Subject The article deals with the issues of audit methodology that includes an algorithm for conducting a risk assessment procedure, a set of planned audit procedures in the areas of significant risk, and methods for evaluating audit evidence. Objectives The article aims to improve auditing techniques by developing a compliance audit model, compliance risk assessment procedures, and recommendations on the selection of audit procedures, and the establishment of a risk-based audit plan. Methods The study is based on the application of methods of analysis and generalization, classification, modeling, risk assessment, and audit planning. Results The article examines and summarizes the methodological approaches for conducting audits in the light of the compliance risk assessment, and it proposes phases for the verification and operation of the compliance system, approaches to justifying the choice of nature, length and time frame of detailed audit procedures and the tests to evaluate the audit evidence obtained. The article proposes certain procedures for obtaining audit evidence based on the results of a risk assessment along the following lines: control environment, control, risk assessment by auditee, information system, monitoring. Conclusions and Relevance The proposed methodological tools are consistent with the requirements of international audit standards, and they offer best-of-breed solutions to the planning and organization of the audit process in the context of significant compliance risk. The methodology developed is proposed to be used as a methodological tool for the activities of audit organizations during the verification of audited entities with an internal compliance audit system, public organizations, and also when providing expert diagnostic services.
Keywords: compliance, internal control system, fraud, audit risk, audit procedure
References:
Arens A.A., Loebbecke J.K. Audit [Audit]. Moscow, Finansy i Statistika Publ., 1995, 560 p.
Mel'nik M.V. [Evolution of the control function in the conditions of innovative economy]. Innovatsionnoe razvitie ekonomiki = Innovative Development of Economy, 2011, no. 6, pp. 5–9. (In Russ.)
Sitnov A.A. [Operational audit and its data domain]. Audit i finansovyi analiz = Audit and Financial Analysis, 2007, no. 2, pp. 146–153. (In Russ.)
Malitskaya V.B., Chirkova M.B. [Current understanding of auditing and its conceptual content]. Vestnik Voronezhskogo gosudarstvennogo agrarnogo universiteta = Vestnik of Voronezh State Agrarian University, 2013, no. 2, pp. 313–319. (In Russ.)
Bogataya I.N., Kizilov A.N. [Exploring the nature of business auditing and the methodological approach to structuring its objects]. Sovremennye problemy nauki i obrazovaniya, 2015, no. 1-1, p. 549. (In Russ.) URL: Link
Belov D.S. [Role of GR subdivisions in regulative risks management during the period of the crisis]. Vestnik Moskovskogo universiteta. Seriya 12: Politicheskie nauki, 2009, no. 5, pp. 41–46. (In Russ.)
Silakova V.V. [Compliance in the system of risk management of continuous production]. Ekonomika i upravlenie: problemy, resheniya, 2015, no. 9, pp. 96–104. (In Russ.)
Kerimov V.E. [The organization of risk management based on the “compliance-control”]. Ekonomika i upravlenie: problemy, resheniya, 2014, no. 3(27), pp. 42–46. (In Russ.)
Kozlov D.N., Yudenkov Yu.N. [Control of regulatory risks]. Vnutrennii kontrol' v kreditnoi organizatsii = Internal Control in a Credit Institution, 2014, no. 3. (In Russ.)
Yakimova V.A. [Compliance risks entity: essence, classification and evaluation methods]. Audit i finansovyi analiz = Audit and Financial Analysis, 2017, no. 2, pp. 155–161. (In Russ.)
Sungatullina R.N., Gogoleva O.L. [Identification of the risks of material misstatement of the facts of economic life in the evaluation of the internal control system]. Auditor, 2014, no. 12, pp. 38–49. (In Russ.)
Kochinev Yu.Yu., Vinogradova O.I. [Identification of the facts and the evidence obtained unscrupulous entity]. Auditor, 2015, no. 1-2, pp. 32–39. (In Russ.)
Massarygina V.F. [On methodology of the auditor's risk assessment]. Auditor, 2014, no. 9, pp. 18–23. (In Russ.)
Bychkova S.M., Itygilova E.Yu. [Audit risk of non-detection of material misstatement of financial statements]. Bukhgalterskii uchet = Accounting, 2011, no. 3, pp. 112–113. (In Russ.)
Kas'yanova S.A. [Audit of the facts of fraud at transactions under the purchase and sale contract]. Sfera uslug: innovatsii i kachestvo, 2012, no. 6, p. 10. URL: Link (In Russ.)
Arzhenovskii S.V., Bakhteev A.V. [Ways to organize an audit to reduce the risk of fraud]. Novoe slovo v nauke: perspektivy razvitiya, 2016, no. 3(9), pp. 153–155. (In Russ.)
Pankova S.V., Yakimova V.A. [About essence of the concept “audit evidence”]. Vestnik Orenburgskogo gosudarstvennogo universiteta = Bulletin of Orenburg State University, 2014, no. 4, pp. 10–15. URL: Link (In Russ.)
Kuznetsova A.I., Bunevich K.G. [Audit methods for detection financial violations]. Vestnik Moskovskogo universiteta im. S.Yu. Vitte. Seriya 1: Ekonomika i upravlenie, 2015, no. 4(15), pp. 37–41. URL: Link (In Russ.)
Martynov S., Novikov A. Otsenka riskov khishchenii kak aktual'noe napravlenie v bezopasnosti biznesa [Evaluation of the risk of theft as a topical direction in business security]. Moscow, ACFE Publ., 2013, 23 p.
