2 LO# 1Audit RiskThe risk that an auditor will issue an unqualified opinion on materially misstated financial statements.Financial statement levelIndividual account balance or class of transactions level
3 LO# 1Engagement RiskClient and third party lawsuitsAn auditor’s exposure to financial loss and damage to professional reputation.Negative publicity/reputationLocal auditfailure …
4 Risk ControlEngagement Risk - Cannot be directly controlled, but can have some control via client acceptance/continuanceAudit Risk – Can be directly controlled by scope of the auditor’s work(scope – nature, timing, extent of audit procedures
5 TerminologyAudit Risk – the risk that the auditor may fail to modify the opinion on materially misstated financial statementsInherent Risk – susceptibility of an assertion to material misstatements, assuming no related controlsControl Risk – Risk that controls don’t workDetection Risk – Auditor didn’t catch misst
6 Inherent Risk and Control risk Functions of the entityAuditor has little control over these risksAlso called “auditee risk”
7 Detection Risk Can be controlled by the Auditor Via scope of audit proceduresInverse relationship to IR and CR
8 The Audit Risk Model Audit Risk = IR × CR × DR LO# 2The Audit Risk ModelInherent risk and control risk: Risk that material misstatements existAudit Risk = IR × CR × DRDetection risk: Risk that auditor will not detect misstatementsNonsampling riskSampling riskInappropriate audit procedureFail to detect when using appropriate audit procedureMisinterpreting audit results
9 Using the Audit Risk Model LO# 3Using the Audit Risk Model Set a planned level of audit risk such that an opinion can be issued on the financial statements. Assess inherent risk and control risk. Use the audit risk equation to solve for the appropriate level of detection risk:AR = IR × CR × DRDR =ARIR × CRAuditors use this level of detection risk to design audit procedures that will reduce audit risk to an acceptable level.
10 Using the Audit Risk Model LO# 3Using the Audit Risk ModelQualitative terms may also be used in the audit risk model.
11 Limitations of the Audit Risk Model LO# 4The audit risk model is a planning tool, but it has some limitations that must be considered when the model is used to revise an audit plan or to evaluate audit results.The desired level of audit risk may not actually be achieved.It does not consider potential auditor error.There is not way of knowing what the preliminary level of risk actually was.PreliminaryAssessment Level of RiskActualor AchievedLevel of Risk+ / –
12 The Auditor’s Risk Assessment Process LO# 5The Auditor’s Risk Assessment ProcessAuditors need to identify business risks and understand the potential misstatements that may result.Business risks include any external or internal factors, pressures, and forces that bear on the entity’s ability to survive and be profitable.
13 The Auditor’s Risk Assessment Process LO# 5The Auditor’s Risk Assessment Process
14 Understanding the Entity and Its Environment LO# 5Understanding the Entity and Its EnvironmentFinancial PerformanceIndustry FactorsRegulatory EnvironmentObjectives and StrategiesInternal ControlBusiness RisksNature of the Entity
15 Auditor’s Risk Assessment Procedures LO# 5Auditor’s Risk Assessment ProceduresInquiries of Management and OthersAnalytical ProceduresObservation and Inspection
16 Identifying Business Risks LO# 5Identifying Business RisksExamples of conditions or events that indicate the existence of business risks:Significant changes in the entity (e.g., acquisitions and reorganizations).Significant changes in the industry.Significant new products, services, or lines of business.New locations.Significant changes in the IT environment.Operations in areas with unstable economies.High degree of complex regulation.
17 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudTo assess the risk of material misstatement, the auditor:Identifies risks by considering the entity and its environment, including controls that relate to the risks,and by relating these risks to the classes of transactions and account balances in the financial statements.Relates the identified risks to what can go wrong at the assertion level.Considers whether the risks are of a magnitude that could result in a material misstatement.Considers the likelihood that the risks will result in a material misstatement.
18 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudTypes of misstatements include:A difference between the amount, classification, or presentation of a reported financial statement element, account, or item and the amount, classification, or presentation that would have been reported under GAAP.The omission of a financial statement element, account, or item.A financial statement disclosure that is not presented in accordance with GAAP.The omission of information required to be disclosed in accordance with GAAP.
19 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudErrors are unintentional misstatements:Mistakes in gathering or processing financial data used to prepare financial statements.Unreasonable accounting estimates arising from oversight or misinterpretation of facts.Mistakes in the application of accounting principles relating to amount, classification, manner of presentation, or disclosure.
20 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudFraud involves intentional misstatements. The fraud risk identification process includes:Sources of information about possible fraudCommunications among the audit teamInquires of management and othersFraud risk factorsAnalytical proceduresOther informationConditions indicative of fraudIncentives/pressuresOpportunitiesAttitudes/rationalizationAuditor identifies risks of material misstatement due to fraud.
21 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudThree conditions usually exist when fraud occurs.Incentive or pressure to commit fraudOpportunity to commit fraudAttitude or rationalization to justify fraud
22 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudFraud involves intentional misstatements.Fraudulent financial reportingMisappropriation of assets
23 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudFraudulent financial reporting includes acts such as the following:Manipulation, falsification, or alteration of accounting records or supporting documents used to prepare financial statements.Misrepresentation in, or intentional omission from, the financial statements of events, transactions, or significant information.Intentional misapplication of accounting principles relating to amount, classification, manner of presentation, or disclosure.
24 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudFraudulent Financial ReportingRisk Factors Relating to Incentive/Pressure include:Excessive pressure for management to meet financial targetsExcessive pressure for management to meet third party expectationsManagement’s personal financial situation is threatenedFinancial stability or profitability is threatened
25 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudFraudulent Financial ReportingRisk Factors Relating to Opportunities include:Nature of the industryComplex or unstable organizational structureIneffective monitoring of managementDeficient internal control
26 Risk Factors Relating to Attitudes/Rationalizations LO# 6Risk Factors Relating to Attitudes/RationalizationsFraudulent Financial ReportingRisk Factors Relating to Attitudes/Rationalizations include:Use of inappropriate accounting based on materialityPoor communication channels for reporting inappropriate behaviorFailure to correct known reportable conditionsWeak ethical standards forManagement behavior
27 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudMisappropriation of assets involves the theft of an entity’s assets to the extent that financial statements are misstated. Examples include:Stealing assetsPaying for goods and services not receivedEmbezzling cash received
28 Assessing the Risk of Material Misstatement Due to Error or Fraud LO# 6Assessing the Risk of Material Misstatement Due to Error or FraudMisappropriation of AssetsRisk Factors for Misappropriation of Assets include:Personal financial pressuresAccess to assetsAdverse employee management relationshipsLack of inventory controlInadequate separation of dutiesNo mandatory vacation policySmall, valuable inventory itemsEmployeedisregardof internalcontrolSudden changes in employee behavior
29 Types of items Requiring Specific Audit Procedures Assertions identified with Fraud riskNonroutine/unsystematically processed transactionsSignificant accounting estimates and judgementsHighly complex transactionsApplication of new accounting standardsRevenue recognition issues
30 Evaluation of Audit Test Results LO# 8Evaluation of Audit Test ResultsAt the completion of the audit, the auditor should consider whether the accumulated results of audit procedures affect the assessments of the entity’s business risk and the risk of material misstatement. The total uncorrected misstatements that were detected should be aggregated to determine if they cause the financial statements to be materially misstated. If the auditor concludes that the total misstatements cause the financial statements to be materially misstated, the auditor should request management to eliminate the material misstatement. If the management does not do so, the auditor should issue a qualified or adverse opinion.If the auditor determines that the misstatement is or may be the result of fraud, and either has determined that the effect could be material or has been unable to evaluate whether the effect is material, the auditor should:
31 Evaluation of Audit Test Results LO# 8Attempt to obtain audit evidence to determine whether, in fact, material fraud has occurred and, if so, its effect.Consider the implications for other aspects of the audit.Discuss the matter and the approach to further investigation with an appropriate level of management that is at least one level above those involved in committing the fraud and with senior management.If appropriate, suggest that the client consult with legal counsel.If the results of the audit tests indicate a significant risk of fraud, the auditor should consider withdrawing from the engagement and communicating the reasons for withdrawal to the audit committee or others with equivalent authority and responsibility.
32 Documentation of the Auditor’s Risk Assessment LO# 9Documentation of the Auditor’s Risk AssessmentThe auditor should document:Discussions among engagement personnel.Procedures performed to identify and assess the risks of material misstatement due to fraud.Risks of identified material misstatement due to fraud and a description of the auditor’s response to the risks.Fraud risks or other conditions that result in additional audit procedures.The nature of the communications about fraud made to management, the audit committee, and others.
33 Communications about Fraud LO# 10Whenever the auditor has found evidence that a fraud may exist, that matter should be brought to the attention of an appropriate level of management. Fraud involving senior management and fraud that causes a material misstatement of the financial statement should be reported directly to the audit committee of the board of directors.The auditor should reach an understanding with the audit committee regarding the expected nature and extent of communications about misappropriations perpetrated by lower-level employees.
34 Communications about Fraud LO# 10The disclosure of fraud to parties other than the client’s senior management and its audit committee ordinarily is not part of the auditor’s responsibility and ordinarily would be precluded by the auditor’s ethical and legal obligations of confidentiality. However, the auditor may have a duty to make disclosure to others outside the entity when the following conditions exist:To comply with certain legal and regulatory requirements.To a successor auditor when the successor makes inquiries in accordance with AU 315, Communications between Predecessor and Successor Auditors.In response to a subpoena.To a funding agency or other specified agency in accordance with requirements for the audits of entities that receive governmental financial assistance.
35 LO# 11MaterialityThe magnitude of an omission or misstatement of accounting information that makes it probable that the judgment of a reasonable person relying on the information would be changed or influenced by the omission or misstatement.Materiality is not an absolute andit is not a black or white issue!The determination of materialityrequires professional judgment.
36 LO# 11MaterialityThe quantitative base for materiality is a percentage (typically 3 to 5 percent) of:Total assets.Total revenues.Income before taxes.Income from continuing operations.Gross profitThree-year average of income before taxes.The quantitative amounts may be adjusted lower for qualitative factors such as:First-year engagement.Control weaknesses.Management turnover.High market pressures.High fraud risk.Higher than normal risk of bankruptcy.
37 Steps in Applying Materiality on an Audit LO# 12Steps in Applying Materiality on an AuditStep 1:Determine a material level for the overall financial statements(planning materiality)Step 2:Determine tolerable misstatement(allocation of materiality at individual account/class of transactions level)Step 3:Evaluate auditing findings(near the end of the audit)