Ch. 6 Risk Flashcards
What does CAS 200 describe?
It describes audit risk as : the risk that the auditor expresses an inappropriate opinion when the financial statements are materially misstated. Audit risk is a function of the risks of material misstatements and detection risk.
What is audit risk?
It is the risk that an inappropriate opinion is provided on the financial statements.
AR = RMM x DR
RMM = IR x CR
What is risk of material misstatement?
It is the risk in the finanical statements prior to audit, because of the clients inherent risk (IR) and control risk (CR) - the auditor cannot control this risk but merely assesses it.
What is detection risk?
DR is the risk that the procedures performed by the auditor will not detect a material misstatement.
What is the relationship of RMM and DR?
It is an inverse relationship, if RMM is high DR must be low and vice versa.
What are the next steps once the practitioner has gained a thorough understanding of the client?
The practitioner needs to assess the RMM at both the OFSL and assertion level
How does a pracitioner gather evidence in the assessment of the RMM?
Inquire with management, the internal audit department, the BoD and the legal counsel. Perform analytical procedures over available financial information, observing and inspecting processes, controls, and significant documents.
What is considered RMM at the OFSL level?
Material misstatements that are pervasive
What are some inherent risk factors at the OFSL level?
Examples of inherent risk factors that increase RMM at the OFSL level:
- company in poor financial heal
- significant market competition that this driving prices down
- the company has never been audited before
- an upcoming purchase or sale of the company
- imposition of more stringent regulations on the industry and company
- an ipo
- employees with reliance on net income for compensation
What are some control risk factors at the OFSL level?
Examples include:
- Use of an outdated general ledger system that is no longer supported by the software system
- lack of segregation of duties
- lack of an internal audit function
- lack of general computer controls
- management has a poor attitude toward control or places little importance on control systems
- management overide controls
- lack of policies
- lack of system documentation
What are some factors that may also decrease RMM at the OFSL level?
- fewer users of the financial statements
- If the company is private
- the reverse of the above essentially
What are some procedures to address the RMM at the OFSL level?
- emphasizing professional skepticism to the audit team
- assigning more experienced staff to the audit team
- increasing supervision of the audit
- adding elements of unpredictability in audit procedures
- making changes to the nature, timing, and extent of the audit procedures
- if the company has multiple locations/branches, increasing the number of locations/branches to be tested.
What is RMM at the assertion level?
Risks that can be specifically attributed to an account.
What are inherent risk factors at the assertion level?
Some example of factors that may have an impact on inherent risk is:
- industry
- nature of business
- characteristics of an account balance or class of transaction
What are some control risk factors that impact items at the assertion level?
- Performance reviews
- information processing controls
- physical controls
- segregation of duties
