Engagement Acceptance, Planning and Risk Assessment Flashcards
Risk Assessment Procedures
Used to obtain an understanding of the entity and its environement. RIsk assessment procedures do not alone provide audit evidence sufficient to support an audit opinion.
Test of Controls
Are necessary when:
1) The auditor’s risk assessment is based to some extent on the effectiveness of the operating effectiveness of internal control.
2) Substantive procedures along are deemed to be insufficient.
Timing of Audit Procedures
When testing at interim date an auditor must assess the incremental risk involved and determine whether sufficient alternative procedures exist to extend the interim conclusions to year-end
If IT is used significantly in the environment, an auditor will need to considered testing to coincide with the availability of information.
Financial Statement Assertions
Claims and assertions made implicitly or explicitly by management about the recognition, measurement, presentation and disclosure of information.
Name of Financial Statement Assertions
Completeness Cutoff, Valuation, Allocation and Accuracy Existence and Occurrence Rights and Obligations Understand ability and Classification.
Audit Plan
Should include the nature, extent and timing of procedures performed.
Role of Client’s Internal Auditors
May aid an auditor in obtaining an understanding of internal control, assessing risk, and performing substantive procedures. For high risk areas, testing performed by an internal auditor will not eliminate the need for testing by an external auditor. For low risk areas, it can eliminate the need. If an external auditor uses an internal auditor’s work, an external auditor must assess the competence and objectivity of an internal auditor.
Work of a Specialist
Must assess a specialists competence, capabilities and objectivity. If an opinion is modified as a result of the work of a specialist, the auditor may refer to his work in the report, but may need permission from specialist before making reference in the opinion to his work.
Audit RIsk
Risk that the auditor may unknowingly fail to appropriately modify the opinion on financial statements that are materially misstated.
Audit Risk Model
Audit Risk=Risk of Material Misstatement (assessed by auditor) * Detection Risk (controlled by auditor)
Risk of Material Misstatement
Divided into the following:
Inherent Risk- the suspectibility of a relevant assterion to a material misstatement assuming there are no related controls. (ex. technology developments that may render a product obsolete, a lack of working capital or decline in industry).
Control Risk- RIsk that Material Misstatement that could occur in a relevant assertion that will not be prevented or detected on a timely basis by the entity’s internal control.
These exist independently in audit and cannot be changed.
Detection Risk
RIsk that auditor will not detect a material misstatement that exists in an assertion. Inverse relationship between RMM and Detection RIsk.
Procedures to assess the risk of material misstatement
1) Understand the entity and its environment.
2) Assess risks of material misstatement
3) Respond to the assessed level of risk by designing further audit procedures.
4) Test internal controls to evaluate operating effectiveness.
5) Perform substantive procedures
6) Evaluate audit evidence.
Components of Internal Control
1) Control Environment
2) Risk Assessment by Management
3) Information and Communication Controls
4) Monitoring
5) Existing Control Activitites
