Audit Risk M2 Flashcards
What to do if detection risk decreases?
Auditor should:
1) change the nature of substantive tests from a less effective to a more effective.
2) change the timing of the substantive tests, such as performing them at year-end rather than at an interim.
3) change the extent of substantive tests, such as using a larger sample size.
What is Control Risk assessment based on?
- Control risk should be assessed in terms of financial statement assertions.
- An auditor uses the assessed level of control risk to determine the risk of material misstatement, which in turn determines the acceptable level of detection risk for financial statement assertions.
- Inherent risk bears no direct relationship to control risk.
- DR has an indirect or inverse relationship, to CR.
What is detection risk inversely and directly related to?
- The acceptable level of detection risk is inversely related to the assurance provided by substantive tests.
- The acceptable level of detection risk is directly related to the risk of failing to discover material misstatements (audit risk).
what will the Auditor decrease if Control Risk is assessed at a high level?
- As the assessed level of control risk increases, the acceptable level of detection risk for financial statement assertions decreases.
- Tests of controls are used to assess the level of control risk.
- Inherent risk is based on the nature of the assertion and cannot be changed.
Define Audit Risk components?
- Control risk is the risk that a material misstatement that could occur in a relevant assertion will not be prevented or detected (and corrected) on a timely basis by the entity’s internal control.
- Detection risk is the risk that a Auditor will not detect a material misstatement.
- Inherent risk is the susceptibility of material misstatements assuming that there are no related internal controls, policies, or procedures.
What are some Inherit Risk factors in planning an audit?
- Derivative transactions entered into as hedges may result in an increased assessment of inherent risk.
What does an Auditor do when CR is assessed at a maximum level?
When an auditor assesses control risk at the maximum level:
- the assessment should be documented.
- more substantive tests of details would be performed.
- When control risk is assessed at maximum level, the testing of controls is typically not required, the exceptions are when the client is in a heavy IT environment.
What is the ultimate purpose of the Auditor assessing control risk?
- The ultimate purpose of assessing control risk is to contribute to the auditor’s evaluation of the risk that material misstatements exist in the financial statements.
- and that the misstatements will not be detected, corrected or prevented in a timely manner.
What type of characteristics will heighten an Auditor’s concern about the risk of material misstatement in an entity’s financial statements?
Any situations that threaten financial stability or profitability.
- For ex. decline in customer demand.
What are the 3 types of misstatements?
- Judgement misstatement: an unreasonable estimate or accounting principle application by the client.
- Factual misstatements: misstatements when there is absolutely no doubt.
- Projected misstatements: involve the auditor’s use of Auditor’s sampling, best estimate of misstatements, and application to the client’s entire population.
What is assed level of control risk used for?
- To determine the risk of material misstatement, which in turn determines the acceptable level of detection risk for financial statement assertions. Detection risk should bear an inverse relationship to control risk.
- Inherent risk, which is the susceptibility of an assertion to a material misstatement based upon the nature of the account balance or transaction class, exists independently from and bears no direct relationship to control risk.
