AUD 1.11 - AUDIT RISK, FRAUD, AND ERRORS Flashcards
1.11 - Audit Risk, Fraud and Errors:
Even though an audit is well planned and properly executed, a material misstatement due to fraud may not be detected. This may be due to:
I. Fraud may involve collusion or false documentation making it more difficult to detect.
II. Auditing employs the use of sampling and a sample without evidence of fraud may not be representative of the population.
III. The evaluation of fraud risk factors requires the application of judgment and is not precise.
A) I, II, and III
B) I, and II only
C) II and III only
D) I and III only
A) I, II, and III
Even a properly planned and performed audit may not detect a material misstatement resulting from fraud because of concealment aspects of fraudulent activity, including the fact that fraud often involves collusion or false documentation and the need to apply professional judgment in the identification or evaluation of fraud risk factors and other conditions.
In addition, since an audit involves the use of sampling, it is possible that a sample may not have all of the characteristics of the population, causing the auditor to overlook a fraudulent misstatement.
1.11 - Audit Risk, Fraud and Errors:
Which of the following audit risk components may be assessed in non-quantitative terms?
A) Control risk and detection risk
B) Control risk, detection risk, and inherent risk
C) Detection risk
D) Control risk and inherent risk
B) Control risk, detection risk, and inherent risk
Control risk and inherent risk are components of the risk of material misstatement (RMM). RMM and detection risk are components of audit risk.
All may be expressed in quantitative or non-quantitative terms.
1.11 - Audit Risk, Fraud and Errors:
Which of the following statements is correct regarding the auditor’s consideration of the possibility of noncompliance (illegal acts) by clients?
A) The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance that no compliance (illegal acts) have been committed by clients.
B) If specific information concerning noncompliance (illegal acts) comes to the auditor’s attention, the auditor should apply audit procedures specifically directed to ascertaining whether an illegal act has occurred.
C) If an illegal act has occurred, the auditor should express a qualified opinion or an adverse opinion on the financial statements taken as a whole.
D) The auditor’s training, experience, and understanding of the client should be used to provide a basis for the determination as to whether noncompliance (illegal acts) has occurred.
C) If an illegal act has occurred, the auditor should express a qualified opinion or an adverse opinion on the financial statements taken as a whole.
When the auditor has reason to believe that an illegal act may have occurred, the auditor should perform procedures to determine if, in fact, it has and, if so, whether or not it is more than inconsequential.
The auditor is concerned about noncompliance (illegal acts) that are potentially consequential to the financial statements, not all illegal acts.
Although the auditor’s qualifications may increase the likelihood that illegal acts will be detected, they alone are not a sufficient basis for evaluating whether or not illegal acts have occurred.
The occurrence of an illegal act will only affect the auditor’s opinion if, as a result, the financial statements are materially misstated.
1.11 - Audit Risk, Fraud and Errors:
Control risk should be assessed in terms of
A) Specific control procedures
B) Control environment factors
C) Financial statement assertions
D) Types of potential misstatements
C) Financial statement assertions
Control risk is the possibility that the client’s internal controls will not prevent or detect a material misstatement on the financial statements.
A misstatement on the financial statements occurs when one or more of management’s assertions is contradicted by audit evidence.
As a result, control risk is assessed in terms of whether controls will provide reasonable assurance that management’s assertions are valid.
1.11 - Audit Risk, Fraud and Errors:
Which of the following is a step in an auditor’s decision to assess control risk below the maximum level?
A) Identify specific internal policies and procedures that are likely to detect or prevent material misstatements.
B) Apply analytical procedures to both financial data and nonfinancial information to detect conditions that may indicate weak controls.
C) Perform tests of details and account balances to identify potential errors and irregularities.
D) Document that the additional audit effort to perform tests of controls exceeds the potential reduction in substantive testing.
A) Identify specific internal policies and procedures that are likely to detect or prevent material misstatements.
An auditor would lower control risk below the maximum level if, based on the understanding of internal control, there appear to be controls that he or she could rely on to detect or prevent material misstatements. By relying on those controls, the auditor could reduce the amount of substantive testing and so improve the efficiency of the audit.
1.11-Audit Risk, Fraud and Errors:
Which of the following procedures would be most effective in reducing attestation risk?
A) Analytical procedures
B) Examination of evidence
C) Inquiries of senior management
D) Discussion with responsible individuals
B) Examination of evidence
Examination of evidence would be most effective in reducing attestation risk, which, similar to audit risk, is the risk that the CPA will not identify and report on something that should be identified and reported upon.
Types of audit evidence may include discussions with responsible individuals, inquiries of senior management, and the performance of analytical procedures.
1.11 - AUDIT RISK, FRAUD, AND ERRORS
DETECTION RISK:
Def =
Relationship to CR and AR =
AR = 6% IR = 80% CR = 75% RMM = 60% DR = \_\_\_\_
Detection Risk - the risk of not detecting material misstatement during audit. The only risk auditor can control.
Auditor assesses Control Risk (CR) in order to set level of Detection Risk (DR) to achieve desired Audit Risk (AR)
DR = AR/(CR+IR) or
DR = AR/RMM
=> CR up DR down or
=> CR down DR up
AR = 6% IR = 80% CR = 75% RMM = 60% DR = \_\_\_\_
DR = AR/RMM
=> 6%/60% = 10%
1.11 - AUDIT RISK, FRAUD, AND ERRORS
MISSTATEMENTS refers to any of the following
- D
- O
- D
- O
- DIFFERENCE between amounts/class/presentation that should be GAAP.
- OMMISSION of any F/S elemen/account/or item
- DISCLOSURE of F/S not presented in accordance with GAAP.
- OMISSION of info required to be disclosed in accordance with GAAP
1.11 - AUDIT RISK, FRAUD, AND ERRORS
MISSTATEMENTS should not just be evaluated quantitatively, but QUALITATIVELY:
- P
- L to I
- S
- C
MISSTATEMENTS QUALITATIVELY evaluated:
- Affects trends of PROFITABILITY
- Changes LOSSES to INCOME
- Affects SEGMENT information
- Affects COMPLIANCE with legal and contractual requirements.
1.11 - AUDIT RISK, FRAUD, AND ERRORS
Because of the risk of material misstatement, an audit of financial statements in accordance with generally accepted auditing standards should be planned and performed with an attitude of
A) Objective judgment
B) Impartial conservatism
C) Professional skepticism
D) Independent integrity
C) Professional skepticism
GAAS require the auditor to plan and perform the audit with an attitude of professional skepticism, which includes the need to maintain objectivity in applying judgments throughout the audit.
The auditor is required to be independent and to act with integrity in the performance of the engagement in order to meet the auditor’s responsibility to the users of financial information, but not specifically due to the risk of material misstatement and there is no requirement that an auditor apply impartial conservatism.
1.11 - AUDIT RISK, FRAUD, AND ERRORS
Detection risk differs from both control risk and inherent risk in that detection risk.
A) Can be changed at the auditor’s discretion
B) Exists independently of the financial statements
C) Arises from risk factors related to fraud
D) Should be assessed in non-quantitative terms.
A) Can be changed at the auditor’s discretion
Detection risk is the risk that a material misstatement will not be detected by the performance of an audit procedure.
This can be changed by the auditor by changing the nature, timing, or extent of audit procedures applied.
The more effective the audit procedures, for example, the lower detection risk will be. It is affected by the audit, not independent of it.
Inherent risk and control risk arise from risk factors relating to frau d.
Detection risk can be assessed in quantitative or nonquantitative terms.
1.11 - Audit Risk, Fraud and Errors:
In a financial statement audit, inherent risk is evaluated to help an auditor assess which of the following?
A) The risk that the audit procedures implemented will not detect a material misstatement of a financial statement assertion.
B) The risk that the internal control system will not detect a material misstatement of a financial statement assertion.
C) The internal audit department’s objectivity in reporting a material misstatement of a financial statement assertion it detects to the audit committee.
D) The susceptibility of a financial statement assertion to a material misstatement assuming there are no related controls.
D) The susceptibility of a financial statement assertion to a material misstatement assuming there are no related controls.
Inherent risk is the susceptibility of an item to material misstatement assuming there are no internal controls to prevent it.
The internal audit department’s objectivity is a factor in evaluating control risk, not inherent risk.
Control risk, not inherent risk, is the risk that internal controls will not prevent or detect and correct a material misstatement on a timely basis.
The risk that audit procedures will not detect a material misstatement is detection risk, not inherent risk.
1.11 - Audit Risk, Fraud and Errors
When assessing control risk at below the maximum level, an auditor is required to document the auditor’s understanding of the
I. Entity’s control activities that help ensure management directives are carried out.
II. Entity’s control environment factors that help the auditor plan the engagement.
A) I only
B) Neither I nor II
C) II only
D) Both I and II
D) Both I and II
Assessing control risk below maximum indicates that the auditor believes that internal controls can be relied upon to reduce the risk of material misstatement.
The auditor would document the understanding of internal control, which will include the control activities that ensure that management’s directives are carried out and factors in the entity’s control environment that are expected to be effective.
1.11-Audit Risk, Fraud and Errors:
Which of the following circumstances most likely would cause an auditor to suspect that there are material misstatements in an entity’s financial statements?
A) Supporting accounting records and files that should be readily available are not produced promptly when requested.
B) Senior financial management participates in the selection of accounting principles and the determination of significant estimates.
C) Senior management has an excessive interest in upgrading the entity’s information technology capabilities.
D) Related party transactions take place in the ordinary course of business with an entity that is audited by another CPA firm.
A) Supporting accounting records and files that should be readily available are not produced promptly when requested.
When records are not produced promptly upon request, there is the risk that the client is altering or producing the documents to conform to information on the financial statements.
Senior financial management should be involved in the selection of accounting principles and it does not create a fraud risk factor.
Related party transactions are not an indication of a misstatement but must be properly disclosed.
Upgrading the entity’s IT capabilities can improve the reliability of the financial reporting process and is not an indication of a potential material misstatement.
1.11 - Audit Risk, Fraud and Errors:
Which of the following is a step in an auditor’s decision to assess control risk below the maximum level?
A) Document that the additional audit effort to perform tests of controls (ToC) exceeds the potential reduction in substantive testing
B) Apply analytical procedures to both financial data and nonfinancial information to detect conditions that may indicate weak controls.
C) Identify specific internal control policies and procedures that are likely to detect or prevent material misstatements.
D) Perform tests of details of transactions and account balances to identify potential errors and irregularities.
A) Document that the additional audit effort to perform tests of controls (ToC) exceeds the potential reduction in substantive testing
An auditor would lower control risk below the maximum level if, based on the understanding of internal control, there appear to be controls that he or she could rely on to detect or prevent material misstatements.
By relying on those controls, the auditor could reduce the amount of substantive testing and so improve the efficiency of the audit.