Chapter 6
Building the Fraud Audit Program
Historically, the response to fraud risk consisted of control testing or an overview of financial statement development procedures. This approach relied on the auditor's awareness of red flags indicating fraudulent activity. The standards traditionally addressed the need for professional skepticism in responding to the fraud risk. It could be said that these standards were enacted with the sole purpose of addressing the issue of fraud. Consequently, the audit profession was left with ambiguity concerning how to actually respond to fraud risk because such standards are not specific about providing a methodology for uncovering fraud in core business systems. Undoubtedly, to dispel this ambiguity, the response to the risk of fraud requires a methodology specifically designed for fraud risk. Imposing such a requirement is not to speak disapprovingly about the use of professional skepticism with regard to fraud risk; however, it should be pointed out that the mere tacking on of an undefined degree or direction of skepticism when reviewing controls during an audit lacks any manner of an effective methodology in responding to fraud.
Traditional Audit versus the Fraud Audit
Considering that the traditional audit and the fraud audit both involve the exercise of auditing, there are similarities between the two. These similarities can be summarized as follows:
- The four phases of an audit are planning, sampling, testing, and reporting.
- The use of ...
