Internal Control Weaknesses and Client Risk Management
55 Pages Posted: 8 Dec 2008 Last revised: 16 Dec 2009
Date Written: December 8, 2008
We study auditors' client risk management in the first year of SOX 404 implementation, and find that there exists a pecking order among auditors' strategies to manage control risk resulting from internal control weaknesses. We first examine the relations between internal control weaknesses and audit fee, audit fee increase, modified opinion, and auditor resignation, respectively, and establish that these are viable strategies to manage control risk on a stand-alone basis. When we investigate these strategies simultaneously, descriptive evidence suggests that there exists a pecking order among auditors' client risk management strategies. Our ordered logit analyses document that, as the clients' control risk increases, auditors are likely to respond in the order of audit fee adjustments, modified opinions, and auditor resignations. We further create an index based on the severity of auditors' responses, and find that the degree of control risk is positively correlated with this auditor response index. Our comprehensive evidence suggests that auditors use an array of ordered strategies to manage client-related control risk.
Keywords: Internal control weaknesses, Client risk management, Audit fee and audit opinion, Auditor resignation
JEL Classification: M49, G38
Suggested Citation: Suggested Citation