Flashcards in Audit Risk and Materiality Deck (37):
What is an auditor's responsibility in connection with indirect-effect illegal acts?
No responsibility however is it is discovered should be investigated and may need to be disclosed.
What are some questionable events that should alert the auditor to a possible indirect-effect illegal act?
violation of EPA laws
civil rights laws
federal employee safety requirments
What is audit risk and why is there a certain level of risk inevitably in every audit?
Audit risk is the possibility that a material misstatement will occur and be reported in an entities F/S.
Due to the reasonable assurance provided there is always some risk a material misstatement will be present in an entities F/S.
What are the three components of audit risk and an explanation of each?
Inherent Risk - the possibility that a material misstatement will occur within the reporting entities accounting info system
Control Risk - the possibility that the company's internal control will not prevent or detect a material misstatement
Detection risk - the possibility that a material statement that has occurred will not be discovered by the auditor's testing
Which audit risk component are company characteristics assessed by the auditor and which will vary based on the work performed by the auditor?
IR and CR - company characteristics assessed by the auditor
DR - vary based on the work performed by the auditor
What types of factors would cause the auditor to assess IR at a relatively high level?
continuing audit where misstatements were encountered in previous audits
the presence of numerous estimations, large balances, and/or many transactions, some of which are complex
outdated and unsupported accounting information systems
understaffed accounting department or accountants with little training or experience
unexplained significant variations discovered during analytic procedures
How does a high IR impact the assessment of CR?
the assessment of CR is independent of the assessment of IR and should have no impact
If IR and CR are assessed high how does this impact DR?
DR has an inverse relationship to [CR x IR or RMM]
increase substantive testing
perform testing that will obtain more persuasive evidence such as, testing closer to the end of the reporting period, more experienced auditors, more effective techniques such as positive confirms or statistical sampling
What are some of the specific fraud risk factors that indicate either the incentive or pressure for fraudulent financial reporting to occur?
company is vulnerable to rapid changes
company is in a highly competitive industry
declining customer demand for products
significant number of business failures in client's industry
bankruptcy of the company appears imminent
ongoing negative cash flows from operations
significant employee and/or management financial interests in the entity
company faces expensive compliance with new regulations
investors have unreasonable expectations for profitability
company has great need for additional debt or equity financing
BOD, management or employee personal financial difficulties
In order to reduce detection risk to the planned acceptable level the auditor performs what kind of tests?
What are the major types of substantive testing?
Tests of transactions
Tests of balances
Fraud risk factors relation to opportunities for management to attempt fraud are what?
Significant related-party transactions
ability of entity to dominate a certain industry
significant estimates exist in financial reporting
significant, unusual or complex transactions exist, especially at the end of the reporting period
significant international or foreign operations
business dominated by one person or a small group of individuals
ineffective BOD or audit committee
high turnover in accounting, internal auditing, and IT staff
inadequate internal controls
overly complex organization structure
What are some specific fraud risk factors that might indicate either the incentive or pressure on the part of management and/or other key employees to misappropriate assets?
personal debts or other personal financial obligations
knowledge that there will be future employee layoffs
recent or anticipated changes in compensation plans or benefits
promotions, compensation, or other rewards that are inconsistent with employee expectations
What are some specific fraud factors that may indicate opportunities for asset misappropriation?
large amounts of cash on hand
inventory items are small in size and/or of high value
assets that are easily convertible to cash
fixed assets that are small and easily marketable
inadequate record keeping with respect to assets
inadequate safeguards over cash and assets
non-mandatory employee vacations, especially for key employees or positions
asset reconciliations and transaction documentation are not timely or provided
What are two areas in a F/S audit where the CPA should presume RMM due to fraud?
possible management possible override of internal controls
Describe some of the auditor tests and inquiries in regard to management override of internal controls?
inquire about sales transactions near the end of the reporting period
examine the contents of boxed inventory
review the accuracy of previous management estimations
obtain an understanding of the financial reporting process and the physical controls over JE's
select and test actual JE's especially suspicious entries at year end
ask about any inappropriate or unusual activity with JE's
Define Fraud, errors and direct-effect illegal acts?
Error - unintentional misstatement of the F/S
Fraud - intentional act that results in a misstatement in the F/S 2 types fraudulent financial reporting and misappropriation of assets
direct-effect illegal act - have an immediate impact on the entities F/S
Why is an auditor able to render only reasonable assurance in an audit engagement?
not every transaction can be looked at due to time and cost constraints so no absolute assurance can be given
What are the 3 elements of the fraud triangle?
Incentive and pressure
Rationalization and Attitudes
When is brainstorming performed and what does it mean?
at the beginning of an audit
brainstorming is the audit engagement team getting together and coming up with ideas about how management could perpetrate a fraud
What are some fraud risk factors that indicate attitude to commit fraudulent financial reporting?
Managements failure to correct known significant deficiencies in a timely manner
management's commitment to achieve aggressive or unreasonable financial forecasts
management's interest in maintaining or increasing the price of the company's stock
history of entity violations of securities laws
frequent disputes with the auditor
formal and informal restrictions on the auditors scope of audit activities
What actions should the auditor take in response to the discovery of one or more fraud risk factors?
closely monitor the adoption of an reasons for new accounting principles
make substantive testing procedures more unpredictable and in greater quantities
get more evidence from outside sources
rely more on physical inspections
use more computer-assisted audit techniques
do more testing in close proximity to the end of the reporting period
assign individuals to the audit team who have specialized skills and experience dealing with fraud, if appropriate
In assessing IR what are some procedures an auditor should consider in regards to fraud?
make inquiries of management, the audit committee, and the internal auditors, if any, about the risks of fraud in the company and how they are addressed.
look carefully at any unusual or unexpected relationships identified when performing analytical procedures
looking closely at accounts where a high degree of management judgment and subjectivity exists
What are some comparisons of financial information that are recommended in assessing inherent risk?
net income to cash flows from operations
year to year changes in inventory, A/P, sales and COGS
company profitability as compared to industry averages
company bad debts as compared to industry averages
sales volume as compared to production costs
Does the PCAOB require an auditor to report on whether a previously reported material weakness in internal control over financial reporting as of a date specified by management continues to exist?
What is meant by the term risk in auditing?
risk that the F/S could be materially misstated and these misstatements might go undetected even after the auditor has completed the audit and rendered an audit opinion
How does risk assessment for financial reporting relate to an entities management?
it is managements process for identifying, analyzing and responding to the risks relevant to the preperation of financial statements in conformity with GAAP
What are the risks relevant to financial reporting?
external and internal events and circumstances that may occur and adversely affect an entity's ability to initiate, authorize, record, process, and report financial data consistent with managements assertions in the F/S
List some of the circumstances under which risks impacting F/S can rise or possibly change.
changes in the entity's operating environment
new or revamped AIS
rapid business growth
new business models, products or activities
expanded foreign operations
new accounting pronouncements
more complex and/or complicated business transactions
Why do auditors perform risk assessment procedures?
Auditors perform risk assessment procedures to properly asses the RMM and to obtain a preliminary understanding of the entity's internal control
What should the auditor use as audit evidence to support the risk assessment that has been made?
audit evidence obtained in evaluation the design of controls and whether or not not they have been implemented
How should the auditor employ the risk assessment process?
to determine the nature, timing and extent of further audit procedures to be performed
What types of risk assessment procedures should the auditor perform to obtain an understanding of the entity and its environment, including internal control?
inquiries of management and others within the entity
observation and inspection
The auditor's understanding of the entity and its environment relies on an understanding by the auditor of which aspects of the entity?
the entity's industry, including regulatory and other external factors
the nature of the entity
the objectives, strategies and the related business risks that may result in a material misstatement of the entity's F/S
measurement and review of the entity's financial performance
the entity's internal control which includes its accounting policies and practices
What is the authoritative source for the risk assessment standards for audit engagements of privately held entity F/S?
SAS 104 - SAS 111
What were the three objectives of the ASB in developing risk assessment standards as they relate to auditors and audits?
1. auditors must develop a more in-depth understanding of the entity being audited and its environment, including internal control
2 auditors must conduct a more rigorous assessment of the risks of where and how the client's F?S could be materially misstated
3 there should be improved linkage between the auditor's assessed risks and the nature, timing, and extent of audit procedures performed in response to those risks