Risk Assessment Flashcards
Components of Risk
Inherent Risk:
• This is the susceptibility of an assertion to a misstatement that could
be material, either individually or when aggregated with other
misstatements, assuming that there were not related internal
controls.
The risk is greater for some assertions and related classes of transactions,
account balances, and disclosures than for others.
- Complex calculations are more likely to be misstated than simple calculations
- Accounts consisting of amounts derived from accounting estimates pose greater
risks than accounts consisting of relatively routine, factual data.
- External circumstances giving rise to business risks may also influence inherent
risk.
Control Risk: This is the risk that a misstatement could occur in an assertion that
could be material, either individually or when aggregated with other
misstatements, that will not be prevented, or detected and corrected,
on a timely basis by the entity’s internal control.
Detection Risk: This is the risk that the auditor’s procedures will not detect a
misstatement that exists in an assertion that could be material either
individually or when aggregated with other misstatements.
Detection risk is primarily the consequence of the fact that the auditor
does not, and cannot, examine all available evidence (sampling risk).
Audit Risk
AR=IRCRDR
AR=ROMM*DR
IR*CR=Risk of material misstatement
What is materiality
• Information is material if its omission or misstatement could influence the economic
decisions of users taken on the basis of the financial statements
• Both the amount (quantity) and nature (quality) of misstatements need to be
considered. E.g. lack of disclosure regarding ongoing litigation is likely to be
considered material
• To put this into practice the auditor therefore has to set his own materiality levels –
this will always be a matter of judgement and will depend on the level of audit risk.
The higher the anticipated risk, the lower the value of materiality will be.
Sampling Risk
Sampling risk is the risk that auditor’s conclusion based on a sample, may be different from the conclusion that would have been reached if the entire population were subjected to the same audit procedure.
Non-sampling risk
Non-sampling risk arises from factors that cause the auditor to reach
a wrong conclusion for any reason not related to the size of the
sample. For example, the use of inappropriate audit procedures, or
misinterpretation of audit evidence and failure to recognize an
misstatement or deviation. Factors that increase non-sampling risk involve poor planning, new client, auditors lack of experience, lack of industry knowledge, financial constraints, time pressure.
Calculate Materiality/know the benchmarks and always use lower bench marks
Process to understand the entity and environment
Step 1: Auditors should gather relevant information about entity and environment. (Gather relevant information about the entity and information).
Step 2: Auditors should perform risk assessment procedures to obtain this understanding.
Gather relevant information about the entity and
information
Auditors can understand the entity and its environment by knowing its: • Products • Markets • Accounting policies • All the revenue sources • Major customers and suppliers • Finance sources and condition • Budgets and forecasts • Key ratios
Risk assessment procedures
ISA 315 requires auditors to perform the following procedures to obtain an
understanding of the entity and its environment, including its internal control:
• Enquiries
• Analytical procedures
• Observation
• Inspection
Assessment Procedures
Profitability & Liquidity (use for going concern)
