Assessing & responding to RMM due to error or fraud Part 2 Flashcards
if I/C appears to be adequate and relevant, auditors may perform…
tests of controls
what is an error?
unintentional misstatement
what is fraud?
intentional misstatement
what are analytical procedures?
evaluations of financial information though analysis of plausible relationships among both financial and non-financial data
materiality is the threshold used by auditors to determine…
which items need to be investigated further
performing more audit procedures means…
decrease materiality threshold in response to increased RMM
high control deviation rate =…?
decrease reliance on controls, increase RMM
tolerable deviation rate
the maximum rate of deviations from a control that an auditor will accept before concluding the control is ineffective
tolerable deviation rate is calculated before…
performing tests of controls and are unlikely to be increased after testing
when are misstatements detected?
during substantive procedures
accountant may not issue a review without having..
received a signed letter of representation from management
what are the two required times to use analytical procedures?
risk assessment (planning) and overall review
what is the purpose of risk assessment
- enhance understanding of entity
- identify high risk accounts/assertions
what is the purpose of overall review?
- confirm that financial statements are consistent with overall understanding of the entity
- ensure all unexpected amounts/relationships have been explained
when it an optional time to use analytical procedures?
substantive tests (used to verify reasonableness of accounts/assertions)
requirements of examination
-provide reasonable assurance
-obtain sufficient appropriate evidence
-express opinion in written report
risk acceptance
continuing to perform audits without making any changes or taking additional precautions
risk avoidance
no longer perform audits
risk sharing
obtaining additional insurance so that insurance company shares any risk (performing joint audit with another firm)
risk mitigation
actions which lower or reduce/mitigate the risk of poor performance
what engagement can be reviewed and what is the standard?
annual F/S SSARS
single F/S SSARS
pro forma F/S SSAE
interim F/S (nonissuer) SAS/SSARS
what engagement can NOT be reviewed
Prospective F/S (projection or forecast)
I/C
compliance (laws, contracts)
testifying as an expert witness is considered consulting governed by..
Statement on Standards for Consulting Services
two types of substantive procedure
analytical procedures
tests of details
analytical procedures consist of…
- trend analysis
- ratio assesssment
- information comparison
- estimate analysis
tests of details consists of…
- bank confirmation
- invoice matching
- physical inventory observation
- management-targeted inquiries
what are the components of the fraud risk management program?
- establishes governance policies
- conduct a comprehensive risk assessment
- plan and execute preventative and detective control processes
- perform timely and confidential investigations
- monitor and assess the program, reporting the results and improving the processes
what are the reasons to test controls?
- lowers assessed RMM
- more efficient than substantive (extensive) testing
- reduce amount of substantive testing
- substantive tests cant provide audit evidence
- controls appear to be reliable/are well designed
- relevant to management assertions
- required for all issuer and nonissuer integrated audits
what are the CRAFT analytical comparisons?
Client vs industry
Related accounts
Actual vs budget
Financial vs nonfinaancial
This year vs last year
what is the incremental audit risk?
the risk of misstatements between interim period and year end