Chapter 4

Question 1

All else held equal, would the following imply more work for the auditor or less work for the auditor?

1. Higher control risk
2. Higher inherent risk
3. Higher detection risk
4. Higher audit risk

Answer 1

AR = IR * CR * DR

1. More work
   (increase in CR makes DR have to decrease)
2. More work
   (increase in CR makes DR have to decrease)
3. Less work
   (increase in DR allows AR to increase)
4. Less work
   (increase in AR allows DR to increase)

Question 2

What would cause inherent risk to increase?

Answer 2

Volatility in oil price
Bank affected by FED rule changes
CEO engaging in questionable activities
(external factors)

Question 3

What is the only risk that auditors can control/change?

Answer 3

Detection Risk - means that the auditor can do more or less work

Question 4

“Filling the Assurance Bucket”

Order: efficiency perspective - where do you put your effort?

Answer 4

1. Risk Assessment Procedures (“assessing” inherent risk, “understanding” control risk)
2. Test of Controls (“assessing” control risk)
3. Substantive Analytical Procedures (easier than test of details)
4. Remaining assurance needed form test of details (“heavy lifting”)

Question 5

What assertions do auditors focus on for significant accounts?

Answer 5

Relevant assertions

Question 6

An account or disclosure is a significant account if…

Answer 6

• There is a reasonable possibility that the account or disclosure could contain a misstatement
• Individual or aggregated misstatement
• Considering under and overstatements

Question 7

How is an account or disclosure determined as significant?

Answer 7

Based on inherent risk, without regard to the effect of controls

Question 8

A relevant assertion is…

Answer 8

• A financial statement assertion with the reasonable possibility of containing a misstatement(s) that would cause the financial statements to be materially mistated

Question 9

How is a relevant assertion determined?

Answer 9

Based on inherent risk, without regard to the effect of controls

Question 10

Audit Risk

Answer 10

Probability that an auditor will give an unqualified opinion (clean) on materially misstated financial statements

Question 11

At what level is audit risk applied? Why?

Answer 11

Assertion Level
Directly assists the auditor in planning the appropriate audit procedures for the accounts, transactions, or disclosures (applied holistically)

Question 12

Audit Risk=

Answer 12

Inherent Risk * Control Risk * Detection Risk

Question 13

True or False: Audit risk is the risk that the auditor gives an incorrect audit opinion

Answer 13

False!
Not concerned with giving an unclean opinion to a clean financial statement

Question 14

Why is audit risk not concerned with giving an unclean opinion to a clean financial statement?

Answer 14

If I get a 100 on a test I don’t go back and look and make sure the professor graded it correctly (management incentives) BUT, if I get a 43, I’m going to go back and look and make sure my test is graded correctly

Question 15

Auditors have an incentive to…

Answer 15

push audit risk as low as possible

Question 16

Revenue - would completeness or existence/occurrence have higher inherent risk?

Answer 16

Existence/occurrence because management has an incentive to inflate revenue rather than push it down (risk of overstatement)

Question 17

COGS - would completeness or existence/occurrence have higher inherent risk?

Answer 17

Completeness (risk of understatement)

Question 18

Inherent Risk

Answer 18

Probability that, in the absence of internal controls, material misstatements could occur

Question 19

Factors that affect inherent risk:

Answer 19

• The nature of the client’s business and strategy to achieve a competitive advantage
• The major types of transactions
• The effectiveness and integrity of managers and accountants

Question 20

Where is inherent risk more likely? Complex estimate or cash?

Answer 20

Complex estimate (requires more judgement)

Question 21

Control Risk

Answer 21

Probability that the client’s internal control policies and procedures fail to prevent or detect a material misstatement

Question 22

Factors that affect control risk:

Answer 22

• The environment in which the company operates (its “control environment”)
• The existence (or lack thereof) and effectiveness of control activities
• Monitoring activities (audit committee, internal audit function, etc.)

Question 23

Detection Risk

Answer 23

Probability that the auditor’s substantive procedures will fail to detect a material misstatement that exists within an account balance or class of transaction

Question 24

Factors that affect detection risk:

Answer 24

• Nature, timing, and extent of audit procedures
• Sampling risk (the risk of choosing an unrepresentative sample)
• Nonsampling risk (the risk that auditor may reach inappropriate conclusions based upon available evidence)

Question 25

What is the only part of the audit risk model that the auditor can control?

Answer 25

Detection Risk

Question 26

How can detection risk be described?

Answer 26

• The “plug” figure
• Inherent and control risk are assessed, now, how much detection risk do we as auditors need?
• How much work do auditors have to do?

Question 27

RMM (Risk of Material Misstatement)

Answer 27

The risk that a material misstatement exists in the financial statements before auditors apply their substantive procedures

Question 28

RMM=

Answer 28

Inherent Risk * Control Risk

Question 29

The assessment of RMM leads to…

Answer 29

determination of Detection Risk
DR = AR/(IR*CR)

Question 30

The nature, timing, extent of Lower Detection Risk

Answer 30

Nature: More effective tests
Timing: More testing at year-end
Extent: More tests (volume)

Question 31

The nature, timing, extent of Higher Detection Risk

Answer 31

Nature: Less effective tests (more inquiry, less inspection)
Timing: More testing at interim
Extent: Fewer tests (volume)

Question 32

What is the probability that the audit work will NOT catch a material misstatement?

Answer 32

Detection Risk

Question 33

If you want the probability of missing test questions on a test you have to study…

Answer 33

MORE
(you have to work more for a lower detection risk)

Question 34

If auditors can’t push audit risk to an “acceptably low” risk, they are supposed to…

Answer 34

(by the standard) to refuse the client

Question 35

AR = IR * CR * DR
Low = Moderate * Moderate * ________

Answer 35

Moderate

Question 36

AR = IR * CR * DR
Low = Low * Low * ________

Answer 36

High

Question 37

What are the limitations of the Audit Risk Model?

Answer 37

• Subject to the judgements and assessments used as inputs
• It does not consider potential auditor error
• Virtually impossible to calculate the exact level of IR,CR,DR, and AR (the model is conceptual)
• RMM cannot =0

Question 38

Can RMM be assessed at 0?

Answer 38

No
Auditor wouldn’t have to do any work, it is not allowed

Question 39

What is the difference between fraud and error?

Answer 39

Intent

Question 40

Auditors obtain reasonable assurance that the financial statements are free from material misstatement, whether…

Answer 40

caused by fraud or error

Question 41

Fraudulent Financial Reporting

Answer 41

Intentional misstatements or omissions of amounts or disclosures intended to deceive financial statement users “management fraud”

Question 42

Misappropriation of Assets

Answer 42

Asset theft from the entity (usually, not always, lower level workers)

Question 43

Can fraudulent financial reporting lead to misappropriation of assets?

Answer 43

Yes, sometimes one can lead to the other

Question 44

Fraud Triangle

Answer 44

1. Incentive or pressure to perpetrate fraud
2. Opportunity to carry out the fraud
3. Attitude or rationalization to justify the fraud
   (all 3 have to be present for fraud)

Question 45

Incentive for Fraud

Answer 45

• Pressure from 3rd parties (ex: analysts)
• Personal financial situation

Question 46

Opportunity for Fraud

Answer 46

• Weak internal controls
• Complex organizational structure

Question 47

Justification of Fraud

Answer 47

• Nonfinancial management’s excessive participation in selection of accounting principles and estimates
• History of violations of securities laws

Question 48

Communication of Fraud

Answer 48

• Exercise significant care (accusations of fraud are taken very seriously by audit clients)
• Evidence of fraud should be presented to the “appropriate level of management” (one level above the people involved)
• Fraud committed by management is material and should be reported to those charged with governance (Audit Committee or Board of Directors)

Question 49

Direct-Effect Noncompliance

Answer 49

• Produce direct and material effects on the financial statements
• The law or regulation can be identified with a specific account or disclosure
• Auditor’s responsibility: design procedures to provide reasonable assurance

Question 50

Indirect-Effect Noncompliance

Answer 50

• Not related to specific accounts or disclosures on the financial statements (violations related to insider securities trading, occupational health and safety, food and drug administration, etc.)
• Auditor’s responsibility: follow up on suspected violations material to the financial statements

Question 51

Do you have to “assess” or “understand” internal controls?

Answer 51

You have to develop an “understanding”

Question 52

What is the difference between “assessing” and “understanding”?

Answer 52

“assess”: test/validate
“understand”: no test (inquire, etc.)

Question 53

Obtaining an understanding of the client’s business includes understanding:

Answer 53

• Industry, regulatory, and other external factors
• Nature of the company and related parties
• Effect of client’s computerized processing
• Accounting principles and related disclosures
• Company objectives, strategies, and related business risks
• Company performance measures and analysis

Question 54

Preliminary Analytical Procedures

Answer 54

1. Identify the potential problem areas
2. Provide a standard starting place to start examining the financial statements
3. Help familiarize audio with client’s business and identifying areas of risk

Question 55

When are analytical procedures required?

Answer 55

Preliminary stages (when creating the audit plan)
End (when performing the final plan)

Question 56

When are analytical procedures optional?

Answer 56

Substantive testing

Question 57

Analytical Procedure Steps

Answer 57

1. Develop an expectation (that was developed before)
2. Define a significant difference (aka “tolerable difference”)
3. Calculate predictions and compare them with the recorded amount
4. Investigate significant differences
5. Document each of the above steps

Question 58

Audit team discussions (brainstorming)

Answer 58

• Required procedure
• Objectives
• Discussions should be ongoing throughout the engagement

Question 59

What are the audit teams objectives in brainstorming?

Answer 59

Gain understanding of
- Previous experiences with client
- How a fraud might be perpetrated and concealed in the entity
- Procedures that might detect fraud
Set proper tone for engagement

Question 60

Inquiries of Company Leadership

Answer 60

Auditors discuss
- selection of accounting principles
- susceptibility to errors and fraud
- how management controls and monitors fraud risks

Talk to….
Audit Committee
Management
Internal Auditors

Question 61

Who is responsible for financial statements?

Answer 61

Management
(they should know where the risks are)

Question 62

Purpose of inherent risk assessment

Answer 62

Determine significant accounts and relevant assertions and how each can be misstated