Chapter 7: Assessing Business Risks and Linking Business Risks to the Audit Flashcards
Steps to make necessary risk assessments
1) Understand nature of client’s operations, industry, and environment it operates in, 2) Identify business risks that face company, 3) Assess the significance of identified risks, 4) Assess adequacy of controls in place to mitigate risk, 5) Perform residual risk analysis
Business risks
any risks that threaten to inhibit the company from achieving objective
What is used to assess significance of business risks?
Probability of risk materializing (relatively probable) and magnitude of loss if risk were to materialize (somewhat severe)
Residual risk analysis
auditor identifies risks that could impact f/s that are not sufficiently controlled
Organizational Business Model
framework auditors use to understand nature of clients business
Components of Organizational Business Model
1) Markets, Customers, and Suppliers, 2) Competitors, 3) Resources and Suppliers, 4) Internal Processes, 5) External Agents, 60 Strategic Partners
Products
tangible goods and services company sells
Markets
discernible segments in which organization chooses to compete
Customers
people that buy your products and services
Direct competitor
external organization targeting a similar set of markets, customers, and products
Indirect competitor
external organization that competes for customers but has different products or might target different market
Strategic Management
activities that set direction of organization
Primary Processes
most directly associated with creating value in organization
Support Processes
support primary processes and indirectly related to creation of value in organization
External Agents
groups and organizations outside of an organization that have direct impact on organization’s ability to succeed
Strategic Partners
external entities that organization has formal relationship with to advance joint objectives
Factrs of External threat analysis
1) Industry forces, 2) Macro-environmental factors
Industry Forces
1) Competitors, 2) New Entrants, 3) Substitutes, 4) Suppliers, 5) Customers
Risk of competitors
risk that existing competitors will take organization’s market share by offering superior products, better service and better prices
Risk of new entrants
risk that new competitors will enter market and reduce market share and profit margins
Risk of substitutes
risk that superior product will be developed which makes your client’s product obselete
Risk of suppliers
risk that organization could face increased costs or restricted access to required raw materials and inventory
Risk of customers
risk that customers will be able to demand unprofitably lower prices
Macro-environmental Forces
1) Political threats, 2) Economic threats, 3) Social threats, 4) Technological threats
Political threats
risk of regulatory and legal restraints on organization
Economic threats
general economic risks organization faces
Social threats
risk of customers boycotting or avoiding business because do not approve of policies relating to wide array of factors
Technological threats
risk that organization’s technology will become obsolete and impair organization’s ability to compete in industry and environment
Implications of external risks
Audit expectations, client viability, and risk of material misstatement may change
