52 International Journal of Enterprise Information Systems, 8(2), 52-63, April-June 2012 Copyright © 2012, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited. Copyright © 2012, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited. Keywords: Audit Risk, Computer Crime and Security, Control Risks, Detection Risk, Information Technology (IT) Fraud, Inherent Risks INTRODUCTION Enron, the USA’s largest energy company, collapsed as the largest corporate failure in US history in 2001. The role of Arthur An- dersen in this event dented the public trust on the accounting and auditing profession and financial reporting practices. In response to the collapses, enormous efforts have concentrated on rebuilding investors and the public trusts. The Sarbanes-Oxley (SOX) Act of 2002, also known as the Public Company Accounting Reform and Investor Protection Act, was a US federal law in response to the corporate and accounting scandals. The Act establishes a new quasi-public agency, the Public Company Ac- counting Oversight Board (PCAOB) which is charged with overseeing, regulating, inspecting, and disciplining accounting firms in their roles as auditors of public companies. The Act also covers issues such as auditor independence, corporate governance, internal control assess- ment, and enhanced financial disclosure. The legislation is wide-ranging and establishes Improvements in Audit Risks Related to Information Technology Frauds Saeed Askary, Abu Dhabi University, UAE David Goodwin, University of Wollongong in Dubai, UAE Roman Lanis, University of Technology, Sydney, Australia ABSTRACT In this paper, the authors examine how different types of fraud in most Information Technology (IT) environments affect an audit risk model from 2001 through 2008. Variations in IT fraud are questionable for determining the audit risks that affect audit quality and report. The data sources in this study came from the Computer Crime and Security Survey report (CSI) 2008. By relating different IT fraud to audit risk components through trend analysis in IT fraud improvements from 2001 to 2008, the authors measured declined percentages for control risks, inherent risks, and detection risks. They found that an improvement in control risks has been achieved up to 52.80%, 43% for detection risks, and 14% for inherent risks. An overall improvement in audit risk is 47.5%, which is a considerable development in audit quality. The study shows that progress in detecting IT fraud positively reduced audit risks and has signifcantly increased the audit quality since 2001. DOI: 10.4018/jeis.2012040104