4.5 - Significant Risks Flashcards
Define significant risk
An identified risk of material misstatement for which the assessment of inherent risk is close to the upper end of the spectrum of inherent risk due to the degree to which inherent risk factors affect the combination of the likelihood of a misstatement occurring and the magnitude of the potential misstatement should that misstatement occur
What must an auditor do when they identify a significant risk?
They must evaluate the design and implementation of the entity’s controls in that area
What 5 inherent risk factors should be used to determine the significance of a risk?
- complexity
- subjectivity
- change
- uncertainty
- susceptibility to misstatement due to management bias or other fraud risk factors
What kind of transactions are less likely to give rise to significant risk?
Routine, non-complex transactions are less likely to give rise to significant risk than unusual transactions or matters of directors judgement
Unusual transactions are likely to have more:
- management intervention
- manual intervention
- complex accounting principles or calculations
- opportunity for control procedures not to be followed
Whilst it is less likely the entity will have controls for non-routine risks, there may still be some. The auditor should understand whether there are controls such as:
- review of assumptions by senior management or experts
- documented processes for estimations
- approval by those charged with governance
