(The) assessment and change analysis of control risk using case-based reasoning

Abstract

Information Technology and the internet have been major drivers for the changes in all aspects of the business processes and activities. They have brought major changes to the financial statements audit environment as well, which in turn has required modifications in audit procedures. There exist, however, certain difficulties with current audit procedures especially for the assessment of the level of control risk. This assessment is primarily based on the auditors`` professional judgment and experiences, not based on the objective rules or criteria. To overcome these difficulties, this paper proposes a prototype decision support model named CRAS-CBR using case based reasoning to support auditors in making their professional judgment on the assessment of the level of control risk of the general accounting system in the manufacturing industry. To validate the performance, comparison is made between the proposed model with benchmark models in terms of classification accuracy for the level of control risk. The experimental results showed CRAS-CBR outperforms the statistical model (MDA) and staff auditor performance in average hit ratio. In addition, internal control questionnaire underlying CRAS-CBR model is applied to examine and analyze the changes in the level of internal controls of Korean companies before and after the economic crisis. This examination demonstrates the average level of internal controls of major Korean companies has noticeably improved during the last five years. Among internal control categories, "Risk Assessment" is the most improved area since the economic crisis. "Overall Monitoring", the management``s monitoring of business performance, is the best developed area, while "IT Monitoring Control", the management``s monitoring of IT performance, is the least developed area in 2002. The level of "IT Function and Organization" is surveyed as relatively high. The general level of control practices of Korean companies has improved, but still app...