers, customers and other stakeholders. In such a situation, a close relationship with a large bank is a more important indicator of financial risk for Japanese companies than accounting information such as leverage, cash flow or liquidity (e.g., Suzuki & Wright, 1985; Hoshi et al., 1991). Therefore, auditors in Japan are expected to be less responsive to clients’ financial risk measured in accounting terms compared to auditors in other circumstances.

Third, the traditional corporate governance system in Japan is different from the Anglo-Saxon type of governance in that corporate auditors elected at the shareholders’ meeting are supposed to ‘audit’ the activities of management to verify that they comply with laws, regulations and the articles of incorporation. Corporate auditors then issue their own audit report included in the company’s financial reports.² External auditors are required to evaluate the effectiveness of corporate auditors and take the results into consideration in audit planning. On the other hand, the effectiveness of corporate auditors has been questioned due to their frequent lack of independence from top management and inability to prevent or detect frauds conducted by management (e.g., Japan Corporate Auditors Association, 2003). In view of such a situation, auditors in Japan may be less responsive to clients’ governance-related risks than in the US or UK because of the prevailing perception of ineffectiveness in governance.

For all these factors, clients’ litigation, corporate financing, and corporate governance, we thus expect that auditors in Japan would be less responsive to these particular risks than in Anglo-Saxon countries. However, audit standards still direct Japanese auditors to be sensitive to all relevant client risks including these factors. Thus our research questions focus on the extent to which audit planning is risk adjusted in Japan and also provides baseline evidence to compare against studies in various other countries. We believe such research is useful to practice and regulation within Japan as well as in the global audit market.

Risk framework

Although prior research has focused on inherent risk and control risk, more recent research has begun to recognize that a broader view of the set of relevant risks is needed to reflect contemporary global audit practice (e.g., Bell et al., 1997, 2005; Johnstone, 2000; Mock & Turner, 2005). Such risks include business risk and fraud risk.

Figure 1 presents a general audit risk framework that models practice and depicts the broad set of risks and audit decisions studied. First, the three sets of rectangles depict two levels of risk assessments often made in practice and, at the bottom, the audit decisions, which represent the main dependent variables that are likely to be affected by client risks.

Details are in the caption following the image — **Figure 1**
Open in figure viewer PowerPoint

***The relations between the assessed client risks and audit planning***

At the top are the higher-level risk assessments. These are categorized as the engagement-level risk factors and the account-level risk factors. Furthermore, the engagement-level risk factors are categorized into client business risks, fraud risks and other risks.³

At the middle level are the assertion-level risk assessments of inherent risk (IR) and control risk (CR). These risks are formally assessed by audit firms and under the Audit Risk Model are expected to be related to the engagement-level and account-level risk assessments. These relationships are depicted in Figure 1 as the upper four lines connecting the two sets of risks.

The audit planning variables are connected with lines to each of the two levels of risks. First, audit planning decisions may be directly influenced by specific risk assessments. For example, a fraud risk factor such as management compensation that is heavily tied to reported earnings might lead to the addition of a particular forensic audit procedure. Second, audit plans may be influenced by assessments of IR or CR. This relationship is depicted in Figure 1 as the lower line connecting the assertion-level risk assessments with the audit planning variables.

In general, the research questions addressed in our study ask whether the depicted lines exist empirically, that is whether we see a significant statistical relationship between the linked variables. More formally, the following research questions are tested:

RQ1: Are audit plans associated with the level of risk assessments?
RQ2: Are audit plans adjusted for changes in the risk assessments from the previous year?

RESEARCH METHOD

Data to address the research questions were gathered on risk assessments and evidential plans in the accounts receivable area from the working papers of engagements conducted for fiscal years 2001 and 2002 by a well-established Japanese audit firm.⁴ Accounts receivable was selected in order to focus on a significant area of an engagement that can entail substantial risks (e.g., bad debts, revenue recognition). For example, Ge & McVay (2005) find material weaknesses in internal control identified in Sarbanes-Oxley Section 404 reports occur most commonly in accounts receivable.

Given confidentiality restrictions, we were not provided direct access to the working papers and, therefore, employed a data collection instrument similar to that used in prior archival studies. This approach requires that a member of the audit firm complete the instrument by collecting the requested data directly from the audit work papers.

The data items that were collected are listed and defined in the Appendix. This list includes virtually all of the risk factors addressed in Mock & Wright (1993, 1999) as well as a number of additional business and fraud risk factors which have been shown to be important in recent literature (e.g., Bell et al., 1997; Johnstone, 2000; AICPA SAS No. 99, 2002; JICPA statements No. 10, 2002b and No. 23, 2002a). In all, eight additional risk factors are captured: cash flow from operations; level of competition; degree of technological innovation; effectiveness of corporate auditors and board of corporate auditors; management’s compensation; aggressiveness of forecasts; adequacy of monitoring of significant controls; and effectiveness of implementation of the entity’s values and ethical standards. These factors are related to the two additional risks studied in this research: business risk and fraud risk. Importantly, all of these risk factors are now explicitly identified in recently revised Japanese auditing standards as factors to consider in audit planning.⁵ In the development of the instrument, practitioner review of all risk factors also verified their relevance to the audit firm being studied.

Japanese auditing standards were significantly revised in 2002 in order to facilitate international harmonization.⁶ The revised fraud standards are quite similar to AICPA SAS No. 82 (1997). Furthermore, similar to both international and US auditing standards, recent Japanese auditing standards require auditors to pay attention to clients’ business risk.⁷ Given that the large international audit firms have adopted new audit approaches that focus on clients’ business risk and the cooperating firm may have been influenced by this audit practice because of the recent trend toward international harmonization, it is also interesting to examine if and to what extent Japanese auditors’ business risk assessments affect audit planning.

Most risk assessments (see the Appendix) were measured by using a scale that ranges from 0 to 100. To promote careful attention in responding to questions, the verbal anchors were randomly changed from low to high risk or high to low risk. For ease of interpretation and analysis of the data, however, the scales are coded so that, for all scales, 0 indicates the lowest risk and 100 the highest risk.

Furthermore, to ensure participants provided answers to the questions from information directly extracted from the working papers, a box was added to each question to be checked if the response was obtained directly from documentation in the working papers. The rate that each response category was documented in the working paper is shown in the Appendix with a mean of 74.0% and a range from 25.5% to 97.4%, suggesting that the data predominately came from the working papers rather than auditor recall.⁸

Data were initially solicited on risk assessments and evidential plans in the accounts receivable area from a list of 300 audit engagements. To ensure we obtained a representative sample of engagements we selected a random interval and starting point and asked the firm to select every Nth client in a list of their audit clients grouped by industry and divisions. The firm reported to us that they had selected sample clients as we requested.

However, we lost 15 engagements because they were no longer audit clients or had been audited for only one year (incomplete data). Also some partners did not respond to the email that asked for their cooperation. Therefore, the data collection instruments were sent to 285 engagements.

The Japanese commercial code prescribes that ‘large companies’, that is those with outstanding common stock of 500 million yen or more or total liabilities of 20 billion yen or more, provide audited financial statements. Furthermore, the Securities and Exchange Act requires that all companies whose stocks are listed on stock exchanges have their financial statements audited by CPAs. Retail, construction and financial institutions are excluded from the sample because of the unique nature or insignificance of accounts receivable for these companies.⁹

Instruments with covering letters from the researchers and the firm’s director in charge of the quality control division were sent to the partner and manager on each engagement via email. We required the partner to review the completed instrument if it was completed by someone other than the partner to promote careful attention. The partner was then directed to submit a hard copy of the completed instrument to the quality control division. The completed instruments were then forwarded to the researchers after the quality control division removed the first page of each instrument which contained the names of the respondent and reviewing partner.

A total of 236 completed instruments were collected. However, we excluded one instrument that had no information regarding audit planning. Thus, the final sample consists of 235 clients, representing an 82% overall response rate of usable instruments. This response rate is approximately twice the rate obtained in prior archival studies.¹⁰

Table 1 provides demographic data on the sample. Note that the size of engagements in terms of audit hours, total assets, and total revenues varies widely. Out of the 235 sample clients, 84 clients (36%) are public companies. As for industry, 44% of the clients (104 clients) are manufacturing companies, 43% (101 clients) belong to the service sector and 12% (29 clients) are engaged in the wholesale business.

Table 1. Sample demographics (n = 235)

Planned audit hours ^a	Engagement		Accounts receivable
Planned audit hours ^a	Mean	Range	Mean	Range
	1,022 hours	32–8,268	125 hours	0–742

Size of clients^b	Total assets		Total revenues
Size of clients^b	(Billions of ¥)	No. of clients	(Billions of ¥)	No. of clients
	(a) 0–1	10	(a) 0–1	21
	(b) 1–10	81	(b) 1–10	82
	(c) 10–100	118	(c) 10–100	106
	(d) 100–300	17	(d) 100–300	15
	(e) 300–	7	(e) 300–	9

*Client industry*^c		*No. of clients*
	Manufacturing	104
	Wholesale	29
	Services (including transportation)	101
Company status^c (public vs. private)	36% are public companies

a) Seven clients have been excluded because of lack of information.
b) Two clients have been excluded because of lack of information.
c) One client has been excluded because of lack of information.

RESULTS

The results are discussed in two main sections. First we provide descriptive summaries of the risk assessments and audit decisions that were documented in the working papers. Then we present ordinary least squares (OLS) regression analyses to examine the relationship between audit program plans and risk assessments.

Descriptive statistics

Table 2 provides descriptive data on the risk assessments documented in the sample audits. Based on our framework (see Figure 1), prior research (e.g., Bell et al., 1997 and Johnstone, 2000) and auditing standards (AICPA SAS No. 99, 2002; JICPA statements No. 10, 2002b and No. 23, 2002a), we classified these risk factors into three categories: engagement-level, account-level and assertion-level risk factors. Furthermore, engagement-level risk factors are categorized into business, fraud and other engagement-level risks because we are especially interested in the relationships between these particular risks and audit planning.

Table 2. Descriptive statistics on risk assessments

Risk assessment variables	Level of risk assessments (2002 data)			Change in risk assessments (2001–2002 data)
Risk assessment variables	Mean	S. D.	Range	Mean	Mean of \|change\|	S. D.	Range
Engagement-level risks
Business risks
Liquidity	38.17	23.48	0–97.5	0.48 (0.409)*	3.54	8.79	−42.5–45
Profitability	48.56	19.14	7.5–100	−0.73 (0.168)	3.26	8.03	−45–25
Cash flow from operations	41.84	21.42	0–100	−1.82 (0.078)	7.51	15.32	−77.5–50
Industry growth	8.04	16.49	0–90	0.17 (0.790)	2.71	9.93	−75–50
Industry decline	10.28	17.25	0–75	−0.09 (0.865)	2.40	7.74	−50–35
Level of competition	58.11	19.69	0–92.5	0.49 (0.083)	1.39	4.28	−30–20
Degree of technological innovation	43.98	23.61	0–100	−0.14 (0.687)	1.21	5.32	−57.5–15
Fraud risks
Overall general controls	34.41	17.43	2.5–87.5	−0.49 (0.024)	0.93	3.29	−25–15
Effectiveness of corporate auditors	47.20	24.02	2.5–100	−0.48 (0.309)	1.86	7.12	−70–40
Management’s compensation	19.71	19.81	0–97.5	0.43 (0.169)	0.97	4.71	−20–52.5
Aggressiveness of forecasts	50.75	16.80	0–100	−0.32 (0.459)	1.98	6.21	−37.5–37.5
Adequacy of monitoring of controls	35.79	17.06	0–100	−0.19 (0.569)	1.15	4.93	−27.5–45
Implementation of ethical standards	37.52	17.19	0–100	−0.14 (0.118)	0.27	1.37	−12.5–2.5
Other engagement-level risks
Knowledge of accounting personnel	37.79	18.24	2.5–92.5	−0.89 (0.091)	2.62	7.90	−70–27.5
General attitude of accounting personnel	21.63	14.34	0–75	−1.00 (0.039)	1.27	7.31	−37.5–12.5
Change in information system	20.58	26.54	0–100	2.36 (0.129)	11.33	23.36	−100–100
Management aggressiveness	46.68	23.53	0–100	0.66 (0.172)	2.11	7.25	−30–57.5
Management turnover	31.97	27.64	0–97.5	0.94 (0.510)	8.73	21.53	−100–97.5
Client’s status	37%	–	0, 1				−1–1
Account-level risks
Degree of judgment	34.98	25.00	0–100	0.80 (0.270)	3.30	10.83	−47.5–75
Degree of complexity	26.75	22.73	0–87.5	−0.30 (0.508)	1.62	6.76	−65–50
Unusual transactions	16.93	22.80	0–100	0.11 (0.828)	1.33	7.65	−100–30
Number of prior detected differences	14.22	20.02	0–75	−0.23 (0.653)	2.15	7.47	−37.5–50
Number of prior material differences	2.65%	–	0, 1	0.01 (0.158)	0.01	0.09	0–1
Assertion-level risks
Inherent risk for existence	30.38	21.23	0–90	−0.56 (0.043)	0.89	4.10	−45–12.5
Inherent risk for valuation	29.65	21.13	0–90	−0.18 (0.523)	0.99	4.15	−30–27.5
Control risk before testing	37.20	21.02	0–100	−1.04 (0.046)	2.04	7.82	−90–22.5
Control risk after testing	36.83	21.38	0–100	−0.49 (0.084)	1.20	4.29	−37.5–15

* Numbers in parentheses indicate the significance level of comparison tests (t-test, test value = 0).

Table 2 shows that assessments of risks included in all categories vary widely. Also, standard deviations of all variables are high (20.7 on average). These measures indicate that there is significant across-client variation in risk assessments which should, if audits are risk adjusted, lead to substantial variations in audit planning decisions across clients.

As in prior studies, the level of each risk assessment is typically in the low or moderate range. In fact, the mean assessment of only two factors (level of competition and aggressiveness of forecasts) exceeds the middle of the scale (50). However, all of the eight risk factors we added to those studied by Mock & Wright (1999) except management’s compensation are assessed as relatively high. The relatively low assessment of management’s compensation is consistent with the practice in Japan of generally not directly linking management’s compensation to financial performance.¹¹

The assessments of risks related to industry growth and industry decline are also quite low. This is a result of our treatment of these particular data. Mock & Wright (1999) used a scale where the endpoints were ‘rapid decline’ and ‘rapid growth’ and the middle was ‘stable.’ However, given that both ‘rapid decline’ and ‘rapid growth’ may indicate higher risk, we have divided the scale into two scales so that ‘stable’ now measures the lowest risk (0) and ‘rapid decline’ or ‘rapid growth’ measures the highest risk (100).

Table 2 also provides descriptive statistics on the year-to-year changes in the risk assessments. As stated, data regarding the risk assessments were solicited for both 2001 and 2002 for each engagement. We measure the year-to-year changes in the risk assessments between these two years. Consistent with prior research, risk assessments are quite stable with less than one third of the risk variables changing significantly between 2001 and 2002. The risk factors with the largest change in terms of absolute value are the change in information system, management turnover and cash flow from operations.

Table 3 shows descriptive statistics of the dependent audit planning variables. Included are measures of the level of and change in audit plans regarding the extent of selected audit tests, timing, staffing in terms of audit hours and the persuasiveness of audit evidence.

Table 3. Descriptive statistics on audit planning variables

	Mean	S. D.	Range	Mean	Mean of \|change\|	S. D.	Range
	Level of audit plans (2002 data)			Change in audit plans (2001–2002 data)
Dependent variables
Extent of confirmations – Customer	52.55 (0.169)*	28.20	0–100	−1.59 (0.007)♯	2.29	8.74	−60–22.5
Extent of confirmations – Yen	67.42 (0.000)	25.70	0–100	−0.44 (0.270)	1.51	5.89	−57.5–35
Extent of tests for valuation	55.59 (0.000)	21.42	0–100	−0.26 (0.379)	0.66	4.52	−60–22.5
Extent of tests for validity of records	46.83 (0.027)	21.78	0–100	0.26 (0.362)	1.03	4.34	−15–40
Extent of cutoff tests	47.21 (0.063)	22.89	0–100	0.13 (0.623)	0.90	3.96	−25–35
Timing – A/R	46.42%	16.52%	6.45%–100%	0.60% (0.252)	3.08%	7.69%	−45.83%–50.00%
Staffing – A/R	35.26%	26.36%	0%–100%	−0.93% (0.278)	4.51%	12.66%	−100%–100%
Persuasiveness	329.39	106.39	0–600	−2.94 (0.058)	7.51	22.98	−197.5–107.5

* Numbers in parentheses indicate the significance level of comparison tests (t-test, test value = 50).
♯ Numbers in parentheses indicate the significance level of comparison tests (t-test, test value = 0).

As prior research shows, defining and measuring the nature of audit tests is extremely difficult because it is a qualitative construct. Prior studies have measured nature as the number of tests (e.g., Mock & Wright, 1999). However, we address the nature of audit tests more directly by using a measure of the persuasiveness of audit evidence. Audit evidence obtained from an external source is generally regarded as stronger than that from an internal source (AICPA SAS No. 31, 1980). For example, evidence from confirmations is viewed as stronger than evidence from cutoff tests that only review internal documents. In contrast, the strength of evidence obtained by tests for valuation of accounts receivable such as examination of supporting documentation and development of an estimate of future uncollectable amounts, or tests for validity of records of sales transactions is considered to be of intermediate strength, because these tests utilize both external and internal sources.

In this study, the cooperating audit firm agreed to provide information on the ‘extent’ of tests by reporting the relative use of accounts receivable confirmations, tests for valuation, tests for validity of sales transactions and cutoff tests. All of these tests are considered to be important for accounts receivable (Arens et al., 2003). Relative usage of these tests was indicated on a scale where the endpoints were ‘Greater than normal scope’ (100) and ‘Less than normal scope’ (0) and the middle scale was ‘Normal scope’ (50).

Given that the middle scale is ‘Normal scope’, the average of these measures should be approximately 50. However, as shown in Table 3, both the mean extent of confirmations and the mean for valuation tests are significantly greater than 50 (p ≤ 0.01). In contrast, the mean extent of tests for validity of accounts receivable records and the mean for cutoff tests are significantly less than 50 (p ≤ 0.05 and 0.10, respectively). Given that audit fees in Japan remain relatively constant for the period examined, this is consistent with the substitution of valuation tests for other audit tests in this sample. Auditors may have paid more attention to the valuation of accounts receivable (e.g., collectability) because of the sluggishness in the Japanese economy at the time data were collected.

Also in Table 3, timing and staffing decisions measured in terms of audit hours vary widely as is the case for other audit planning variables. The timing of the planned audit tests, which is measured as the ratio of audit hours devoted to end-of-year tests to total audit hours, is 46.50% at the account level. This implies that more than half of total audit tests were conducted prior to the end of the fiscal year.

The relative experience of the staff, which is measured as the ratio of audit hours of partners and managers to total audit hours, is 35% at the account level. This indicates that over one third of the audit effort was done by those who have extensive experience and, in general, higher expertise.¹²

To measure ‘persuasiveness,’ the strength of audit tests is ranked by using the following subjective weights: confirmations = 3, tests for valuation of accounts receivable and tests for validity of records of sales transactions = 2 and cutoff tests = 1. These weights are then multiplied by the extent of each test and summed over the three types of evidence to provide a measure of persuasiveness.¹³ An analysis of the robustness of this measure indicates that this measure is quite robust over alternative weightings.¹⁴

Table 3 also shows, consistent with prior research (Mock & Wright, 1993, 1999; Bedard, 1989), that there is little change in audit plans between 2001 and 2002. Comparison tests reveal that the changes in all audit planning variables except the extent of confirmations (customers) and persuasiveness of tests are not significantly different from zero.

We continue our descriptive analysis by presenting the correlations among the various risk assessments and between audit planning decisions. Table 4 is an abbreviated correlation matrix that shows correlations between the various dependent variables and the risk variables that are significant in the regressions.

Table 4. Abbreviated correlation matrix on risk assessments and audit plans (variables that are not significant or not discussed in the paper are excluded)

Pearson correlation coefficients, 2001 and 2002 data
	1	2	3	4	5	6	7	8	9	10	11	12	13	14	15	16	17	18	19	20
1. Liquidity	1	0.450**	0.408**	0.170**	0.198**	0.154**	0.219**	0.223**	0.079	0.100*	0.065	0.079	−0.021	−0.103*	−0.071	0.005	0.017	−0.056	−0.068	−0.066
2. Profitability		1	0.524**	0.314**	0.266**	0.212**	0.247**	0.156**	−0.019	0.022	−0.012	0.029	0.121**	0.06	0.043	0.189**	0.104*	−0.112*	0.021	0.132**
3. Cash flow from operations			1	0.306**	0.330**	0.229**	0.298**	0.234**	0.049	0.04	0.013	0.122*	0.005	0.051	0.03	0.111*	0.091	0.033	−0.082	0.071
4. Industry decline				1	0.07	0.096*	0.056	0.107*	0.002	0.029	0.104*	0.114*	−0.006	0.005	−0.088	0.01	−0.012	−0.037	−0.131**	−0.021
5. Level of general controls					1	0.473**	0.650**	0.402**	0.150**	0.146**	0.150**	0.246**	0.052	0.051	0.099*	0.256**	0.216**	0.047	−0.126**	0.165**
6. Corporate auditors and board of CA						1	0.437**	0.275**	−0.02	−0.087	0.008	0.069	0.024	0.036	0.014	0.150**	0.141**	0.017	−0.116*	0.093*
7. Adequacy of monitoring of control							1	0.501**	0.049	0.057	0.154**	0.245**	0.017	0.046	0.01	0.078	0.098*	0.069	−0.143**	0.071
8. Implementation of the ethical stds by mgt								1	0.005	0.022	0.138**	0.191**	−0.079	−0.102*	−0.063	0.082	0.110*	0.130**	−0.169**	−0.044
9. Degree of judgment relating to A/R									1	0.698**	0.235**	0.391**	−0.037	−0.035	0.173**	0.029	−0.062	0.048	0.038	0.007
10. Degree of complexity of entries										1	0.309**	0.467**	−0.048	−0.065	0.104*	0.068	−0.003	−0.006	0.019	−0.001
11. Number of unusual transactions											1	0.340**	0.087	0.064	0.049	0.123**	0.088	0.109*	0.047	0.114*
12. Number of audit differences_t−1												1	−0.037	−0.018	0.014	0.154**	0.028	0.082	−0.07	0.022
13. Extent of confirmations – Customers													1	0.708**	0.303**	0.278**	0.282**	0.064	0.077	0.831**
14. Extent of confirmations – Yen														1	0.314**	0.174**	0.202**	0.006	0.041	0.785**
15. Extent of tests for valuation															1	0.383**	0.465**	0.163**	0.094*	0.614**
16. Extent of tests for validity of records																1	0.755**	0.102*	0.132**	0.611**
17. Extent of cutoff tests																	1	0.101*	0.08	0.649**
18. Timing – A/R																		1	0.004	0.116*
19. Staffing – A/R																			1	0.107*
20. Persuasiveness																				1

**, * Indicate two-tailed probabilities at p ≤ 0.01, 0.05, respectively.

Consider the correlations between the risk assessments. As noted earlier, the set of risk variables collected were extended from prior research by adding risk factors that relate to client business risk and fraud risk. The result of the correlation analysis shows that there are high and positive correlations among many of these new variables.

For example, liquidity, profitability, cash flow from operations and industry decline are highly and positively correlated (the correlations range from 0.170 to 0.524). While the former three variables are of a financial nature and the last one is not, all of these variables relate to clients’ business risk. Some risk factors that are categorized into fraud risk (i.e., level of general controls, effectiveness of corporate auditors and board of corporate auditors, adequacy of monitoring of significant controls and implementation of ethical standards) are highly and positively correlated (the correlations range from 0.275 to 0.650). High and positive correlations are also found between the account-level risks such as degree of judgment relating to accounts receivable, degree of complexity of entries, number of unusual transactions and number of audit differences in the prior year (the correlations range from 0.235 to 0.698). These high and positive correlations provide support for the validity of our classification of risk factors.¹⁵

OLS regression results

We begin our discussion of OLS regression results by examining whether the audit plans are ‘risk adjusted’ (RQ1). In terms of the framework depicted in our risk framework (see Figure 1), we estimate which, if any, of the various risk variables and audit decision variables are statistically related using OLS.

The relationship between individual risk assessments and assessments of IR and CR

The Audit Risk Model is embodied in the formula AR = IR * CR * DR. Auditors are expected to take various individual risk factors into consideration when they assess IR and CR. Therefore, we first examine which of the individual risk factor assessments are related to IR and CR using the following OLS regression models.

((1.1))

((1.2))

where:

Business risks: Industry-manufacture, Industry-wholesale, Total assets in the prior year, Total revenues in the prior year, Liquidity, Profitability, Cash flow from operations, Industry growth, Industry decline, Level of competition, Degree of technological innovation

Fraud risks: Level of general controls, Effectiveness of corporate auditors, Management’s compensation, Aggressiveness of forecasts, Monitoring of significant controls by management, Implementation of ethical standards

Other engagement-level risks: Accounts receivable ratio in the prior year, Knowledge of accounting personnel, General attitude of accounting personnel, Change in information system, Management aggressiveness, Management turnover, Client status

Account-level risks: Account-specific risks

In conducting the regression analyses, we utilize stepwise regression as a variable selection method. The F values are used for entering and removing variables. We employ a criterion that variables are entered when the F value is 1.00 or larger and removed when the F value is less than 1.00. We expect positive relations between assessments of individual risk factors and IR/CR. That is, the higher the assessments of individual risk factors, the higher are IR/CR. Note that for the variables that represent the client’s size (total assets in the prior year, total revenues in the prior year and client status (public or private)), we assume that smaller client size means more risk. In larger clients, both the firm’s system of internal control and information system are generally better organized and more sophisticated. Furthermore, there has been little litigation against auditors in Japan and, thus, larger client size does not necessarily mean greater litigation risk for auditors. Because we expect higher individual risk assessments to be positively related to assessments of IR and CR, we apply one-tailed tests to all variables except for the industry variables.

The results are shown in Table 5. The adjusted R²s are moderately high, ranging from 0.202 to 0.554. In the estimated models, four business risk factors (total revenues in the prior year, cash flow from operations, level of competition and the degree of technological innovation) are seen to have a significant impact on the assessments of IR, while there is no fraud risk factor that has a significant effect on the assessments of IR. Also, one business risk (the degree of technological innovation) and two fraud risk factors (effectiveness of corporate auditors and board of corporate auditors and adequacy of monitoring of significant controls) have a significant positive relation with the assessments of CR. These results show that more business risk factors influenced IR than CR, while more fraud risk factors influenced CR than IR. These findings seem reasonable, since the fraud risk factors we study relate most closely with governance and controls, while the business risk factors reflect broad economic or technology indicators.

Table 5. OLS regression results: significant relationships (p ≤ 0.05) between level of IR and CR and individual risks (2002 data)

Stepwise (criteria: Entry –F value ≥ 1, Removal –F value ≤ 0.99)
Dependent variable	IR – existence	IR – valuation	CR – before tests of control	CR – after tests of control
Adjusted R²	0.282	0.554	0.236	0.202
Business risks
Total revenues_t−1	0.172 (0.005)	0.127 (0.008)
Cash flow from operations	0.178 (0.002)	0.117 (0.016)
Level of competition		0.090 (0.033)
Degree of technological innovation		0.085 (0.040)	0.123 (0.025)	0.112 (0.040)
Fraud risks
Corporate auditors			0.182 (0.004)	0.150 (0.018)
Adequacy of monitoring of control			0.133 (0.049)
Other engagement-level risks
A/R ratio_t−1	0.184 (0.001)		0.109 (0.042)
Attitude of accounting staff	0.165 (0.008)
Management aggressiveness			0.141 (0.013)
Account-level risks
Degree of judgment relating to A/R	0.137 (0.040)	0.530 (0.000)	0.178 (0.002)	0.129 (0.026)
Number of audit differences_t−1	0.216 (0.001)	0.309 (0.000)

The relationship between individual risk assessments and audit program decisions

Next, we examine the relationships between the individual risk variables and the audit decision variables depicted in Figure 1. The OLS is applied to the following regression models. Again, we adopt the same stepwise method as described above.

((2.1))

((2.2))

((2.3))

((2.4))

where:

If audit planning is ‘risk adjusted’, then when assessed risks are higher, auditors should conduct audit tests so that they can obtain more persuasive evidence, plan a greater extent of audit tests, deploy more experienced staff and/or conduct audit tests at a time closer to the end of the fiscal year. Therefore, we expect positive relations between the audit decision variables and audit risk variables. According to our expectations, we adopt one-tailed tests in the regression analyses.

Similar to Mock & Wright (1999), we also use the variable ‘the ratio of planned audit hours devoted to accounts receivable to total audit hours’ as the measure of extent of audit tests. However, in contrast to Mock & Wright (1999), we use the auditor’s assessment of CR after tests of control as an independent variable because this would be the one used to determine substantive tests, and we exclude CR before tests of control because these two risk factors are highly correlated (0.909) and the resulting models would suffer from significant autocorrelation.¹⁶

Table 6 lists all of the relationships that are significant at the 5% level. In general these models explain only a moderate amount of variance and the adjusted R²s range from 0.118 to 0.193. Furthermore, in Figure 2, we augment Figure 1 and show all of the relationships between the risk factors and audit planning that are significant at the 5% level. Among the risk factors that comprise business risk, industry (manufacturing) and profitability have significant positive effects on audit planning. Also, degree of technological innovation has a significant impact on audit planning. Two variables that are proxies of client size (total assets in the prior year and total revenues in the prior year) have positive relations with audit planning variables.¹⁷ As for fraud risk, only two variables (level of general controls, implementation of ethical standards) have a significant positive effect on audit planning.

Table 6. OLS regression results: significant relationships (p ≤ 0.05) between level of client risks and audit planning (2002 data)

Stepwise (criteria: Entry –F value ≥ 1, Removal –F value ≤ 0.99)
Dependent variable	Confirmations – customers	Confirmations – yen	Valuation tests	Validity tests	Cutoff tests	A/R hours ratio	Persuasive- ness	Account – Staffing	Account – Timing
Adjusted R²	0.147	0.135	0.157	0.193	0.118	0.143	0.177	0.151	0.128
Business risks
Industry – manufacture	0.243 (0.000)¹	0.254 (0.000)¹	0.167 (0.012)¹				0.203 (0.002)¹
Total assets_t−1	0.281 (0.000)	0.268 (0.000)	0.226 (0.000)		0.167 (0.007)	0.222 (0.008)	0.324 (0.000)		0.222 (0.000)
Total revenues_t−1								0.333 (0.000)
Profitability	0.137 (0.035)	0.126 (0.039)		0.126 (0.037)			0.117 (0.049)	0.128 (0.035)
Degree of tech innovation									0.154 (0.011)
Fraud risks
Level of general controls				0.172 (0.023)			0.133 (0.038)
Implementation of ethical standards									0.114 (0.042)
Other engagement-level risks
Client’s status			0.115 (0.043)	0.129 (0.022)	0.176 (0.005)	0.194 (0.002)
Account-level risks
Degree of judgment re. A/R								0.207 (0.008)
Degree of complexity of entries						0.159 (0.009)
Number of unusual transactions	0.176 (0.003)	0.159 (0.008)					0.172 (0.004)	0.124 (0.037)
Number of audit differences_t−1				0.260 (0.000)					0.149 (0.017)
Assertion-level risks
IR relating to valuation of A/R			0.165 (0.032)
CR after tests of control				0.176 (0.006)	0.201 (0.003)

1 The results of two-tailed tests.

Additionally, account-level risk factors such as degree of judgment relating to accounts receivable, degree of complexity of entries, number of unusual transactions and number of audit differences in the prior year are positively related to audit planning variables.

Figure 2 also shows the significant relationships between the individual audit risks and the assertion-level risk assessments of IR and CR. We see from Figure 2 that IR and CR are significantly related with eleven of the assessed individual risks (see also Table 5).

The relationship between year-to-year changes in risk assessments and audit program decisions

Next we examine the relation between changes in IR and CR assessments, changes in individual assessed risks and the corresponding change in audit planning decisions (RQ2). As indicated previously, there was little change in assessments of client risks between 2001 and 2002. Therefore, in conducting the analysis, we use a subset of the data comprised of clients where the change in risk assessment is among the upper quartile for at least one of the risk factors.¹⁸ Also, six clients that have no 2001 data are excluded from the sub-sample. As a result of this procedure, our sample is reduced to 145 clients out of 235 clients (62%).

Adopting the same stepwise method as stated above, the following regression models are used.

((3.1))

((3.2))

((3.3))

((3.4))

((3.5))

((3.6))

The results are shown in Tables 7 and 8. In addition, the relationships that are in accordance with our expectations are depicted in Figure 3. The results shown in Table 8 indicate that the change in total revenues in the prior year has a positive effect on the change in the extent of confirmations and the persuasiveness of audit evidence. This result suggests that when a client becomes larger, an auditor diminishes the relative extent of audit tests and the persuasiveness of evidence, which once again is consistent with the inference that larger clients are less risky. Also, the change in profitability has a positive effect on the change in the extent of confirmations and the persuasiveness of audit evidence and the change in account level staffing, suggesting, as expected, that when a client becomes less profitable, an auditor extends the extent of confirmations and assigns more experienced staff to conduct audit tests.

Table 7. OLS regression results: significant relationships (p ≤ 0.05) between change in IR and CR and individual risks (2001–2002 data)

Stepwise (criteria: Entry –F value ≥ 1, Removal –F value ≤ 0.99)
Dependent variable*	IR – existence	IR – valuation	CR – after tests of control
Adjusted R²	0.152	0.247	0.277
Business risks
Liquidity		0.182 (0.010)
Level of competition	0.168 (0.024)
Other engagement-level risks
Client status			0.160 (0.013)
Management aggressiveness	0.136 (0.045)		0.131 (0.041)
Account-level risks
Degree of judgment relating to A/R		0.481 (0.000)
Number of audit differences_t−1		0.159 (0.024)

* The dependent variable ‘CR – before tests of control’ is removed from the table because it has no significant relation with any independent variable.

Table 8. OLS regression results: significant relationships (p ≤ 0.05) between change in client risks and audit planning (2001–2002 data)

Stepwise (criteria: Entry – F value ≥ 1, Removal –F value ≤ 0.99)
Dependent variable*	Confirmations – customers	Confirmations – yen	Valuation tests	Validity tests	Cutoff tests	Persuasive- ness	Account – Staffing	Account – Timing
Adjusted R²	0.308	0.236	0.227	0.339	0.231	0.307	0.142	0.110
Business risks
Total revenues_t−1	0.451 (0.000)	0.259 (0.000)				0.403 (0.000)
Liquidity			0.239 (0.001)
Profitability	0.354 (0.000)	0.191 (0.010)				0.254 (0.001)	0.167 (0.022)
Level of competition				0.139 (0.026)
Fraud risks
Level of general controls								0.191 (0.012)
Adequacy of monitoring of control				0.370 (0.000)
Implementation of ethical standards		0.160 (0.023)			0.149 (0.028)	0.140 (0.039)
Other engagement-level risks
A/R ratio_t−1				0.182 (0.009)
Account-level risks
Degree of judgment relating to A/R			0.189 (0.013)
Number of unusual transactions					0.253 (0.001)
Number of audit differences_t−1			0.284 (0.001)		0.294 (0.001)	0.225 (0.006)
Assertion-level risks
IR relating to existence of A/R	0.135 (0.038)	0.196 (0.008)			0.206 (0.004)	0.196 (0.006)
IR relating to valuation of A/R				0.262 (0.000)
CR after tests of control		0.168 (0.015)

* The dependent variable ‘A/R hours ratio’ is removed from the table because the model does not have enough explanation power in terms of F value (at the 5% level).

Furthermore, Table 8 shows that the changes in three fraud risk variables (level of general controls, adequacy of monitoring of significant controls, implementation of ethical standards) have significant effects on the change in audit planning. As in the case of the results regarding relationships between the level of client risks and audit planning, some account-level risk factors (degree of judgment relating to accounts receivable, number of unusual transactions and number of audit differences in the prior year) have significant impacts on changes in audit planning. Also, assessed IR/CR has some impact on audit plans. All of the relationships cited above are also in the expected direction.

Additional analyses

Substitution of audit planning decisions

In this section we present exploratory evidence regarding the substitution of audit planning decisions. In the analyses thus far, we have assumed that as risks increase an auditor should conduct audit tests that obtain more persuasive evidence, expand the extent of audit tests, use more experienced staff and conduct audit tests at a time closer to the end of the fiscal year. That is, all relations between audit planning variables and assessed client risks are expected to be positive except for the industry variables where we have no a priori expectations.

However, these analyses do not examine the possibility of more complex interrelationships among audit planning decisions. For example, the substitution of one audit test for another may occur (De Martinis, 2005). Although some studies such as O’Keefe et al. (1994), Stein et al. (1994) and Hackenbrack & Knechel (1997) focus on the issue of allocation and substitution of audit resources at the engagement level, there is little research that addresses the issue of substitution within audit planning decisions at the account level.

At the account level, an auditor may increase the extent of one audit test that is highly persuasive and decrease the extent of another less persuasive test at the same time when a specific client risk is high. Alternatively, auditors may focus on the most persuasive procedures (reduce the set of tests) and bring in more experienced staff. Auditing standards indicate such a substitution is permissible (IAASB IAS 500 (revised), 2003c; AICPA SAS No. 31, 1980). In order to deal with this issue, we need to pay attention not only to positive relations but also to negative relations between audit planning variables and assessed client risks.¹⁹

We conducted an additional exploratory regression analysis to ascertain whether there are significant relations that may indicate substitution within audit planning. Since there are no a priori expectations either from professional standards or prior research regarding likely substitution effects, two-tailed tests were adopted.

These analyses show that if the client is private [client status = 1] there is a positive relationship with valuation tests, validity tests, cutoff tests and A/R hours ratio. We also find a negative relationship with the account level timing, which indicates more audit work at year end. Also, the level of degree of technological innovation has a positive relation with the account level timing and a negative relation with the A/R hours ratio. Therefore, when there is a high degree of technological change, more work is planned for year end but the relative number of audit hours is decreased.

Furthermore, these analyses show that the change in the ratio of accounts receivable to total assets in the prior year has a positive impact on the extent of validity tests and a negative impact on the extent of confirmations (customers). The change in profitability (i.e., higher risk or lower profitability) has a positive impact on the extent of confirmations, the account level staffing and the persuasiveness of audit evidence and a negative impact on the extent of validity tests and the account level timing. In addition, when an auditor’s assessment of CR after tests of control becomes higher, the auditor increases the extent of confirmations (yen) and decreases the extent of validity tests.

In general, these results provide clear evidence of substitution of audit planning decisions, thus indicating a complex audit planning strategy. These exploratory results are interesting because relatively little attention has been paid to the issue of substitution of audit decisions at an account level in prior research.

The effect of the difference in engagement size

Archival data used in this study are obtained on a sample of 235 engagements. As shown in Table 1, however, engagement size varies widely. So, it is possible that some extreme cases in terms of engagement size have a substantial impact on our results; that is the relationships between the assessed client risks and the audit planning decisions may be different depending on engagement size. To examine these possibilities, we conduct additional analyses using various sub-samples.

First, we analysed the relationship between the level of assessed client risks and the audit plans excluding the largest 5% and the smallest 5% of engagements in terms of total audit hours.²⁰ The results are largely consistent with those reported above (see Table 6). The only differences are that management aggressiveness and degree of judgment relating to accounts receivable have a significant impact on audit planning decisions to some extent (these variables are significant for 3 and 4 out of 9 OLS regressions, respectively). Also, total revenues in the prior year as well as total assets in the prior year have a significant effect on audit plans.

Next, we divide the full sample into sub-samples comprised of engagements where total audit hours are among the upper quartile, the middle 50% and the lower quartile to examine whether there are any differences in pattern of the relationship between the client risk assessments and audit plans. Notably, the regression results indicate that for the upper quartile sample and the lower quartile sample, all the adjusted R²s are notably higher than those reported above (see Table 6) and range from 0.264 to 0.680 for the upper quartile sample and from 0.296 to 0.521 for the lower quartile sample. On the other hand, the regression results for the middle 50% sample are comparable to those reported in Table 6.

Also, there are some major differences in risk variables that have a significant impact on audit planning decisions between the upper quartile sample and the lower quartile sample. For the upper quartile sample, accounts receivable ratio in the prior year, knowledge of accounting personnel and number of audit differences in the prior year have a significant effect on more audit planning variables (significant for 6, 3 and 5 out of 9 OLS regressions, respectively) than for the lower quartile sample (significant for 0, 1 and 2 out of 9 OLS regressions, respectively). Also, client industry (industry-manufacture and industry-wholesale), profitability and degree of technology innovation have a significant influence on more audit planning decisions (significant for 6, 5, 7 and 3 out of 9 OLS regressions, respectively) for the lower quartile sample than for the upper quartile sample (significant for 4, 1, 0 and 1 out of 9 OLS regressions, respectively).

These findings imply the possibility that Japanese auditors adopt a somewhat different audit strategy depending on engagement size. While some prior studies such as O’Keefe et al. (1994) and Stein et al. (1994) find that audit hours are related to client size in a non-linear way and use the natural log of total assets to consider client size, our findings suggest that further consideration of whether and how engagement size affects audit strategy is a promising issue for future research.

SUMMARY AND CONCLUSIONS

Given economic globalization and the recent trend toward international harmonization of auditing standards and practice, it is important to understand audit practice in various economic environments. In this study, we examine whether audit planning is ‘risk adjusted’ using data from a well-established Japanese audit firm. That is, we investigate whether audit decisions regarding the nature, extent, timing of audit tests and staffing reflect the assessments of various client risks, including a broader set of risks than prior studies to incorporate business risk and fraud risk.

Our main findings are as follows. First, audit plans are based on the assessments of the level of many engagement-level and account-level risks. Although inherent risk and control risk have a positive relationship with various individual risk assessments, they are rarely statistically related to audit planning variables. Similarly, audit plans are statistically related to changes in some engagement-level risks and some account-level risks. Also, changes in inherent risk and control risk influence audit planning, albeit to a limited extent.

Second, there are some significant relationships between some risk factors that comprise business risk and the extent of audit tests, the persuasiveness of audit evidence and the staffing and timing at the account level. Similarly, change in some business risk factors and change in audit planning are significantly related. Third, the number of fraud risk factors that have a statistically significant relationship with audit planning variables is less than that of business risk variables. Finally, we report evidence that auditors may substitute various program planning judgments to address greater risks, e.g., increase the focus on a more persuasive test and reduce the focus on a less persuasive test.

In summary, although audit planning in Japan seems to be based on the assessments of many audit risk variables, the associations between client risks and audit plans are rather modest in terms of adjusted R². In this respect, our findings are consistent with those in prior research (e.g., Mock & Wright, 1993, 1999).

As stated earlier, although on balance one might expect that auditors in Japan are less responsive to client risks than prior studies due to lower litigation, financial, and governance risks, the findings of this study do not support this expectation in that the auditors’ responsiveness to the assessed client risks in terms of adjusted R²s are comparable to those reported in prior research mainly conducted in the US. More specifically, our results show that the risk items that comprise financial risk such as liquidity, profitability and cash flow from operations have a significant influence on audit planning decisions, while the governance-related risks have little impact on audit plans. We also find that client size has some effect on the set of risks that are significantly related to audit planning decisions. Clearly future research is needed to investigate such factors including the environments surrounding audits in different economic settings and to examine their impact on audit practices.

In interpreting our findings, some limitations should be borne in mind. The data are obtained from only one Japanese audit firm. Thus, it may not be appropriate to generalize the results to audit practice of other audit firms in Japan or to audit practice in different economic environments. Also, although the instrument directed respondents to extract the responses from the working papers as much as possible, the possibility that hindsight or inaccurate recall has been introduced into their responses cannot completely be eliminated. Furthermore, the choice (categorization) of risk factors was determined by a review of prior research and auditing standards but may not be comprehensive of all pertinent risks considered by auditors.

Also, in this study, we examine the relationship between the assessments of various client risks and the audit planning decisions without considering the possible effect of audit fees or budget on the auditors’ decisions. We cannot deny the possibility that the size of audit fees or budget has an effect on audit planning decisions. However, given that we have found many significant associations between the risk assessments and the audit plans, we do not believe the effect of audit fees or budget is overriding.

Despite these limitations, this study provides the first empirical data on the effects of auditor risk assessments on audit planning in Japan. It also provides a significant addition to prior archival research on audit planning in that we address all four aspects of audit planning (nature, extent, timing and staffing) and examine a wider variety of client risks. Thus, this study serves as a benchmark for future research which attempts to increase the profession’s understanding of the relationship between audit risk and program plans and which attempts to make a comparison between audit practices in different economic environments.

NOTES

1 See Bedard et al. (1999) for a comprehensive review of this literature.

2 For detailed information about corporate auditors, see Kanda (1998) and the website of the Japanese Corporate Auditors Association: http://www.kansa.or.jp/English/index.html.

3 The literature (e.g., Pratt & Stice, 1994) distinguishes between the client’s business risks (e.g., level of competitiveness in the industry) and the audit firm’s business risk (e.g., litigation and reputation exposure). This study focuses on the relationship between auditors’ assessments of client risks and program planning judgments in keeping with the Audit Risk Model.

4 In Japan, the fiscal year 2001 would typically start on April 1, 2001 and end on March 31, 2002.

5 Japanese auditing standards are comprised of those developed by the Business Accounting Council (BAC) in the Financial Services Agency and those issued by the Auditing Standards Committee of the Japanese Institute of CPAs.

6 BAC revised the auditing standards for the first time in a decade in 2002 partly because it recognized that the Audit Risk Model had not fully pervaded practice (BAC, 2002), although the model was introduced into Japanese auditing standards in 1991. In accordance with the revision, the JICPA released five new statements and revised 15 existing statements in 2002 and 2003. Among these are statements that address ‘Audit risk and audit materiality’ (No. 5, 2002c), ‘Fraud and error’ (No. 10, 2002b) and ‘Understanding of client’s business and its business environment’ (No. 23), that are particularly pertinent to this study. In addition, three statements regarding internal control (No. 4, 1994), audit evidence (No. 7, 1996) and a matter of emphasis (No. 2, 1992) were abandoned and integrated into other statements in 2002 and 2003.

7 See, for example, ‘Understanding of client’s business and its business environment’ (JICPA Statement No. 23, 2002a).

8 The documentation rates do not necessarily indicate the level of consideration given by the auditors to various risk factors. Some risks may not be explicitly documented in the working papers because they are not recognized by auditors or are difficult to measure and describe.

9 Japanese consumers rarely make credit purchases. Thus, retail companies in Japan rarely have a significant amount of accounts receivable.

10 Among the 235 instruments, there were 52 instruments that had one or more missing values in client risk variables and/or audit planning variables as follows:
(a) Seven in 2001 include one missing value
(b) Four in 2001 include more than one missing value
(c) Twenty had one missing value in both 2001 and 2002 and
(d) Twenty-one had more than one missing value in both 2001 and 2002.
In regression analyses presented later, a missing value in the client risk variables (independent variables) is replaced by the mean of the variable for the full sample. When a measure of a dependent variable is missing, the client is excluded from the sample.

11 According to the results of a 2002 survey on the performance evaluation and compensation of officers in Japanese companies conducted by the Japan Management Association, the percentage of the officer’s bonus that is tied to company performance is about 20%. See http://www.jma.or.jp/release/23.html for survey details.

12 The mean ratio of audit hours of partners and managers to total audit hours (35%) may seem very high. We examined the effect of engagement size on this variable. As a result, we found that this variable has a statistically significant correlation with total assets, total revenues and total audit hours at the 1% level. That is, the larger the client size or audit size, the smaller the ratio of audit hours of partners and managers to total audit hours. In addition, we compared the mean ratios of audit hours of partners and managers to total audit hours obtained from sub-samples comprised of engagements where total audit hours are among the upper quartile, the middle 50% or the lower quartile. We found that the mean ratio obtained from the sub-sample of the upper quartile is significantly lower than that obtained from the sub-samples of the middle 50% and the lower quartile at the 1% level. Also, the mean ratio obtained from the sub-sample of the middle 50% is lower than that obtained from the lower quartile, although the difference is not statistically significant. Given that the sample used in this study includes many small clients, the high ratio of audit hours of partners and managers to total audit hours (35%) may have resulted from the audit engagements for smaller clients where the audit team is small and higher levels of staff are required to perform a high proportion of the audit work by themselves.

13 Blay et al. (2004) also adopt the average rating of all evidence weighted using a three-point scale as a measure of persuasiveness of audit evidence.

14 To test the robustness of our findings, presented later, we conducted analyses using alternative weights of 5, 3, 1 and 4, 2, 1 for those tests. The results are not significantly different from those presented except that the effect of the change in implementation of ethical standards on the persuasiveness of audit evidence is not statistically significant when using the alternative weights (see Table 8). Furthermore, when equal weights [1, 1, 1] are used, that is, assuming that the strength of audit evidence obtained from all tests is equal, the results are also the same except that control risk after tests of control and client’s status have a significant effect on persuasiveness whereas the effect of profitability is not significant (see Table 6). Thus the results are robust for nine of the significant variables presented in Tables 6 and 8.

15 We also conducted a factor analysis of the risk variables, which identified nine significant factors. However, regression analyses show that these factors generally are not significantly related to the audit planning variables.

16 To examine whether multicollinearity is a problem we computed VIF scores. All VIFs were less than 3. Therefore, this issue is not significant in this study.

17 The positive relationship found is the result of our transformation of all scales, as discussed earlier, such that higher values represent greater risks. Here, the scale is designed to have a higher value when firm size is smaller.

18 We conducted the same analyses using subsets of the data comprised of clients where there was any change in an audit plan. In these analyses, we employed a tighter stepwise criteria such that variables are entered when the F probability is 0.05 or smaller and removed when the F probability is 0.1 or larger because the number of clients where there is any change in the extent or nature of audit tests is very small (ranging from 15 clients to 69 clients). The results show that for the extent and nature of audit tests, the adjusted R²s are much higher (0.463–0.911) than those presented using the 25% threshold of client risks. This shows that when an auditor changes audit planning, it is often associated with a change in some audit risk assessment.

19 Another effective way to address this issue is to perform seemingly unrelated regressions (SUR) instead of OLS. However, when the independent variables are the same across equations, SUR results are the same as OLS results. Since the independent variables are the same across equations, we do not adopt SUR in this study.

20 We use total audit hours, not client size such as total assets or total revenues, as a criteria to obtain sub-samples because we only have categorical data for client size and cannot obtain sub-samples based on the exact amount of total assets or total revenues.

Appendix

APPENDIX: Description of risk variables

Dependent variables	Scale	Range	Documentation rate (2002)
Extent of confirmations – Customer	Less than normal scope – Normal scope – Greater than normal scope	0–100
Extent of confirmations – Yen	Less than normal scope – Normal scope – Greater than normal scope	0–100
Extent of tests for valuation	Less than normal scope – Normal scope – Greater than normal scope	0–100
Extent of tests for validity of records	Less than normal scope – Normal scope – Greater than normal scope	0–100
Extent of cutoff tests	Less than normal scope – Normal scope – Greater than normal scope	0–100
Timing-A/R	‘Around the B/S date’ audit hours/Total audit hours at A/R level	0–100 (%)
Staffing-A/R	Partner and Manager audit hours/Total audit hours at A/R level	0–100 (%)
Persuasiveness	Confirmations3 + (valuation + validity)/22 + cutoff tests*1	0–600
Independent variables
Business risks
Industry-manufacture	Client’s industry (manufacture = 1, others = 0)	0, 1
Industry-wholesale	Client’s industry (wholesale = 1, others = 0)	0, 1
Total assets_t−1	0–1(5), 1–10(4), 10–100(3), 100–300(2), 300-(1) (billions of yen)	1–5
Total revenues_t−1	0–1(5), 1–10(4), 10–100(3), 100–300(2), 300-(1) (billions of yen)	1–5
Liquidity	Adequate – Inadequate	0–100	81.7%
Profitability	Significantly greater than industry – Significantly less than industry	0–100	73.6%
Cash flow from operations	Extremely strong – Extremely weak	0–100	72.3%
Industry growth	Stable – Rapid growth	0–100	86.0%
Industry decline	Stable – Rapid decline	0–100	86.0%
Level of competition	No competition – Extremely competitive	0–100	81.7%
Degree of technological innovation	Extremely slow – Extremely fast	0–100	50.2%
Fraud risks
Level of general controls	Extremely strong – Extremely weak	0–100	97.4%
Effectiveness of the corporate auditors and board of CA	Extremely effective – Not effective	0–100	77.4%
Mgt’s compensation	Proportion of mgt’s compensation that is tied to financial performance	0–100 (%)	25.5%
Aggressiveness of forecasts	Highly conservative – Neutral – Highly aggressive	0–100	56.6%
Adequacy of monitoring of significant controls	Adequate – Inadequate	0–100	88.1%
Implementation of the value and ethical stds by mgt	Effective – Ineffective	0–100	58.7%
Other engagement-level risks
A/R ratio_t−1	Accounts receivable / Total assets (0–10% (1) – 90–100% (10))	1–10
Level of knowledge of the entity’s accounting staff	Extremely high – Extremely low	0–100	60.9%
General attitude of accounting personnel	Very conscientious – Not conscientious	0–100	69.8%
Change in information system	No change – Significant change	0–100	83.8%
Mgt’s aggressiveness	Extremely conservative – Extremely aggressive	0–100	57.0%
Level of mgt’s turnover	No turnover – Extremely high	0–100	72.3%
Client’s status	Public company = 0, Private company = 1	0, 1
Account-level risks
Degree of judgment relating to A/R	Little or no judgment – Significant judgment	0–100	88.5%
Degree of complexity of entries	Not complex – Highly complex	0–100	72.8%
Number of unusual transactions	None – Many	0–100	61.3%
Number of audit differences_t−1	None – Many	0–100	74.0%
Material audit differences_t−1	Existed = 1, Not existed = 0	0, 1
Assertion-level risks
IR re. existence of A/R	Low – High	0–100	87.2%
IR re. valuation of A/R	Low – High	0–100	83.0%
CR before tests of control	Low – High	0–100	94.9%
CR after tests of control	Low – High	0–100	94.9%

REFERENCES

American Institute of Certified Public Accountants (AICPA) (1980), Evidential matter: SAS No. 31. New York: AICPA.
Google Scholar
American Institute of Certified Public Accountants (AICPA) (1984), Audit risk and materiality in conducting an audit: SAS No. 47. New York: AICPA.
Google Scholar
American Institute of Certified Public Accountants (AICPA) (1997), Consideration of fraud in a financial statement audit: SAS No. 82. New York: AICPA.
Google Scholar
American Institute of Certified Public Accountants (AICPA) (2002), Consideration of fraud in a financial statement audit: SAS No. 99. New York: AICPA.
Google Scholar
Arens, A., Elder, R. & Beasley, M. (2003), Auditing and Assurance Services: An Integrated Approach, 9th edn. Upper Saddle River, NJ: Prentice Hall.
Google Scholar
Bedard, J. (1989), ‘Archival investigation of audit program planning’. Auditing: A Journal of Practice & Theory (Fall): 57–71.
Web of Science® Google Scholar
Bedard, J. & Johnstone, K. (2004), ‘Earnings manipulation risk, corporate governance risk, and auditors’ planning and pricing decisions. The Accounting Review (April): 277–304.
10.2308/accr.2004.79.2.277
Web of Science® Google Scholar
Bedard, J., Mock, T. & Wright, A. (1999), ‘Evidential planning in auditing: A review of the empirical research. Journal of Accounting Literature: 96–142.
Google Scholar
Bell, T., Marrs, F., Solomon, I. & Thomas, H. (1997), The KPMG Business Measurement Process. New York: KPMG.
Google Scholar
Bell, T., Peecher, M. & Solomon, I. (2005), The 21st Century Public Company Audit: Conceptual Elements of KPMG’s Global Audit Methodology. New York: KPMG International.
Google Scholar
Blay, A. D., Kizirian, T. & Sneathen, L. D. Jr. (2004), The effect of fraud and going-concern risk on auditors’ assessments of the risk of material misstatement and resulting audit procedures. Working paper, University of California, Riverside.
Google Scholar
Blokdjik, H., Drieenhuizen, F., Simunic, D. A. & Stein, M. T. (2006), ‘An analysis of cross-sectional differences in Big and Non-Big public accounting firms’ audit programs’. Auditing: A Journal of Practice & Theory (May): 27–48.
10.2308/aud.2006.25.1.27
Web of Science® Google Scholar
Business Accounting Council (BAC) (2002), Kansa kijun no kaitei ni kansuru ikensho [Opinion concerning revision of the auditing standards]. BAC.
Google Scholar
De Martinis, M. (2005), The influence of the external auditor’s intra-audit and inter-audit risk assessments on audit production outcomes. Paper presented at the International Symposium on Audit Research, June 30 and July 1, 2005, Singapore.
Google Scholar
Fukukawa, H., Mock, T. J. & Wright, A. (2005), Client risk factors and audit resource allocation decisions. Paper presented at the 2005 American Accounting Association Annual Meeting, August 7–10, San Francisco, California.
Google Scholar
Ge, W. & McVay, S. (2005), ‘The disclosure of material weaknesses in internal control after the Sarbanes-Oxley Act. Accounting Horizons (September): 137–58.
10.2308/acch.2005.19.3.137
Google Scholar
Ginsburg, T. & Hoetker, G. (2004), The unreluctant litigant? An empirical analysis of Japan’s turn to litigation. Working paper, University of Illinois College of Law.
Google Scholar
Hackenbrack, K. & Knechel, W. R. (1997), ‘Resource allocation decisions in audit engagements. Contemporary Accounting Research (Fall): 481–99.
10.1111/j.1911-3846.1997.tb00537.x
Google Scholar
Hoshi, T., Kashyap, A. & Scharfstein, D. (1991), ‘Corporate structure, liquidity, and investment: Evidence from Japanese industrial groups. Quarterly Journal of Economics (February): 33–60.
10.2307/2937905
Web of Science® Google Scholar
International Auditing and Assurance Standards Board (IAASB) (2003a), Objective and Principles Governing an Audit of Financial Statements: ISA 200 (revised). New York: IAASB.
Google Scholar
International Auditing and Assurance Standards Board (IAASB) (2003b), The Auditor’s Procedures in Response to Assessed Risks: ISA 330. New York: IAASB.
Google Scholar
International Auditing and Assurance Standards Board (IAASB) (2003c), Audit Evidence: ISA 500 (revised). New York: IAASB.
Google Scholar
Japan Corporate Auditors Association (2003), ‘Kigyo fushoji bousi to kansayaku no yakuwari: shacho ankeito kekka no gaiyou houkoku’ [Report on the results of the questionnaire survey regarding prevention of corporate fraud and the role of corporate auditors]. Kansayaku ( 477): 20–28.
Google Scholar
Japanese Institute of Certified Public Accountants (JICPA) (1992), Tokiki jikou [A matter of emphasis]: Statement No. 2. JICPA.
Google Scholar
Japanese Institute of Certified Public Accountants (JICPA) (1994), Naibu tousei [Internal control]: Statement No. 4. JICPA.
Google Scholar
Japanese Institute of Certified Public Accountants (JICPA) (1996), Jubun na kansa shoko [Sufficient audit evidence]: Statement No. 7. JICPA.
Google Scholar
Japanese Institute of Certified Public Accountants (JICPA) (2002a), Kigyo no jigyo naiyo oyobi kigyo naigai no keiei kankyo no rikai [Understanding of client’s business and its business environment]: Statement No. 23. JICPA.
Google Scholar
Japanese Institute of Certified Public Accountants (JICPA) (2002b), Fusei oyobi gobyu [Fraud and error]: Statement No. 10 (revised). JICPA.
Google Scholar
Japanese Institute of Certified Public Accountants (JICPA) (2002c), Kansa risuku to kansajo no juyosei [Audit risk and audit materiality]: Statement No. 5 (revised). JICPA.
Google Scholar
Johnstone, K. M. (2000), ‘Client-acceptance decisions: simultaneous effects of client business risk, audit risk, auditor business risk, and risk adaptation. Auditing: A Journal of Practice & Theory (Spring): 1–25.
10.2308/aud.2000.19.1.1
Web of Science® Google Scholar
Kanda, H. (1998), Comparative Corporate Governance – Country Report: Japan. In K. J. Hopt, H. Kanda, M. J. Roe, E. Wymeersch & S. Prigge (eds) Comparative Corporate Governance – The State of the Art and Emerging Research. New York: 921–42.
Google Scholar
Lemon, W., Tatum, K., & Turley, W. (2000), Developments in the audit methodologies of large accounting firms. Caxton Hill, Harford: Stephen Austin & Sons Ltd.
Google Scholar
Mock, T. & Turner, J. (2005), ‘Auditor identification of fraud risk factors and their impact on audit programs. International Journal of Auditing (March): 59–77.
10.1111/j.1099-1123.2005.00102.x
Google Scholar
Mock, T. & Wright, A. (1993), ‘An exploratory study of auditor evidential planning. Auditing: A Journal of Practice & Theory (Fall): 39–61.
Google Scholar
Mock, T. & Wright, A. (1999), ‘Are audit program plans risk-adjusted? Auditing: A Journal of Practice & Theory (Spring): 55–74.
10.2308/aud.1999.18.1.55
Web of Science® Google Scholar
O’Keefe, T. B., Simunic, D. A. & Stein, M. T. (1994), ‘The production of audit services: evidence from a major public accounting firm. Journal of Accounting Research (Autumn): 241–61.
10.2307/2491284
Web of Science® Google Scholar
Pratt, J. & Stice, J. (1994), ‘The effects of client characteristics on auditor litigation risk judgments, required audit evidence, and recommended audit fees. The Accounting Review (October): 639–56.
Web of Science® Google Scholar
Quadackers, L., Mock, T. & Maijoor, S. (1996), ‘Audit risk and audit programs: Archival evidence from four Dutch audit firms. The European Accounting Review: 217–37.
10.1080/09638189600000014
Google Scholar
Stein, M. T., Simunic, D. A. & O’Keefe, T. B. (1994), ‘Industry differences in the production of audit services. Auditing: A Journal of Practice & Theory (Supplement): 128–42.
Google Scholar
Suzuki, S. & Wright, R. W. (1985), ‘Financial structure and bankruptcy risk in Japanese companies. Journal of International Business Studies (Spring): 97–110.
10.1057/palgrave.jibs.8490444
CAS Web of Science® Google Scholar
Weil, J. (2004), ‘Behind wave of corporate fraud: A change in how auditors work. Wall Street Journal, March 25.
Google Scholar
Wingate, M. L. (1997), ‘An examination of cultural influence on audit environments. Research in Accounting Regulation (Supplement 1): 129–48.
Google Scholar
Winograd, B., Gerson, J. & Berlin, B. (2000), ‘Audit practices of PricewaterhouseCoopers. Auditing: A Journal of Practice & Theory (Fall): 175–82.
Web of Science® Google Scholar
Wollschläger, C. (1997), Historical trends of civil litigation in Japan, Arizona, Sweden and Germany: Japanese legal culture in light of judicial statistics. In H. Baum (ed.), Japan: Economic Success and Legal System. New York: 89–142.
Google Scholar

AUTHOR PROFILES

Hironori Fukukawa is an Associate Professor of Accounting at Nagasaki University. He earned his Ph.D at Hitotsubashi University. His research interests are in the auditor judgment and audit planning areas.

Theodore J. (Ted) Mock is the Arthur Andersen Alumni Professor of Accounting at the University of Southern California and Professor of Auditing Research at Maastricht University in the Netherlands. His research interests lie primarily in the areas of audit judgment and evidential reasoning. His AICPA research monograph with J. Turner on internal control evaluation was awarded the American Accounting Association (AAA) Wildman Award. In 2003 he received the Outstanding Auditing Educator award of the AAA Auditing Section. Professor Mock’s training includes degrees in mathematics and finance from The Ohio State University and a doctorate from The University of California, Berkeley. He has served many positions within the AAA including editor of Auditing: A Journal of Practice & Theory, Director of Research, and President of the Auditing Section.

Arnold Wright is the Andersen Professor of Accounting at Boston College. His research interests are in the judgment and decision-making area. He was the editor of Auditing: A Journal of Practice & Theory and served the Auditing Section in a number of capacities, including President and Historian. He received the Joint AICPA/AAA Collaboration Award and the Auditing Section’s Notable Contribution to the Auditing Literature Award for his monograph (co-edited with Dr Tim Bell) entitled “Auditing Practice, Research and Education: A Productive Collaboration”.

Citing Literature

Volume10, Issue1

March 2006

Pages 41-65

Audit Programs and Audit Risk: A Study of Japanese Practice

Abstract

SUMMARY