I've heard that the Increase quotas user right is a high-risk right, so as an IT auditor, I include it in the scope of my reviews. But I have trouble explaining what the right provides and its risk. Can you help me?

Increase quotas has nothing to do with user disk space quotas—rather, it applies to processor quotas, which administrators use to fine-tune a system. The risk, which is actually low, is basically one of Denial of Service (DoS). A malicious user who acquires this right might use it to tamper with the processor quota of one or more processes on the system and deny important processes execution time from the CPU.