The Audit Cycle - Planning Chapter 4 Flashcards
What are the 3 types of audit risk?
inherent risk, control risk and detection risk
what is inherent risk?
there is a possibility for material misstatement in the financial statements as a result of factors inherent to the client. Example, client dealing only in cash, completeness of income may not be determined because cash is easy to steal
what is control risk?
risk of material misstatement because the company’s internal controls do not prevent or detect error. Example, Tills can record transactions and should tally up complete income but if sale not recorded it could be stolen.
what is detection risk?
Risk that the auditors procedures do not detect misstatements. Planning not completed properly and weakness in audit procedure. Example, to test completeness of income, auditor must observe cashier carrying out transactions
What is audit risk?
Risk of material misstatements
What is a disclaimer?
Very bad Audit Report
What is an engagement letter?
Contract between the auditor and the client confirming what audit work will be carried out
What are the typical contents of an engagement letter?
- objective and scope of the audit of the financial statements
- Auditors responsibilities
- managements responsibilities
- Identification of the framework required for preparing financial statements
- state the expected form and content of the auditors report
- Basis of fees
- Management representations
- Request that management to confirm receipt of the letter
3 elements of the audit strategy
Audit scope
audit timing
audit direction
what is the audit scope?
what needs to be audited - type of audit
what is audit timing?
when the audit will take place - isa 700 and book staff with required skills
what is audit direction?
general approach to audit in terms of testing methods - focuses audit on critical areas that must be audited
Risk Assessment Procedures ( 4 stages)
1. use procedures to identify risk including talking to management analytical procedure observing staff and systems reviewing prior years work
2. Obtain knowledge of the client and their internal control systems from: The client, including: industry regulations what client does clients accounting policies clients strategy
3.Internal controls including: control environment clients risk assessment procedure clients information system how controls are monitored
4. Using this information by: identifying risks assess risks errors at assertion level material misstatement?
Explain risk identification and assertion using fake company 27/4 Books
Stage 1 - Auditors talks to management about company trading for the past year
Situation: Management tells auditor that company has expanded and now has a subsidiary in another country
Stage 2 - management confirm company strategy is to expand and that the subsidiary will be accounted for using standard accounting practice.
Situation: Auditor reviews the financial statements of company and confirms the accounting treatment of the subsidiary and determining the size of the investment.
Stage 3 - Discussion shows that controls are still being tested in main business by internal auditors although controls in subsidiary are not yet determined
Situation: Auditor will attempt to obtain more information about subsidiary and their systems.This may mean going back to management for more info. Misstatements can occur due to lack of controls
Stage 4 - Auditor concludes misstatements can occur in subsidiary as there is not enough info to confirm effective controls
Situation: Auditor has identified risk that controls are poor
Assessed risk noting more info needed
determined where misstatements could occur
Determined if those statements could be material
ISA 315 Control Components (5)
1. Control Environment 2 . Entity s risk assessment process 3. Information Systems related to financial reporting 4. control activities 5 Monitoring of controls