BLOGSolved CHAPTER 4 PAGE 126 RISK ASSESSMENT II APPLYING THE AUDIT RISK Auditing ACC00130

Risk elements are inherent risk, control risk, acceptable audit risk, and detection risk. An audit risk model is a conceptual tool applied by auditors to evaluate and manage the various risks arising from performing an audit engagement. The tool helps the auditor decide on the types of evidence and how much is needed for each relevant assertion. Because audit sampling for tests of details of balances measures monetary misstatements, a misstatement exists whenever a sample item is misstated. Conversely, where the auditor believes the inherent and control risks of engagement to below, detection risk is allowed to be set at a relatively higher level. Control Risk is the risk of a material misstatement in the financial statements arising due to the absence or failure in the operation of relevant controls of the entity.

• First upper and lower misstatement bounds are calculated separately for overstatement and understatement amounts.
• The auditor must set these percentages based on professional judgment in the circumstances.
• Client is putting the auditor under undue time pressure resulting in the audit being rushed and misstatements possibly going undetected.
• Inherent risk is the susceptibility of an account balance or class of transactions to material misstatement, assuming there are no related controls.
• When misstatements are expected, the total dollar amount of expected population misstatements is estimated and then expressed as a percent of the population recorded value.
• The audit risk model is the framework used by audit firms to manage different types of audit risk.

We perform these basic procedures whether controls are good or weak. But we would add—when controls are weak and might allow theft—extended substantive procedures such as testing accounts receivable adjustments. ARIR is the statistical risk that the auditor has concluded that a population is materially misstated when it is not. This causes the auditor to perform more audit work than should be necessary.

Dual-Purpose Samples

Inherent risk is also greater when accounting transactions are complex or involve a high degree of judgment. Inherent risk is not always easy to spot, particularly compared to the other main two audit risks, and increases substantially in business sectors where transactions are open to a substantial amount of judgment and approximation. These risks are important to take into account as they can drastically mislead investors and are generally best combatted by getting several qualified auditors to go over the books. Help auditor to identify risks of material misstatement due to fraud. Balances or disclosure to a misstatement that could be material, before consideration of any related internal controls.

Since this is seldom the case, the basic concept of sampling is well established in auditing practice. For purposes of the example in the test, the objective is to determine whether accounts receivable is materially misstated. The preliminary judgment about materiality is normally the basis for the tolerable misstatement amount used. When there were no misstatements in the sample, an assumption was required as to the average percent of misstatement for the population items misstated.

Understanding the Risk Environment

It’s the chance that an entity’s internal controls will not prevent or detect material misstatements in a timely manner. Audit risks includes factors that can cause a misstatement, error or omission in the financial statements this is directly related to the auditor. Business risks relate to the company itself, including stakeholders.

Sampling, as defined in this section, applies to such tests of controls. By using statistical theory, the auditor can quantify sampling risk to assist himself in limiting it to a level he considers acceptable. However, statistical sampling involves additional costs of training auditors, designing individual samples to meet the statistical requirements, and selecting the items to be examined. Because either nonstatistical or statistical sampling can provide sufficient evidential matter, the auditor chooses between them after considering their relative cost and effectiveness in the circumstances. Suppose you assess control risk at high for all billing and collection cycle assertions and plan to use a fully substantive approach. Now, consider two scenarios, one where the entity has weak controls, and another where controls are strong.

Risk at High: Weak Controls

An explanation of why this creates a audit risk model, e.g. the audit firm has no cumulative knowledge and experience of the company. Therefore, any unusual fluctuation in the profitability ratios could mean the figures are materially misstated. Identify and assess aspects of the entity of which the auditor was unaware. For this reason, ISA 320 introduces the concept of performance materiality. In the exam, use the lowest end of the range for assessing whether a misstatement is material. If the misstatement is greater than ½% revenue/5% of profit before tax /1% total assets, assume it is material. The auditor’s plans to test the operating effectiveness of controls.

The point estimate is a direct extrapolation from the misstatements in the sample to the misstatements in the population. For confirmations, a misstatement is the difference between the confirmation response and the client’s balance after the reconciliation of all timing differences and customer errors.

Importance of Audit Risk

Professional scepticism is necessary for the critical assessment of audit evidence gathered when performing the risk assessment procedures. Inherent and Control risk related to client-based conditions, therefore cannot be controlled b the auditor. Auditor’s job is to assess these level of risks but cannot change their level. The auditor should make a preliminary assessment of control risk and should plan and perform tests of control to support that assessment. Use professional judgement to assess audit risk and to design audit procedures to ensure it is reduced to an acceptably low level. To reiterate, not all risk is avoidable, but most aspects of risk can be managed.

• 4Random-based selection includes, for example, random sampling, stratified random sampling, sampling with probability proportional to size, and systematic sampling with one or more random starts.
• Auditors can reduce detection risk by increasing the number of sampled transactions for detailed testing.
• Risk that auditor’s conclusion drawn from the results of a sample test is different from the conclusion that would have been drawn had the whole population been tested.
• Inherent risk is the risk that a client’s financial statements are susceptible to material misstatements in the absence of any internal controls to guard against such misstatement.
• Where the auditor’s assessment of inherent and control risk is high, the detection risk is set at a lower level to keep the audit risk at an acceptable level.
• Inherent risk relates to client specific factors i.e. profit misstated for directors to achieve profit drive bonus or risk that receivables & inventory overvalued.

Assess which analytical procedure you believe to be the most effective at evaluating audit risk for a given audit client. Data analytics may be used to perform analytical procedures for example using software to extract data from the client’s information system to perform a comparison of actual recorded amounts to budgeted amounts.