Chapter 4 Flashcards
(29 cards)
Audit Risk
The risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.
Consider multiple levels (overall f/s; account balances; footnote disclosure)
Assertion: risk in terms of account balances and disclosures.
Opinion goes to both overall f/s and account balances,but reasonably assured.
AR Model (AR = IR X CR X DR)
Inherent risk, Control risk, and Detection Risk.
IR X CR= RMM Risk of Materially Mistatement.
Inherent Risk (IR)
Risk due to the nature of the account (item). The susceptibility that an account balance or disclosure can be misstated due to the nature of the account.
Control Risk (CR)
The risk that the company’s internal control will not catch, prevent, correct, or detect a material misstatement.
Key point involving IR and CR (responsibility of each risk?)
IR and CR are clients risk!
As CR increases, testing should increase!
Detection Risk (DR)
The risk that the auditors will not detect a material misstatement. Our risk!
Can DR be reduced to zero?
rarely test 100% of balances
Sampling risk: the sample you take will not perfectly apply to the population.
Non sampling risk: we humans will make mistakes.
Inverse relationship between IR/CR and DR
Higher IR/CR, the (lower) risk you will detect something must get smaller.
Key Point about risk
Risk is always, ultimately, a matter of professional judgement. The model is a planning tool, can be quantitative or qualitative; helps us assess risk!
Two more Key Points related to achieved level of AR
If actual/achieved/level of AR is equal or less than planned/expected/acceptable, an unqualified/ ‘clean’ opinion can be issued.
If actual/achieved level of AR is greater than planned/expected/acceptable, additional work or qualified opinion will be necessary. (more tests, worse than expected).
Engagement Risk
The risk that the firm can be damaged monetarily or reputation by working with a troubled client. “Guilt by association”.
Risk Assessment Process (Figure 4-2)
The processes or ways the auditor obtains an understanding of the entity and its environment.
Methods of Gathering this Info (3 ways)
Inquiries of management and others. Analytical procedures. Observation or inspection.
What do you want to learn about! (5 items to consider)
Nature of the entity. Industry, regulatory, and external factors. Objectives, strategies, and business risk. Entity performance measures. Internal control.
Identify Business Risks
Usually the greater the business risk, usually the greater inherent risk and control risk.
Evaluate clients risk assessment process (Chapter 6)
How management responds to these business risks and obtain evidence of its implementation.
Assessing the risk of material misstatement (error and fraud)
Every misstatement is either due to an error or fraud).
Error: unintentional.
Fraud: intentional
Errors
Factual error: you goofed on the facts (hard entry).
Judgemental nature: disagreements on bad debts (soft entry).
Projected misstatements: extrapolation can wrong, sample not relative (soft entry).
Fraud
1.Financial reporting (fraud), (including deliberate incorrect accounting).
2. Misappropriation of assets-stealing and concealing it.
“Cooking the books”.
How/Where to look for fraud
Look at unusual relationships. Talk with management, audit team members, board and audit committee. understand how the client closes the books at the end of each quarter or year end. Remember professional skepticism!
Three conditions indicative of fraud (Fraud Risk Triangle)
Opportunity, Incentive, and Attitude. Usually need at least two of these!
Assess risk-how to “respond”
Need to look at both the Assertion Level and F/S level.
Assertion Level
- Determine what might go wrong.
2. Design audit procedures for the assertion level risks (do testing)(balances and F/S disclosure).
