chapter 4€¦ · chapter overview lo# 1 4-2 this chapter will help you understand the audit risk...
TRANSCRIPT
Chapter 4
Risk Assessment
Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Chapter OverviewLO# 1
4-2
This chapter will help you understand the audit risk model and the auditor’s risk assessment process.
Audit RiskThe risk that an auditor expresses
an inappropriate audit opinion when the financial statements are
materially misstated.
LO# 1
4-3
In simple terms, audit risk is the risk that an auditor will issue an unqualified opinion on materially misstated financial
statements.
Audit Risk
Financial statement level
Individual account balance or disclosure
level
LO# 1
Assertion level
مستوى التأكد
4-4
While the auditor is ultimately concerned with audit risk at the financial statement level, as a practical matter audit risk must beconsidered at the account balance and disclosure levels. Wewill use the term assertion to refer to consideration of audit risk at even lower levels.
The Audit Risk Model LO# 2
4-7
Inherent risk (IR). The susceptibility of an assertion in anaccount or disclosure to a misstatement due to error orfraud that could be material, either individually or incombination with other misstatements, before consideration of any related controls.
المعين حساب رصيد من التأكد عند القابلية بأنها المتالزمة المخاطر تعرف
أو خطأ من ناتجة صحيحة غير بيانات لوجود المعامالت من معين نوع أو
مع وذلك أخرى أخطاء مع اجتمع إذا أو بمفرده جوهريا يكون قد احتيال
”به تتعلـق الداخلية للرقابة إجراءات وجود عدم
The Audit Risk ModelLO# 2
4-8
Control risk (CR). The risk that a misstatement that could occur in an assertion about an account ordisclosure and that could be material, either individually or in combination with other misstatements, will not beprevented, or detected and corrected, on a timely basis by the entity’s internal control.
أحد في خطأ حدوث عن الناتجة المخاطر“ بأنها الرقابية المخاطر تعرف
مع اجتمع إذا جوهريا يكون قد ، المعامالت من معين نوع في أو األرصدة
أو منعه يمكن وال المعامالت من آخر نوع أو أخرى أرصدة في خطأ
الداخلية الرقابة إجراءات طريق عن مناسب وقت في اكتشافه
The Audit Risk ModelLO# 2
4-9
Detection risk (DR) is the risk that the procedures performed by the auditor will not detect a misstatement that exists and that could be material, either individually or in combination with other misstatements.
المراجعة إجراءات أن في المتمثلة المخاطر“ بأنها االكتشاف مخاطر تعريف تم
في أو األرصدة أحد في خطأ وجود عدم مؤداها نتيجة إلى بالمراجع تؤدي قد
ويكون موجودا الخطأ هذا فيه يكون الذي الوقت في المعامالت من معين نوع
.المعامالت من آخر نوع أو أخرى أرصدة في أخطاء مع اجتمع إذا جوهريا
The Audit Risk Model
Audit Risk = IR CR DR
Inherent risk and control risk:Risk of material misstatement
Nonsampling risk
Sampling risk
Detection risk:Risk that auditor will not detect misstatements
Inappropriate audit procedure Improper or incomplete use of an audit procedure Misinterpreting audit results
LO# 2
4-10من العمليات% 100ال يمكن اختبار
Engagement Risk
An auditor’s exposureto financial loss and
damage toprofessional reputation.
Litigation
Adverse publicity
LO# 2
Local audit failure …
4-11
Using the Audit Risk Model Set a planned level of audit risk such that an opinion can be issued on the financial statements. Assess the risk of material misstatement (IR x CR). Use the audit risk equation to solve for the appropriate level of detection risk:
AR = IR CR DR
DR = ARIR CR
Auditors use this level of detection risk to design audit procedures that will reduce audit risk to an acceptable level.
LO# 3
4-12
Limitations of theAudit Risk Model
Preliminary Assessment Level of Risk
Actual or Achieved Level of Risk
LO# 3
+ / –
The audit risk model is a planning tool, but it has some limitations that must be considered when the model is used to revise an audit plan or to evaluate audit results. • The desired level of audit risk may not actually be achieved. • It does not consider potential auditor error. • There is no way of knowing what the preliminary level of risk of material misstatement actually was.
4-14
The Auditor’s Risk Assessment ProcessFigure 4-2 An Overview of the Auditor’s Assessment of Business Risks and the Risk of
Material Misstatements
LO# 4
4-15
Errors are unintentional misstatements of amounts or disclosures in the financial statements.
Fraud refers to an intentional act by one or more among management, those charged with governance, employees, or third parties, involving the use of deception that results in a misstatement in the financial statements.
LO# 5 LO# 5
Assessing the Risk of Material Misstatement
4-16
Fraud involves intentional misstatements. The fraud risk identification process includes:
Sources of information about possible fraud―
Communications among the audit team
Inquires of management and others
Analytical procedures
Investigation of unexpected period-end adjustments
LO# 6 LO# 6
The Fraud Risk Assessment Process
4-17
Three conditions usually exist when fraud occurs.
Incentive or pressure to
perpetrate fraud
Opportunity to carry out
the fraud
Attitude or rationalization to justify fraud
LO# 6
Conditions Indicative of Fraud and Fraud Risk Factors
4-18
Auditor’s Response tothe Risk Assessment (See Figure 4-3)
Financial statement level risks
Develop an overall response.
Determine what might go wrong at the assertion level.
LO# 7
Assess the risk of material misstatement at the financial statement and assertion levels.
Do these risks relate
pervasively to the financial statements?
Design audit procedures for
assertion level risks.
Assertion level risks
Yes
No
4-19
Evaluation of AuditTest Results
At the completion of the audit, the auditor should consider: 1. Whether the total misstatements cause the financial statements to be
materially misstated. THEN …
If the financial statements are materially misstated, the auditor should: 1. Request management to eliminate the material misstatement, or 2. If management does not make needed adjustments, the auditor should
issue a qualified or adverse opinion.
LO# 8
4-20
Documentation of theAuditor’s Risk Assessment
The auditor should document: Discussions among engagement personnel. Procedures performed to identify and assess the risks
of material misstatement due to error or fraud. Fraud risks or other conditions that result in additional
audit procedures. The nature, timing, and extent of procedures performed
in response to fraud risks identified and the results of that work.
The nature of the communications about error or fraud made to management, the audit committee, and others.
LO# 9
4-21
Communications about Fraud Whenever the auditor has found evidence that a fraud may exist, that matter should be brought to the attention of an appropriate level of management. Fraud involving senior management and fraud that causes a material misstatement of the financial statement should be reported directly to the audit committee of the board of directors.
The auditor should reach an understanding with the audit committee regarding the expected nature and extent of communications about misappropriations perpetrated by lower-level employees.
LO# 10
4-22