5 Flashcards
What is Audit Risk?
The risk that the auditor gives an inappropriate audit opinion when the financial statements are materially misstated.
Example:
Auditor says the accounts are true & fair, but in reality, there’s a material misstatement (e.g., revenue overstated).
What is Business Risk?
Business risk is the risk that an event or action could negatively affect the entity’s ability to achieve its objectives.
It relates to anything that threatens the company’s operations, strategy, or survival
What is Risk-Based Auditing?
Risk-Based Auditing is an audit strategy where the auditor focuses more effort on high-risk areas of the financial statements.
The goal is to reduce audit risk (the risk of giving a wrong opinion) to an acceptable level at minimum cost.
What is the Risk of Material Misstatement (RMM)?
RMM is the risk that a material misstatement exists in the financial statements before the auditor performs any work.
What is Inherent Risk (IR)?
The chance that something in the accounts could go wrong on its own, even before any controls are in place.
Example:
Cash = easy to steal → high inherent risk.
Complex contracts (like building projects) → high risk because they’re hard to get right.
What is Control Risk (CR)?
The chance that the company’s internal checks (controls) don’t catch mistakes or fraud in time
What are the key stages of the Risk-Based Audit Process?
- Assessing Risks
Decide whether to accept or continue with the client
Understand the client’s business
Learn about their internal control system - Collecting Evidence
Plan the audit
Test internal controls
Audit business processes and related accounts - Forming an Opinion
Review findings
Draw conclusions from the evidence - Reporting
Issue the audit report with the final opinion
What is Detection Risk (DR)?
Risk that the auditor’s own procedures fail to detect a material misstatement.
Sampling Risk: The auditor misses something because the sample wasn’t representative.
Non-Sampling Risk: The auditor misinterprets evidence or misses red flags.
What are examples of Business Risk/Inherent Risk Indicators?
Changes in laws/regulations (e.g., tax laws).
Rapid growth → stretched controls.
New products/systems (potential errors).
Foreign operations (currency, political risks).
Restructuring (job cuts, morale issues).
Auditor’s role:
Understand these risks → assess impact on financial statements.
What is Analytical Review (Analytical Procedures)?
Analytical procedures are evaluations of financial data by looking at relationships between financial and non-financial information.
They also include investigating unusual changes or differences from what’s expected.
Helps auditors spot risks early (e.g., unexpected fluctuations in profit margins).
Supports understanding the client’s business and environment (ISA 315).
When is Analytical Review (Analytical Procedures) used?
At several points in the audit:
Planning stage (to identify risk areas).
During substantive testing (to find misstatements).
At the final review (to ensure everything makes sense overall).
Why is the audit evidence search central to auditing?
Because the auditor’s opinion must be based on sufficient and appropriate evidence.
Evidence is needed to support or refute management’s assertions (e.g. about revenue, assets).
Without proper evidence, the auditor can’t reduce audit risk to an acceptable level.
Key Point:
Evidence is the foundation of every audit judgment and conclusion.
What are the stages of the audit process, and how is evidence collected at each stage?
Planning:
Use analytical procedures & inquiries to understand the client’s business and identify risks.
Testing controls:
Use inspection, observation, inquiry, and reperformance to check if internal controls work.
Substantive testing:
Gather direct evidence (e.g., confirmations, inspections, recalculations) to check account balances and transactions.
Final review:
Use analytical procedures again to double-check if the FS are consistent.
What is the relationship between audit evidence and audit risk?
More and better evidence = lower detection risk.
Lower detection risk = lower audit risk.
Key point:
Audit evidence helps the auditor find material misstatements.
Without enough evidence, the chance of missing misstatements (detection risk) goes up → which increases audit risk.
What is the relationship between audit evidence and audit judgement?
Audit judgement = how the auditor decides:
What evidence to collect,
How much is enough (sufficiency),
How good is it (appropriateness).
Auditors use judgement to evaluate evidence and decide whether it’s sufficient and appropriate.
Example:
Deciding whether to accept a supplier’s confirmation as reliable or to dig deeper.
How do auditors form conclusions from evidence?
After gathering and evaluating the evidence, auditors:
Compare it with management’s assertions.
Decide if the FS are materially misstated.
Conclusion process:
If evidence supports the FS, the auditor gives a clean opinion.
If evidence shows misstatements, the auditor may:
Request corrections or
Issue a qualified/adverse opinion
Flashcard 4: What different sampling techniques are there?
Flashcard 4: What different sampling techniques are there?
100% testing:
Test all items → used for few high-value items.
Selecting specific items (judgemental):
Target risky items (e.g., largest transactions, unusual ones).
Audit sampling (random or systematic):
Random sampling: Every item has an equal chance of selection.
Systematic sampling: Select every nth item (e.g., every 10th invoice).
Flashcard 5: How do auditors calculate sample size?
Risk level: Higher risk → bigger sample.
Population size: Larger populations often need larger samples.
Tolerable error: Lower error tolerance → bigger sample.
Expected errors: If expecting more errors, increase sample
What are the advantages & disadvantages of 100% Testing
In 100% testing, the auditor checks every item in the population. The main advantage is that there is no sampling risk—the auditor is completely sure about the area being tested since nothing is left out. This is especially useful for high-value or low-volume items (e.g., all transactions over £1 million). The disadvantage is that it is very time-consuming and expensive, so it’s not practical for large populations with many transactions.
What are the advantages & disadvantages of Specific Items (Judgemental Selection)
This technique involves selecting specific transactions or items that the auditor believes are risky or unusual (e.g., very large transactions, related party deals). The advantage is that it is efficient—the auditor focuses on areas most likely to have errors or fraud. However, the disadvantage is that it can miss random errors elsewhere in the population, because it’s not representative of the whole group.
What are the advantages & disadvantages of Random Sampling
Random sampling gives every item in the population an equal chance of being selected. The advantage is that it is unbiased and helps ensure the sample reflects the whole population. This makes it fair and reliable if done properly. However, the disadvantage is sampling risk—there’s still a chance that the sample doesn’t fully represent the population, especially if the sample size is too small.
What are the advantages & disadvantages of Systematic Sampling
n systematic sampling, the auditor selects every nth item (e.g., every 10th transaction). The advantage is that it’s easy to apply and spreads the sample evenly across the population. This makes it efficient and practical. The disadvantage is that if there is a pattern in the population (e.g., errors happen every 10th transaction), systematic sampling might miss it.
