Summary Auditing a Practical Approach - Chapter 4-6 PDF

Preview

Summary

chapter 4-6...

Description

Chapter 4 – Audit Risk 4.1 – Audit Risk Audit risk: that auditor expresses an inappropriate audit opinion when the F/S are materially misstated - Impossible to fully eliminate, aim to reduce to acceptably low level – b/c sampling and judgment o Measure willingness to accept that the F/S may be materially misstated even though a proper audit was done  SELECT RISK LEVEL o To minimize Audit risk  1. ID accounts and assertions most at risk of material misstatement – Assertions (recognition, measurement, presentation of F/S line items), risk (fraud, related parties, complex transactions, subjective estimates)  2. Test of controls (control risk)  3. Detailed testing on required accounts (IR and CR) o Decision based on the following factors:    

Nature of users Degree of reliance on F/S Likelihood of financial difficulties, financial stability Management integrity

The Audit Risk Model and its Components 1. Inherent Risk Assessment: Inherent risk: possibility that a material misstatement could occur before considering internal controls -

-

Identify client characteristics that place F/S at RMM Consider factors: type of products/services offered, the size and complexity of the organization, the experience and knowledge level of EE, the pressures on management to meet earning targets, the extent of errors found in previous audits, and the accounting policies selected. Higher IR: e.g. significant # of transactions or valuable assets – more susceptible to thef o E.g. geographically dispersed, more complex, foreign exchange txns o o o

E.g. first time audit – higher IR; misstatements in past but repeat client E.g. significant staff turnover, learning curve – higher IR than stable E.g. new product being offered

-

Inherent risk is particularly high because the entity is operating in a highly regularized sector and has a complex network of related entities which could be misrepresented in the F/S in the absence of relevant financial controls. The first audit assignment is also inherently risky as the firm has relatively less understanding of the entity and its environment. The inherent risk is high

-

F/S level - nature of biz, industry, any previous experience w/ client, competitive environment, current economic environment, technological obsolescence risk, and level of gov’t regulation o E.g. New computer, no adequate training, risk of errors when preparing F/S Assertion level – for classes of transactions, account balances, and disclosures.

-

o o

E.g. use inappropriate exchange rate at date of transactions RMM at assertion level = Inherent risk + control risk

Assertions: a statement made by management regarding the recognition, measurement, presentation, and disclosure of items included in the financial statements and notes. For EACH account - Assertions help guide the testing conducted by an auditor - E.g. Sells high value goods – spend time testing existence of recorded inventory Significant risk: an identified/assessed RMM (auditor's judgment), requires special audit consideration - involves fraud - is related to significant economic or accounting developments - involves complex transactions - involves significant related party transactions - involves significant subjectivity in measurement of financial information - involves significant transactions outside the client's normal course of business 2. Evaluation of internal controls (control risk) Control risk: risk that a client's internal controls system will not prevent/detect a material misstatement Whether controls in place minimize (prevent/detect) the RMM in F/S for each account and related assertion that auditor has identified as high risk Controls designed to limit risk are in place and effective Must understand controls (organization’s attitude towards controls and procedures)  effective, CR assessed lower  auditor plan to rely on control, perform less detailed audit work If high CR, controls ineffective  auditor do min work required on controls, more detailed work o Control risk involved in the audit also appears to be high since the company does not o

-

have proper oversight by a competent audit committee of financial aspects of the organization. The company also lacks an internal audit department which is a key control especially in a highly regulated environment. The control risk for the audit is high.

3. Detailed testing of each identified account to extent necessary (detection risk) - Detection risk: the risk that auditors’ procedures will not be effective in detecting a material misstatement should there be one - Depend on riskiness of account, related assertion, deemed effectiveness of internal controls - Only element of AR model that auditor can influence by doing more/less substantive work

Audit Risk=Inherent Risk ×Control Risk × Dectection Risk Risk of material misstatement (RMM) -

Acceptable AR for F/S set at beginning of audit IR and CR assessed  auditor determines acceptable level of DR

Audit Risk =

Inherent Risk

Control Risk

Detection Risk

HIGH -

HIGH

LOW

Increase level of reliance on detailed substantive procedures E.g. High-end clothing store: IR (clothing stolen, not removed from books), CR (inadequate security)  spend time checking inventory E.g. Importer: IR (foreign currency), CR (inexperienced clerical staff) LOW LOW HIGH Extensive substantive testing not required E.g. Client sells mud bricks: IR (inventory heavy, difficult to move), CR (security working)  spend little time checking recorded bricks exist E.g. off-the-shelf computer program: IR (accurately recorded purchase), CR (limited to authorized personnel, program not tampered with)

Quantification of the Audit Risk Model DR= -

AR AR = IR ×CR RMM AR: willing to accept...