Assessing & responding to RMM due to error or fraud

Question 1

what is the audit risk model?

Answer 1

audit risk = inherent risk X control risk X detection risk

Question 2

what is inherent risk?

Answer 2

risk that a material misstatement will exist if there were no I/C;
determined by nature of entity and environment

Question 3

what is control risk?

Answer 3

the entity’s I/C will fail to prevent or detect a material misstatement (managed by internal control); determined by controls put in place by the entity

Question 4

what is detection risk?

Answer 4

the risk that if a material misstatement exists in the F/S, auditors will fail to identify it (gets reduced by audit procedures, response to RMM)

Question 5

true or false: RMM exists independently of audit

Answer 5

TRUE

Question 6

if CR is below maximum auditors may…

Answer 6

reduce number of substantive tests planned because some risks is mitigated

Question 7

auditors will omit interim testing if CR were assessed at….

Answer 7

maximum level but not below

Question 8

what are the tasks required for a review?

Answer 8

-Perform analytical procedures (3 STEPS)
1. develop expectations
2. compare client’s actual data with
expectations
3. investigate significant differences
-Perform inquires
-Obtain management representation
-Maintain independence
-Obtained signed engagement letter
-Express conclusion
-Limited assurance

Question 9

what are the tasks required for an audit?

Answer 9

-Perform analytical procedures (3 STEPS)
1. develop expectations
2. compare client’s actual
data with expectations
3. investigate any
significant differences
-Perform inquires
-Obtain management representation
-Maintain independence
-Obtained signed engagement letter
-Communicate with predecessor CPA
-Understand I/C
-Assess RMM
-Send letter to client’s lawyer
-Substantive testing to detect material misstatement
-Express opinion
-Reasonable assurance

Question 10

if true state of population has a deviation rate > tolerable rate and the auditor’s estimate based on sample results deviation rate > tolerable rate

Answer 10

control risk increased properly

Question 11

if true state of population has a deviation rate > tolerable rate and the auditor’s estimate based on sample results deviation rate < tolerable rate

Answer 11

control risk decreased improperly (Type 2 error) Ineffective

Question 12

if true state of population has a deviation rate < tolerable rate and the auditor’s estimate based on sample results deviation rate < tolerable rate

Answer 12

control risk unchanged properly

Question 13

if true state of population has a deviation rate < tolerable rate and the auditor’s estimate based on sample results deviation rate > tolerable rate

Answer 13

control risk increased improperly (Type 1 error) Ineffective

Question 14

increase in RMM leads to…

Answer 14

decrease in acceptable level of detection risk and increase in substantive testing to maintain the desired audit risk

Question 15

if RMM is high then…

Answer 15

increase professional skepticism and planned audit procedures
1. more thorough tests
2. rely on more year-end testing
3. assign experienced staff with specialized skills
4. close supervision required

Question 16

what does RACE stand for in relationship to year end balance sheet accounts

Answer 16

Rights and obligations: own or have the rights to use?
Allocation and valuation: are the recorded amounts correct?
Completeness: are all assets/liabilities recorded?
Existence: do the assets/liabilities exist?

Question 17

after CR and RMM are assessed, what tests will the auditor perform

Answer 17

tests of transactions details because they are needed to detect material financial misstatements

Question 18

what is audit risk?

Answer 18

the risk that a material misstatement exists in the financial statements and will not be detected by the audit

Question 19

If I/C is effective…

Answer 19

control risk is low, there’s an increased reliance on the controls and a decreased number of substantive procedures performed

Question 20

which two components of the risk are characteristics of the entity?

Answer 20

inherent risk and control risk

Question 21

segregation of duties protects assets from…

Answer 21

misappropriation

Question 22

what are the 4 phases in the process for understanding I/C and assessing CR

Answer 22

1. obtain an understanding of the design and operation of I/C
2. assess CR
3. design, perform and evaluate tests of controls if applicable
4. set detection risk and plan substantive procedures

Question 23

if tests of controls are not performed when assessing CR

Answer 23

leave CR at max level because I/C is poorly designed

Question 24

during the “design, perform and evaluate tests of controls if applicable” phase, if testing indicates I/C effective

Answer 24

reduce CR; auditors increase reliance on controls and decrease substantive testing

Question 25

what are the three things that lead to fraud?

Answer 25

incentive, opportunity and rationalization

Question 26

what is fraud incentive?

Answer 26

reason (motivation) for committing the fraud; ex. personal gain, pressure to meet operating objectives

Question 27

what is opportunity fraud?

Answer 27

have the ability to commit the fraud; ex. management override, lack of I/C, collusion

Question 28

what is rationalization fraud?

Answer 28

attitude, justify the fraud in a manner consistent with their beliefs; ex. “getting worse”, don’t believe they are wrong

Question 29

what is the purpose of substantive testing?

Answer 29

to identify material financial misstatements the amount and type of substantive testing is based on previously assessed level of control risk

Question 30

who determines the acceptable level of audit risk?

Answer 30

auditor