Audit theory Flashcards
Define audit risk
(a) Audit risk is a function of the risks of material misstatement and of detection. The risk of material misstatement consists of two components: inherent risk and control risk. The audit risk model is a function of inherent risk, control risk and detection risk.
The audit risk model is described as follows. AR = f (IR, CR, DR),
Explain the three components of the audit risk model.
The audit risk model consists of inherent risk, control risk and detection risk.
Inherent risk is the probability of an assertion to material misstatement given inherent and environmental characteristics, but without regard to prescribed control procedures. Control risk is the risk that material misstatement might not be prevented or detected by internal control procedures. Detection risk is the risk that auditors substantive procedures will lead the auditor to conclude no material misstatement edict, when in fact one does.
sufficient appropriate evidence
Appropriate audit evidence - suitable evidence - relevant and reliable evidence that supports the assertion being tested etc
The auditor requires both sufficient/adequate and appropriate/suitable evidence to support the audit opinion he/she is giving
Relevnce - covers the assosiation between audit evidences and managemnt assertions in the financial statements
Reliability - Emphasises on the source and nature of audit evidence
Quantity - the amount of audit evidences which the auditor deem adequate to form an audit opinion on a reasonable basis
List and explain the 5 threats to independence.
- Self interest -auditor could benefit from a financial interest in the client (also a close family member)
- Self-review - auditor would have to re-evaluate his or her own work, which may occur when a previous judgement needs to be re-evaluated by the member reason for that judgement
- Advocacy - Auditor could promote the audit client’s point of view or position and compromises subsequent objectivity
- Familiarity - Auditor may become too sympathetic to the client’s interests which may occur because of a close relationship
- Intimidation - Auditor may be deterred from acting objectively by actual or perceived threat from client
Explain the functions of an audit committee.
Audit committees have been established primarily to:
• assist the board of directors to fulfil its legal fiduciary responsibilities
• add to the credibility and objectivity of financial reports
• enhance the independence and effectiveness of auditors
• oversee the application of appropriate accounting policies and procedures and ensure appropriate disclosure
• establish and monitor corporate policies to prohibit unethical or illegal activities
• establish and monitor effective internal and management controls
• provide a communication link between management, auditors and the board
Analytical procedures and how they’re used in audit
Analytical procedures are used:
* to assist the auditor in planning the nature, timing, and extent of other audit procedures
* as a substantive procedure
* as an overall review of the financial report in the final review stage of the audit. The three ways in which analytical procedures can be calculated are :
1. Ratio Analysis
2. Trend Analysis
3. Statiscal Analysis (Reasonableness Testing)
The auditor must apply analytical procedures at the planning stage to aid understanding the business and identifying areas of potential risk (ISA 315.6). The auditor must apply analytical procedures at or near the end of the audit when drawing a conclusion as to whether the financial report as a whole is consistent with the auditor’s knowledge of the business (ISA 520.6).
In addition, the auditor may use analytical procedures as a substantive test of transactions or balances, if they consider it as part of gathering sufficient appropriate audit evidence.
Assertions about classes of transactions
- Occurrence: Transactions and events recorded have happened and relate to the entity
- Completeness: All transaction and events that should be recorded are all included
- Accuracy: Transactions and events recorded have been accounted for in the books at the appropriate amount
- Cut-off: Transactions and events recorded are accounted in the correct accounting period
- Classification: Transactions and events have been recorded in the proper accounts
- Presentation: Transactions and events recorded are disclosed appropriately in the financial statements
Assertions about account balances sheet
- Existence: Assets liabilities and equity Exist - are actually there
- Rights and obligations: The entity holds or controls the rights to assets and liabilities are an obligation of the entity
- Completeness: All assets, liabilities and equity that should be recorded ha been
Nothing is omitted - Valuation and allocation: Assets liabilities and equity included at the appropriate amount
- Classification: Assets, liabilities and equity interest have been recorded in proper accounts
- Presentation; Assets, liabilities and equity interests are appropriately aggravated-relevant and understandable
Fundamental ethical principles
- Integrity - honest, trustworth, and maintain strong moral principles
- Objectivity - make unbiased ecsiions based on facts and professional expertise
- Professional competence and due care - continuously improve skills and provide dilligent services
- Confedentiality - repect privacy and portect sesnitive information
- Professional behaviour - maintain porfessionalism, treat others with respect and uphold the reputation of the profession
What does an auditor do when they identify a significant fluctuation in the analytical review process.
The auditor must apply analytical procedures at the planning stage to aid understanding the business and identifying areas of potential risk
The auditor must apply analytical procedures at or near the end of the audit when drawing a conclusion as to whether the financial report as a whole is consistent with the auditor’s knowledge of the business
In addition, the auditor may use analytical procedures as a substantive test of transactions or balanced if they consider it as part of gathering sufficient appropriate audit evidence
Why does an auditor need to consider the client’s corporate governance as part of the preliminary risk assessment?
he issues considered by the auditor during the preliminary risk assessment about corporate governance include: board structure, listing status, audit committee - overall is governance likely to be effective? Effective corporate governance ensures that companies are well managed and achieve their objectives. In particular, good corporate governance will be effective at identifying and controlling risks, including the risk of material misstatement in the financial report. An auditor will be interested in whether the corporate governance system at the client will be more effective in reducing risk in the financial report.
Why does an auditor need to understand a client’s IT system? Explain how IT issues affect the financial report
IT is part of a company’s accounting process, from transaction initiation to the financial report. SA 315 required the auditor to gain an understanding of the client’s IT system and its associated risk. IT benefits an entity’s internal controls but also poses ecological risks to that internal control. For example, It allows an entity to consistently perform complex calculations in processing large volumes of transactions or data. However if that processing is inaccurate, reliance on those systems would be inappropriate because of the risk of material misstatement in the entity’s financial report. The auditor needs to understand where the risk of inaccurate processing lies within the IT system and whether the client has other controls (e.g. manual controls or other automated controls) over processing systems which would provide greater assurance that the reported figures are accurate.
Explain the functions of an audit committee.
(a) An audit committee is a sub-committee of the board of directors and usually consists solely or mainly of non-executive directors.
Audit committees have been established primarily to:
* assist the board of directors to fulfil its legal fiduciary responsibilities
* add to the credibility and objectivity of financial reports
* enhance the independence and effectiveness of auditors
* oversee the application of appropriate accounting policies and procedures and ensure appropriate disclosure
* establish and monitor corporate policies to prohibit unethical or illegal activities
* establish and monitor effective internal and management controls
provide a communication link between management, auditors and the board
What does an auditor do when they identify a significant fluctuation in the analytical review process.
The auditor must apply analytical procedures at the planning stage to aid understanding the business and identifying areas of potential risk
The auditor must apply analytical procedures at or near the end of the audit when drawing a conclusion as to whether the financial report as a whole is consistent with the auditor’s knowledge of the business
In addition, the auditor may use analytical procedures as a substantive test of transactions or balanced if they consider it as part of gathering sufficient appropriate audit evidence
The difference between a business risk and inherent risk
Business Risk
‘Business risk’ is defined as: The risk that an entity’s business objectives will not be attained as a result of the external and internal factors, pressures and forces brought to bear on an entity and, ultimately, the risk associated with the entity’s survival and profitability.
Requires extensive knowledge of the client’s business and industry.
IR = Inherent risk which is the risk than an error will occur for a giver assertion, assuming that there are no related internal control structure policies or procedures
Everything that is inherent risk is business risk, but not everything that is business risk is inherent risk