Engagement Planning 2 Flashcards
Describe Inherent Risk
The risk that a material misstatement of an assertion will take place in the absence of any internal control
This risk is assessed using various analytical techniques, available information on the company and its industry, as well as by using overall auditing knowledge. The risk differs by account and assertion. For example, cash is more susceptible to theft than an inventory of coal.
What red flags may indicate higher risk in an audit?
- Management compensation tied to stock
- Aggressive financial forecasting
- Former auditor disagreed with Management
- Records not available for audit
- Current audit procedures may need to be reconsidered if red flags exist
Purpose of Analytical Procedures USED DURING RISK ASSESSMENT
-
AU-C 315 - Analytical procedures used during risk assessment
- (1) May enhance the auditor’s understanding of the client’s business and signification transactions or events that have occurred since prior audit and
- (2) also may help to identify the existence of unusual transactions or events and amounts , ratios, and trends that might indicates matters that have audit implications
- Analytical procedures used during risk assessment use data at a high level and they may provide only broad initial indication about possible existence of material misstatements
What are the three factors that affect/influence fraud?
Fraud is born out of - RIO
- Rationalization
- Incentive
- Opportunity
Materiality
- _Magnitude of omission or misstatemen_t that makes it probable that the judgment of a reasonable person (user) relying on the information could have been changed or influenced by the omission or misstatement
- Materiality is based on Auditor’s judgment -use PY financial statement
- Materiality judgments involve both quantitative and qualitative considerations
- For planning purposes, concerned with the smallest aggregate level
- There is an inverse relationship between audit risk and materiality consideration
- Materiality measure relate to an annual figure
When the risk assessment does not include an expectation that controls operate effectively
This will be the case when
(1) controls appear weak, or
(2) the auditor believes that performing extensive substantive procedures is likely to be more cost effective than performing a combination of tests of controls and a decreased scope of substantive procedures
When the risk assessment does not include an expectation that controls operate effectively, further audit procedures will consist entirely of substantive procedures.
What are quantitative measurements versus non-quantitative measurements with respect to risk?
- Quantitative Measurements - Inherent- Control- and Detection Risk can all be measured in terms of percentages
- Non-Quantitative Measurements - Inherent- Control- and Detection Risk can all be measured in terms of acceptable ranges
Describe Detection Risk
- Auditor fails to detect a material misstatement
- Auditor can increase the nature, timing or extent of substantives testing to decrease the level of detection risk
- Substantive procedures are primarily relied upon to restrict detection risk.
- The risk that audit procedures will incorrectly lead to a conclusion that a material misstatement does not exist in an account balance when in fact such a misstatement does exist
What responses should an auditor take based on different levels of acceptable detection risk (DR)? What type of tests should be performed?
- Less Acceptable DR ⇒ Run More Substantive Tests ⇒ Less Audit Risk
- More Acceptable DR ⇒ Run Less Substantive Tests ⇒ More Audit Risk
Type of fraud considered in an audit
- AU-C 240; AU 316
- Fraudulent Financial Reporting - management fraud - makes the financial statement misleading
- Misappropriation of Assets ( embezzlement, stealing/theft, defalcation) - employee
What questions should be asked by an auditor prior to taking an engagement?
NOTE: must have permission of client to contact predecessor auditor (no permission = no engagement)
- *1)** What are the Reason for the Auditor Change?
- *2)** How is the Integrity Management?
- *3)** Any Disagreements with management durig the Audit?
- *4)** Any Comunication with Audit Committee regarding fraud, illegal acts, IC?
to get RID of new client and C (see)
It is the successor’s responsibility, not the predecessor auditor’s responsibility to communicate with the predecessor
the successor auditor must attempt communication with the predecessor auditor either prior to accepting the engagement, or after the engagement has been accepted, or both
What is management’s responsibility with respect to the financial statements?
- Management is responsible for financial statements and adequacy of disclosures.
- Example of management assertion
- UPERCV
- Presentation & Disclosure Existence (Tests Overstatements)
- Rights & Obligations Completeness (Tests Understatements)
- Valuation & Allocation
Describe Control Risk
Risk that internal control will not detect a material misstatement on a timely basis
- This risk is assessed using the results of tests of controls. Tests of controls that provide audit evidence that controls operate effectively will ordinarily allow the auditor to assess control risk at a level below the maximum
What does an examination of internal control accomplish with respect to illegal acts?
- Internal control analysis can result in the conclusion that IC is weak BUT probably won’t identify illegal acts
-
Examples of audit procedures that may detect such illegal acts include
- inquiries of management and legal counsel,
- substantive procedures, and
- reading board of director meeting minutes and
- correspondence with licensing or regulatory authorities
How is Audit Risk calculated?
Audit risk is the risk that auditor express an inappropriate audit opinion when the financial statements are misstated
= Inherent Risk x Control Risk x Detection Risk
Risk of Material Misstatement = Control Risk x Inherent Risk
Audit Risk - assessed in Nonquantitative and Quantitative term
