3 - audit risk

Question 1

what are the objectives of an audit?

Answer 1

for auditor to obtain reasonable assurance about whether financial statements as whole are free from material misstatement, whether due to fraud or error.

Question 2

what is reasonable assurance?

Answer 2

obtained when auditor has obtained sufficient appropriate audit evidence to reduce audit risk to acceptably low level.

Question 3

what are the components of audit risk?

Answer 3

audit risk = inherent risk + control risk + detection risk

Question 4

define audit risk

Answer 4

risk that the auditor gives inappropriate opinion when in fact financial statements are materially misstated

Question 5

what is inherent risk?

Answer 5

the susceptibility of an assertion to a misstatement, that could be material, assuming there are no related controls.

Question 6

what is control risk?

Answer 6

risk that misstatement could occur in an assertion and will not be detected/prevented and corrected on timely basis by entity’s internal control.

Question 7

what is detection risk?

Answer 7

risk that auditor will not detect misstatement that exists in an assertion that could be material. detection risk if a function of effectiveness of audit procedure and of its application by auditor.

Question 8

what parts of audit risk are in or out of the auditor’s control?

Answer 8

control and detection risk under auditor’s control

inherent risk is not

Question 9

how can detection risk be controlled and managed?

Answer 9

adequate planning

proper assignment of personnel to the engagement team

the application of professional scepticism

supervision and review of the audit work performed.

Question 10

what is engagement risk?

Answer 10

risk to auditor of inadequate resources for conducting audit (manifested in higher detection risk). may arise from competitve tendering, IR factors not known to potential auditors when tendering. particularly high if auditor is unaware of management deficiencies an/or pressures on themselves. minimise through pre-acceptance procedures, checking: potential client engaged in legit activities, background of directors and senior mgrs, potential ethical issues.

Question 11

what is independence in fact risk?

Answer 11

risk that auditors fail to report material misstatements in financial statements even though detected by procedures. failure of auditor independence.

Question 12

what is business risk?

Answer 12

risk to achievement of client’s objectives. most business risks will eventually have financial consequences. can heighten risk of material misstatement. therefore, to minimise risk auditor needs to be aware of developments in clients business environment and assess possible consequences for audit risk.

Question 13

how can risk be assessed in an audit?

Answer 13

ISA 315 covers assessment of risk of material misstatement through understanding entity and its environment. in summary, audit planning sits within the assessment of a range of risks.

Question 14

what is the business risk approach to audit?

Answer 14

incorporates greater emphasis on business risk than the traditional inherent risk approach

widely used by big audit firms since they see it as: improving basic audit of financial statements and enhancing appreciation of what is the true and fair view; making audit more efficient and therefore more profitable; expanding potential for adding value

advances in IT have resulted in company records becoming inherently more reliable, leaving more scope for audit effort to be devoted to high level assessment. however this type of work is more demanding on the time of senior audit personnel - harder to routinise, so potentially more expensive.

Question 15

how can auditor manage the audit process?

Answer 15

auditor needs to balance two objectives: audit quality, meeting legal and regulatory requirements and reducing audit risk (more work); while making a profit through their work (not overworking).

key judgements in managing the audit: risk assessment and allocating resources to gathering and assessing evidence

range of personnel available with different levels of experience (partners, managers, seniors and assistants) - who is most appropriate (considering opportunity costs) to do what task? how much of their time should be allocated to the task?

Question 16

what is the first part of the audit process?

Answer 16

terms of engagement agreed before commencement of audit - usually dealt with in a letter.

Question 17

what are the contents of the engagement letter as in ISA 210?

Answer 17

objectives and scope of audit - true and fair view of accounts under applicable reporting framework

reponsibilities of auditors

responsibilities of directors - accounts prep, maintenance of internal controls, absence of fraud and error, free access to records and staff.

audit report - expected form and content of any report

fees - details of how fees are calculated, based on time spent by various members of the audit team, their experience, responsibility and skill

client needs to confirm acceptance of terms, usually by returning signed copy of engagement letter

Question 18

what must an auditor do before accepting nomination as auditor?

Answer 18

ensure professionally qualified to act as auditor for this client, consider whether disqualified on legal or ethical grounds

obtain references - make independent enquiries

ensure existing resources adequate for providing quality and professional service, consider available time/staff/technical expertise

communicate with present auditors; enquire whether there are reasons/circumstances behind the change which the new auditors ought to know.

Question 19

what are the pre-acceptance procedures for an audit?

Answer 19

even before engagement letter, need to consider whether inherent and control risks are acceptable, and whether they want to be associated with the client.

if continuing engagement, previous experience will help to inform these answers

if new client - need to gauge risks of potential client through: engaging with client personnel (trustworthy?), gaining overview of client procedures, reviewing past accounts, assessing business risks and third party reports like press stories.

Question 20

what should a new auditor do after accepting nomination?

Answer 20

ensure outgoing auditor’s removal/resignation properly conducted in accordance with national regulations

ensure new appointment properly conducted - obtain copy of the resolution passed

agree terms of engagement

Question 21

what can a firm do to ensure quality control at a firm level?

Answer 21

firm and leadership responsibility for quality within the firm - promoting culture where quality regarded as essential, and providing training to ensure all staff understand quality objectives and procedures

Question 22

what can HR do to ensure quality control at a firm level?

Answer 22

recruiting and retaining staff with right capabilities, competences and commitment to ethical principles to perform engagement in accordance with professional standards and regulatory requirements

Question 23

how can the engagement partner ensure quality control at the firm level?

Answer 23

implementing policies and procedures to ensure quality control at the individual engagement level, ensure that engagements are performed correctly. good engagement performance involves: directions, supervision, review, consultation and resolution of dispute.

Question 24

how can monitoring achieve quality control at a firm level?

Answer 24

evaluating quality control procedures to ensure that they remain relevant, adequate and effective.

Question 25

what is professional judgement?

Answer 25

application of training, knowledge and experience in making informed decisions about the courses of action that are appropriate in the circumstances of the audit engagement - ISA 200

Question 26

what factors can increase inherent risk?

Answer 26

the regulations clients are subject to

if financial statements are complex or subject to complex accounting standards, or include amounts derived from estimates rather than factual data

Question 27

what factors can increase non-sampling detection risk?

Answer 27

lack of audit procedure

lack of auditor experience

time pressure

financial constraints

new clients or lack of industry knowledge

poor planning