Risk Assessment (RAMP)
-Combination of inherent and control risks
-Make sure to integrate case facts and explain whether it causes a higher or lower RMM for each
-Conclude whether the overall risk is high or low
Inherent Risks
Risks that exists regardless of the presence of controls
Examples
-New and complex transactions
-Industry factors (market, interest, regulations, competition)
-Management integrity
-Technology advancements
-First time audit
Control Risks
Examples
-Lack of segregation of duties
-Lack of monitoring
-IT control weaknesses
-Weakness in authorization procedures
-Lack of qualifications
Approach Discussion (RAMP)
1) Substantive approach
-Analytical procedures (analysis of account trends) and test of details (sampling specific accounts for key details)
-Use when there are significant unusual transactions, widespread control weaknesses, evidence of management override of controls
2) Combined approach
-Combines elements of substantive testing and test of controls
-Use when control weaknesses are isolated and related to specific accounts or processes
-High volume of homogenous, routine transactions
Materiality (RAMP)
-Based on users and their needs
1) List users and their needs
2) Identify benchmark
5-10% of pre-tax profit
0.5-2% of total assets
0.5-2% of equity
0.5-2% of revenues or expenses
3) Pick a factor
-Choose within the range of a benchmark above
-Choose the lower end if users are more sensitive to errors (indicate this in answer)
4) Calculate performance materiality
-60-85% of materiality
-If many known errors, set performance materiality lower (choose the lower end)
Procedures (RAMP)
1) State the risk and why
2) State the assertions
3) Explain procedure
