Planning and Risk Assessment (1)

Question 1

Why understanding the client is important

The knowledge of the client’s business can be used to:

• Assess the level of risk posed by this client.
• Assess the controls in place to reduce the level of audit risk
• Identify any further significant risks
• Plan an appropriate, efficient audit.

Answer 1

• Assess the level of risk posed by this client.
• Assess the controls in place to reduce the level of audit risk
• Identify any further significant risks
• Plan an appropriate, efficient audit.

Question 2

1. An overview of audit and risks

3 steps (3,1,1)

Answer 2

1. Risk Assessment

• Understand the client
• Identify risk & strategy
• Assess risk & materiality

2. Respond to risks identified

• Execute & evidence

3. Reporting

• Form an opinion

Question 3

Risk Assessment: (I) Understanding The Audit Client

Identify places of potential misstatements at 3 different levels

First Level is called?

What questions does it raise? (7)

Answer 3

Entity Level

• What does the client do? (Nature of business)
• Where is the business done? (Geographical spread)
• Regulation – Accounting policy
• Who are the key customers?
• Who are the key stakeholders?
• Competence of key staff?
• Are suitable systems and controls in place? – Management decisions

Question 4

Risk Assessment: (I) Understanding The Audit Client

Second Level is called?

What pressures is it concerning? (5)

Answer 4

Industry Level:

• Competition: Evaluating the client’s competitive environment.
• Reputation: Considering the client’s market reputation.
• Demand for goods/services: Understanding market demand.
• Shareholder expectations: Factoring in what shareholders want.
• Other pressures: Analyst expectations and other external pressures.

Question 5

Risk Assessment: (I) Understanding The Audit Client

Third Level is called?

What things is it considering? (2)

Answer 5

Broader Economic Level:

• Interest rates & Foreign exchange rates: Assessing the impact of economic factors.
• Government support & regulation: Considering regulatory and policy impacts.

Question 6

Risk Assessment: (I) Understanding The Client

Sources of information: (3 types, 4,4,3)

Answer 6

External:

• companies house,
• banks,
• credit reference agencies,
• government statistics

Client:

• discussions with management,
• board minutes,
• previous financial statements,
• budgets

Prior knowledge:

• audit files,
• engagement team members,
• communication with previous auditors.

Question 7

Engagement Risk

What is vital in order to perform an effective audit?
What might higher risk mean?
Define engagement risk

What 3 types of risk can engagement risk be divided into?

Answer 7

• It is vital to analyse the risk posed by acceptance of a particular client, in order to perform an effective audit.
• Higher risk may mean more audit evidence is required.
• The overall risk associated with an audit engagement is called engagement risk.

Engagement risk can be subdivided into three separate types of risk:

(i) client’s business risk
(ii) auditor’s business risk
(iii) audit risk

Question 8

Engagement Risk: (i) Client’s Business Risk

What risk is this associated with (2)
Risk results from (2)

Answer 8

This is the risk associated with conditions, circumstances, events that impair management’s ability to do business:

• Profitability: How likely it is for the company to remain profitable.
• Survival: The company’s ability to continue operating, considering economic conditions, competition, and internal management challenges.

Risk results from:

• Actions and inactions
• Inappropriate objectives & strategies

Question 9

Engagement Risk: (ii) Auditor’s Business Risk

What is it?
Business risk exist even if?
May audit correctly but?
Auditors business risk cannot?
However?

Answer 9

This is the auditor’s exposure to loss or injury to professional practice from litigation, adverse publicity or other events arising in connection with financial statements audited and reported on.

• Business risk may exist even if no misstatements
• May audit correctly, but still be sued
• Auditor’s business risk cannot be directly controlled by the auditor BUT
• It can be reduced by careful consideration of the acceptance and continuance of clients.

Question 10

Engagement Risk: (iii) Audit Risk

What is it?
What is the audit risk model?

Answer 10

This is the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.

The audit risk model is widely used to help understand audit risk:

AR is a function of  IR, CR, DR
		    AR  =  IR X CR X DR

where:

AR=audit risk
IR=inherent risk
CR=control risk
DR=detection risk.

Question 11

Audit Risk – (i) Inherent Risk

What is it?

3 levels?

Answer 11

Auditor’s assessment of the likelihood that information in the financial statements will be materially misstated, regardless of the internal controls.

Industry or Sector Level:

• Assessing risks specific to the industry, like oil exploration, which might have unique regulatory, environmental, or market risks.

Entity Level:

• Evaluating risks particular to the company itself, such as being a takeover target, which might affect management decisions, financial stability, and reporting.

Balance Level:

• Examining risks associated with specific account balances, like historical stock or cash discrepancies, which could impact overall financial accuracy.

Question 12

Audit Risk – (ii) Control Risk

What is it (2)
Examples (3)

Answer 12

What the client does to reduce the inherent risks, e.g. put in place appropriate information and internal control systems:

If measures have been taken, and they are effective, control risk will be lower.

E.g.

• Oil Exploration: Implementing controls over measurement to ensure accuracy.
• Takeover Target: Ensuring consistency in policies to avoid discrepancies.
• Previous Stock/Cash: Using physical controls to secure assets and prevent fraud.

Question 13

Audit Risk – (iii) Detection Risk

What is it?

Who’s control is it under and what is it determined by?
What will happen if the other 2 risks are high?

What are elements of detection risk (2)

Answer 13

The risk that audit procedures won’t pick up any material errors in the financial statements.

This is under the auditor’s control, and determined by the extent of inherent and control risk.

Generally the auditor will want the overall Audit Risk to be low, so if Inherent Risk and Control Risk are high, will force Detection Risk low by performing more tests.

Remember: AR = IR x CR x DR

These are elements of detection risk:

Sampling risk

• audit gives incorrect opinion because sample chosen for testing does not reflect the population as a whole.

Non-sampling risk

• auditor gives incorrect opinion for any other reason, e.g. the test chosen was inappropriate for the risk, or the auditor did not understand the client’s business, etc.

Question 14

Materiality - Judgement

Materiality is a matter of ________________:

An amount that ‘could influence the economic decisions of users’ is _____________, depending on the user.

An audit does not attempt to give _____________ assurance, but ‘_____________’ assurance

Materiality can be _______________ or _______________

Answer 14

Materiality is a matter of judgement:

An amount that ‘could influence the economic decisions of users’ is subjective, depending on the user.

An audit does not attempt to give absolute assurance, but ‘reasonable’ assurance

Materiality can be quantitative or qualitative

Question 15

Materiality: (I) Planning Level

Decide what to consider as material at the start of an audit: (2)

Plan an audit. Collect evidence

• Auditors can change _____________ _____________ of _______________

Answer 15

Decide what to consider as material at the start of an audit:

• Which accounts have changed the most
• Consider an amount above which is material

Plan an audit. Collect evidence

• Auditors can change preliminary assessment of materiality

Question 16

Materiality: (ii) Financial Statements Level

Entire financial statements level: (3)

Assess materiality @ different levels, for example: (2/2,2)

Answer 16

Entire financial statements level:

• errors or irregularities
• individually or in aggregate
• not presented fairly according to framework (IFRS)

Assess materiality @ different levels, for example:

1. Profit & loss statement

• Revenues & expenses
• Profit

2. Balance sheet

• Assets
• Liabilities

Question 17

Materiality: (iii) Account Balance Level.

• Assess materiality at different class or account levels: E.g. sales
• Again, consider _________ and ______ of materiality. May be ______________ ________________ but material to the __ as a whole.
• Aggregated with other ______________ __________ balances

Answer 17

• Assess materiality at different class or account levels: E.g. sales
• Again, consider nature and size of materiality. May be immaterial individually but material to the FS as a whole.
• Aggregated with other misstated account balances

Question 18

2. Materiality And Risk

• The overall materiality level is a measure of ___________ of the audit of the financial statements
• Higher _______ ____, lower _____________ ____.
• A low _____________ _________ implies _____ ____ for that particular category, and vice versa.

Answer 18

• The overall materiality level is a measure of precision of the audit of the financial statements
• Higher audit risk, lower materiality set.
• A low materiality figure implies high risk for that particular category, and vice versa.

Question 19

Tolerable Error

What is it?

Common benchmarks are?

Answer 19

Materiality concerns the financial statements in total; tolerable error is the amount of materiality allocated to an account or class of transactions.

Common benchmarks are 2-15% of the account