Lec 8 Flashcards
what does account and class of transaction refer to
balance sheet account and income statement accounts
what is the audit risk model (ARM) applicable to?
it is applicable to every account and class of transaction for every assertion made
what is the equation for audit risk
inherent risk x control risk x detection risk
when is desired audit risk determined and what is it based on
determined during the planning stages of the audit and is based on the amount of F/S users
what is the equation for risk of material misstatement (RMM)
inherent risk x control risk
1 - level of assurance = ?
audit risk
define inherent risk
risk that an account or class of transactions will be misstated BEFORE considering internal control measures - it is assuming there is not internal control
what other risk is inherent risk tied to and why
business risk because the issues popping up in inherent risk are typical business risks the company faces
define control risk
risk of accounts or class of transactions that can be misstated due to not being prevented or detected by any internal control systems
what is the difference between inherent and control risk
inherent risk is risk of misstatement before internal controls while control risk is risk of misstatement after inter control
what does it mean for assertions when internal controls are tight
when internal controls are tight it means that assertions made are more reliable
define detection risk
risk that an auditor will not detect the misstatement
how is detection risk tied to audit work
the more audit work that is done, the more sufficient and appropriate evidence is gathered, the smaller the detection risk
how does detection risk relate to the audit risk equation
it is the only thing that can be controlled by the auditor based on how much work they are willing to do and level of risk they willing to accept
what procedures does the detection risk depend on
substantive procedures
what is preventative control
control that prevents misstatements from happening
what is detective control
control that find misstatements after they’ve happened
what 2 risks make detection risk
sampling and non-sampling risk
sampling risk
risk that chosen sample is not representative of the population and it is one of the reasons why a misstatement might not be detected
non-sampling risk
essentially the risk that auditor is incompetent
- use of inappropriate audit procedures
- failure to detect even with use of proper procedures
- misinterpreting of audit results
what is an example of a sample risk
confirmation of A/R existence - we cannot send confirmation for all
can auditor affect inherent or control risk?
NO, the auditor can only assess them
examples of business risk
- significant changes in business
- significant changes in industry
- disruptive new products and services
- operation in unstable areas
what are the two types of business risk analysis and what do they determine
strategic analysis and business process analysis. determine weaknesses in client’s risk management and how they could lead to misstatements
