Risk Assessment Flashcards
Procedures of audit in steps
- Plan the audit
- Understand entity
- Assess the risk
4 select appropriate procedures according to risk
CASE 1. If auditor has expectation that controls will operate effectively - TOC, if unsatisfactory go to step 7
- Reduced substantive procedures
CASE 2: if auditor does not have expectation that controls operate effectively - Report to TCWG
- Full substantive procedures
- Overall review of FS
- Auditors report
Overall objective of auditor
To obtain reasonable assurance that
Financial statements as a whole are free from material misstatement
Either due to error or fraud
And enable the auditor to express opinion on
Whether fs are prepared according to applicable FR framework
And report on fs
and communicate as required by ISA
Professional skepticism definition
An attitude that includes a questioning mind
Being alert to conditions that cause material misstatement
Critical assessment of audit evidence
What all should the auditor be alert to?
- Audit evidence that contradicts others
- Conditions that indicate fraud
- Information that brings into question reliability of documents
- Circumstances that demand for additional audit procedures
Professional judgment definitions
Application of relevant skill, knowledge and experience in making informed decisions about courses of action appropriate for the audit engagement
What areas require professional judgement?
- Determine the level of risk and setting materiality
- Determining the extent, timing and nature of audit procedures to be performed
- Evaluating whether sufficient appropriate evidence has been obtained
4.drawing conclusions based on the evidence obtained - Evaluating management’s judgement in the application of the applicable fr framework
Risk based approach meaning
- Analysing client’s business, transaction and systems that could lead to material misstatement
- Direct audit testing to risky areas
Audit risk definition
Risk that auditor expresses an inappropriate audit opinion when fs are materially misstated
Types of audit risk
- Inherent risk
- Control risk
- Detection risk
A. Sampling risk
B. non sampling risk
Inherent risk defintion
Susceptibility of an assertion about a class of transaction, account balances, disclosures to misstatement, material either individually or in aggregate before considering internal controls
Factors affecting inherent risk
- Nature of risk
- Industry in which the client operates
- Any regulations it is subject to
4 whether financial statement includes
A. Complex calculation
B. complex accounting standards
C. Amounts derived from accounting estimates
Control risk definition
Is a risk that a material misstatement could occur due to an assertion about a class of transaction, account balances or disclosure that could be material individually or in aggregate will not be prevented or detected and corrected on a timely basis bi entity’s internal control
What is detection risk
The risk that auditor fails to detect through procedures to reduce audit risk to an acceptably low level a misstatement that could be material individually or in aggregate
2 types of detection risk
A. Sampling risk: risk associated to the fact that the auditor does not and cannot examine all available evidence and only perform audit procedures on a sample. There is always risk that conclusion drawn from sample is not appropriate for the whole population.
B. Non sampling risk: risk that auditor doesnot detect material misstatement due to factors other than sampling risk
Factors that increase non sampling risk
- Auditors inexperience
- Time pressure
- Financial constraints
- Poor planning
- New client
- Lack of industry knowledge
Materiality meaning
Information is material if its omission or misstatement is reasonable expected to influence the economic decisions of users taken based on financial statements
The materiality is based on judgement of auditor and the level of risk. Lower the risk, higher the materiality
The 2 aspects of materiality
- Quantitative materiality
- Qualitative materiality
Which all areas does materiality affect?
- Nature, timing and extent of audit procedures required: lower materiality, higher work needed
- Whether to use sampling techniques
- Whether to make adjustments to financial statements or modify auditors report
Percentages and benchmarking for setting materiality of financial statements as a whole
Revenue=0.5-1%
Total assets=1-2%
PBT=5-10%
Performance materiality
The amount/ amounts set by auditor using judgement less than the materiality of financial statements as a whole for particular classes of transactions, account balances and disclosures due to transactions in aggregate becoming material
When to revise materiality during audit
Due to events during audit, new informations, change in auditors understanding due to further audit procedures
Schedule of unadjusted differences
The materiality of aggregate unadjusted misstatements should be assessed amd documented in schedule of unadjusted differenced
What all things about materiality should be recorded
- Materiality of financial statements as a whole
- Performance materiality
- Materiality of particular classes of transaction, account balances and disclosures
- Any revision on materialit
Auditors objective in risk assessment
Identify and assess risk of material misstatement due to fraud or error at financial statement and assertion level and providing basis for designing and implementing response for the assessed risk
Risk assessment procedure must include
1.inquiries of management
2. Analytical procedures
3. Observation and inspection
Examples of use of automated tools and techniques
1.use of remote observation tools for assessing certain assets
2. Auditors can obtain digital downloads of accounting records and perform data analytics to prioritise high risk data
3. Data analytics can also be performed to identify data posted put of normal hours or by staff who doesn’t normally post such data
4. Entire transactions are assessed to identify data that have higher inherent risk
5. To assist the auditor, key messages are shown in dashboard which highlights significant matters
2 main types of risk
- Risk at financial statement: pervasive to fs and may affect any assertion.
Eg: poor management system could affect all areas of financial statement - Risk at assertion level: are more specific.
Eg: company which keeps inventory at different locations have inherent risk of not counting all its inventory
Auditor must have understanding of these 3 things
- Entity and its environment
- Applicable fr framework
- Entity’s system of IC
Understanding entity and its environment
- Organisational structure, ownership
- Industry and regulations
- Measures to assess entity’s financial performance
- Inherent risk
5 elements of understanding entity’s internal control
- Control environment
- Control activities
- Entity’s risk assessment
- Entity’s process to monitor
- Information system and communication
Entity’s risk assessment process
- Identify business risk
- Assess significance of risk
3 addressing risks
Auditor then evaluates whether the risk assessment process is appropriate according to the complexity of entity
5 inherent risk factors
- Complexity :
lots of complex regulations, complex transactions, complex alliances, complex accounting measurements - Subjectivity: wide range of accounting estimates, management choice of valuation techniques
- Change: economic conditions, market, business model, industry model, customer loss, geography, IT
- Uncertainty : estimation uncertainty, litigation uncertainty, contingent liability
- Susceptibility to MM due to management bias/ fraud: opportunities for fraud, transactions with related parties, non routine transactions
Entity’s process to monitor IC
- Hoe effective control is
- How entity remedies deficiency
- Source of information used to monitor control
Analytical procedures
Analysis of a relationship to identify inconsistencies and unexpected relationships
Used in risk assessment procedures as well as source of substantive evidence
Analytical procedure includes following type of comparison
- Prior periods
- Budgets and forecast
- Industry information
- Predictive estimates
- Relationship between elements of financial statements
- Relationship between financial and non financial information
ROCE
=PBIT/Share capital + reserves + Non current Liabilities
Net profit margin
= PBIT/ Revenue
Asset turnover ratio
= Revenue/ SC+reserves+ NCL
Gross Profit margin
= gross profit/ revenue
Profitability ratios
- ROCE
- Asset turnover
- Net profit margin
- Gross profit margin
Current rato
- Current assets/ Current Liabilities
Quick assets
= quick assets ( current assets- inventory)/ current liabilities
Inventory holding period
=inventory/ cost of sales*365
Receivables collection period
=trade receivables/ credit sales*365
Payables payment period
= trade payables/credit purchase*365
Liquidity ratio
- Current ratio
- Quick ratio
- Receivables collection period
- Inventory holding period
- Payables payment period
Gearing ration
Debt to equity ratio= interest bearing debt/ sc+ reserves
Interest coverage ratio= PBIT/ finance cost
Significant risks
An identified risk of material misstatement that is to be treated as significant risk in accordsnce with the ISAs ( wrt spectrum of inherent risk)
Eg: unusual and complex transactions and matters where prof judgement is req
Risk that inventory has lower NRV than cost and hence INVENTORY IS OVERSTATED
- Examine instructions of inventory count to slow moving inventory
- Emphasis on analysis of aged inventory to identify slow moving inventory
- Ascertain sales value of post year end sales of item in year end inventory to check if NRV is higher than cost
Risk that assets are more susceptible to theft hence INVENTORY DOES NOT EXIST
- Check internal control over assets ( physical control to prevent theft)
- Increase sample size to ensure material assets are verified
Audit risk: increased risk of revenue expenditure being classified as capital or vice versa
Example: an extensive refurbishment of nca, where judgement is to be used for understanding nature of work whether it is repair or enhancement
Response
1. Obtain a breakdown of the costs
2. Review accounting entry to ensure classification is done right
3. Detailed review of repairs account to check anything to be added to non current asset
4. Review FAR to ensure only capital items are included
Increased risk of incomplete/ unrecorded income due to fraud or error
Example: large amount of cash held before banking
Response
1. Perform analytical procedures to compare actual and expected revenue
2. If retail client, perform or reperform reconciliation of a sample of till record to actual banking records
Audit risk: receipts significantly in advance of providing service/ goods increasing the risk of revenue recorded in the wrong period
Eg: reservation fees: contracts spanning years, advance
Response
1. For a sample of revenue pre year end, agree transactions to pre year end sales by referring to contract
2. Trace post year end transactions to supporting contracts
3. For a sample of contracts check if revenue was recorded in the correct time period
4. Perform analytical procedure and compare monthly revenue to budgeted revenue
Audit risk: payments made in advance of goods and services delivery leading to overstatement or understatement of costs or liabilities
Response
1. Review post year end bank statement for amounts relating to current year liabilities
2. For a sample of documents showing the date of delivery of goods/ services pre or post year end, verify cost and liability was recorded in the correct period
