Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Audit Risk Model (Au 312)

Published byمائده ایروانی Modified over 5 years ago

Similar presentations

Presentation on theme: "The Audit Risk Model (Au 312)"— Presentation transcript:

1 The Audit Risk Model (Au 312)
Dr. Donald K. McConnell Jr. 2/24/2019

2 Why Was the Audit Risk Model Developed?
Competitive bidding restrictions were eliminated by AICPA for legal reasons What was effect on fees when audits could be competitively bid? How does auditor respond to fees lowered by price competition? Two courses of action exist: Cut corners? No way! Audit more efficiently: Audit testing should be concentrated in areas of greatest perceived risk Some tests “traditionally” done perhaps weren’t necessary! 2/24/2019

3 The Audit Risk Model: A structured way to identify the areas of greatest risk in the audit Used in the planning phases of the audit AAR = IR x CR x P[A]DR, where: AAR = audit risk, which is driven by IR = inherent risk CR = control risk P[A]DR = planned [acceptable] detection risk A conceptual, not a mathematical model 2/24/2019

4 Audit Risk Defined The risk that the auditor might fail to modify his/her report when the financial statements do not present fairly (Au ) Audit risk is set for the entire audit IR and CR are evaluated by individual transaction cycles 2/24/2019

5 Audit Risk Is a Beta Risk Concept
Our concern is with Type II error ARO (The Risk of Assessing Control Risk too Low): the risk of concluding that controls tested are effective when they are not ARIA (Risk of Incorrect Acceptance): concluding that an account balance is materially correct when it is not 2/24/2019

6 What Would Constitute Alpha Risk (Type I Error)?
The risk of concluding controls are ineffective when they are actually effective The risk of concluding an account balance is materially misstated when it is not 2/24/2019

7 Why Are We Not As Concerned with Alpha Risk (Type One Error)?
The auditor would ordinarily reconsider or extend auditing procedures This would ordinarily lead the auditor to the correct conclusion (Au 312: fn 3) An effective, but less efficient audit 2/24/2019

8 What Level of Audit Risk Is Typical for an Audit Engagement?
Intuitively, about 5% That is, a 1 in 20 chance that after the audit testing we might have failed to detect a material misstatement! Why not audit more conclusively: seeking 1% or 2% audit risk? 2/24/2019

9 Would We Ever Want to Achieve Audit Risk Lower Than 5%?
ABSOLUTELY! Examples: A 1933 Act filing (IPO) An acquisition target audit A publicly held company with deteriorating financial position and/or much debt 2/24/2019

10 AAR = IR x CR x P[A]DR [A]: Acceptable
2/24/2019

11 What Is Inherent Risk (IR)? [AU 312.27 (a)]
The risk that a material misstatement might occur in a transaction cycle, ignoring the effects of internal controls A function of client and industry characteristics Most auditors set IR at 50% (medium) to 100% (high): For reasons of conservatism To avoid under-auditing 2/24/2019

12 What Is Control Risk (CR)? [AU 312.27 (b)]
The risk [in a transaction cycle] that a material misstatement which does occur will not be prevented or detected by the client’s system of internal controls Evaluated through assessing internal controls documentation: Flowcharts of systems Internal Control Questionnaires Narrative memos Commonly set at 100% in audits of small companies! 2/24/2019

13 What Is Planned Acceptable Detection Risk (PADR)? [Au 312.27 (c)]
The risk [in a transaction cycle] that a material misstatement which eludes internal controls will not be detected by the auditor’s tests The only risk component (of the three) the auditor can control The auditor’s substantive tests are based on what he/she thinks might get past internal controls Internal controls are always the first line of defense! 2/24/2019

14 More Audit Risk Issues Even with controls and audit testing, it is possible for misstatements to go undetected Those possibilities represent the level of audit risk accepted by the auditor Audit risk must be at a low level, but it would take an unreasonable amount of work to eliminate it entirely! 2/24/2019

15 Why are Control Risk and Inherent Risk Evaluated By Transaction Cycles?
CR could be high in one cycle, and low in another: Controls could be weak in acquisition and payment cycle But strong in the payroll cycle IR could be high in one cycle, and low in another: Risk of material misstatement would typically be great in sales and collection cycle Risk of material misstatement would typically be low in payroll cycle 2/24/2019

16 How Do We Evaluate Effects of CR and IR on P[A]DR?
We can only control detection risk, in response to inherent risk and control risk assessments Inherent risk and control risk are what they are at the time! Hence, we rearrange the audit risk equation as follows: P[A]DR = AAR / (IR x CR) 2/24/2019

17 Detection Risk Bears an Inverse Relationship to Inherent and Control Risk
The lower the inherent and control risk, the greater the detection risk the auditor can accept The greater the inherent and control risk, the lower the detection risk the auditor can accept 2/24/2019

18 Examples of This Concept, Assuming 5% Acceptable Audit Risk
Sales and collection cycle IR= 50% CR= 50% What is PADR? PADR= 20% Audit of Payroll cycle IR= 25% CR= 25% What is PADR? PADR= 80% 2/24/2019

19 What Would We Conclude from These Examples?
Acceptable detection risk (PADR= 20%) is lower in the sales cycle, requiring more extensive, conclusive audit testing Acceptable detection risk (PADR= 80%) is higher in the payroll cycle, allowing less rigorous audit testing Perhaps just analytical review, and Required minimal substantive testing, as per SAS’s 2/24/2019

20 What Should the Auditor Do Where IR and/or CR are High? [AU 319.82]
Look at larger sample sizes Consider auditing 100% versus sampling Apply more effective tests: e.g., confirmation of A/R vs. vouching to internal documents Apply audit tests closer to balance sheet date Use more experienced audit personnel 2/24/2019

21 How Does the Auditor Assess Inherent Risk?
IR is a function of transaction cycle, industry, and client characteristics, e.g.: Nature of client industry Makeup of the population Extent of errors in previous audits New audit engagements are always risky Non-routine transactions raise IR New accounts are risky Accounts requiring subjective judgments Related party transactions increase IR 2/24/2019

22 Acceptable Audit Risk (AAR) Is Not the Same As Inherent Risk (IR)!
How much exposure to liability does the auditor have? The greater that exposure, the lower the AAR What chance are you willing to accept that after the audit testing there is still material misstatement? IR is the probability of material misstatement in a transaction cycle There could be a 50% chance of misstatement in a cycle (IR), but we wouldn’t want a 50% chance we would not detect it (AAR)! 2/24/2019

23 Most Auditors Evaluate IR and CR Qualitatively!
Practicing auditors tend to look at IR, CR, etc. as being high, low, or medium vs. assessing percentage probabilities Why? The audit risk model is a conceptual model, not strictly speaking a mathematical model The determinations are subjective, not precise 2/24/2019

24 How Do We Evaluate IR and CR Qualitatively?
What’s the process? As a first approximation, look at interaction of IR and CR, which is inverse to P[A]DR P[A]DR might need to be adjusted in light of AAR, to avoid underauditing! Example: Assume AAR needed is low, IR is low, and CR is high in a cycle Implies P[A]DR “medium” as a 1st approx. However, if we need to achieve low levels of AAR in the audit, intuitively P[A]DR should be adjusted to low Hence, evidence needed would be high, not medium 2/24/2019

Download ppt "The Audit Risk Model (Au 312)"

Similar presentations

Chapter 4 Risk Assessment McGraw-Hill/Irwin

Chapter 4 Risk Assessment McGraw-Hill/Irwin
CHAPTER 14 AUDITING THE REVENUE CYCLE Fall 2007

CHAPTER 14 AUDITING THE REVENUE CYCLE Fall 2007
Chapter 9 Materiality and Risk

Chapter 9 Materiality and Risk
Learning Objectives LO1 Describe the conceptual audit risk model and its components. LO2 Explain the usefulness and limitations of the audit risk model.

Learning Objectives LO1 Describe the conceptual audit risk model and its components. LO2 Explain the usefulness and limitations of the audit risk model.
Learning Objectives LO6 Develop a simple audit program for an account balance, considering the influences of risk and tolerable misstatement. a. Specify.

Learning Objectives LO6 Develop a simple audit program for an account balance, considering the influences of risk and tolerable misstatement. a. Specify.
S11: Risk Based Audit Approach. Session Objectives  To define audit risks and establish the relationship between materiality and audit risk  To discuss.

S11: Risk Based Audit Approach. Session Objectives  To define audit risks and establish the relationship between materiality and audit risk  To discuss.
Management Fraud and Audit Risk

Management Fraud and Audit Risk
Prepared by: Angela Davis CA, CFE, MSc Booth University College

Prepared by: Angela Davis CA, CFE, MSc Booth University College
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 9 - 1 Materiality and Risk Chapter 9.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Materiality and Risk Chapter 9.
CHAPTER 5 OVERVIEW OF THE AUDIT PROCESS Fall 2007 u Overview of the Audit Process u Assessing Audit Risk u Audit Objectives u Materiality u Audit Procedures.

CHAPTER 5 OVERVIEW OF THE AUDIT PROCESS Fall 2007 u Overview of the Audit Process u Assessing Audit Risk u Audit Objectives u Materiality u Audit Procedures.
MODERN AUDITING 7th Edition

MODERN AUDITING 7th Edition
9 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Materiality and Risk Chapter 9.

9 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Materiality and Risk Chapter 9.
Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.

Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.
Nature of an Integrated Audit

Nature of an Integrated Audit
Auditing The Revenue Cycle Prepared by: Sartini, S.E., M.Sc., Akt.

Auditing The Revenue Cycle Prepared by: Sartini, S.E., M.Sc., Akt.
Copyright © 2007 Pearson Education Canada 1 Chapter 12: Audit Sampling Concepts.

Copyright © 2007 Pearson Education Canada 1 Chapter 12: Audit Sampling Concepts.
McGraw-Hill/Irwin ©2007 by the McGraw-Hill Companies, Inc. All rights reserved. Step 5: Evaluate Audit Evidence  Discrepancies in the accounting records.

McGraw-Hill/Irwin ©2007 by the McGraw-Hill Companies, Inc. All rights reserved. Step 5: Evaluate Audit Evidence  Discrepancies in the accounting records.
Learning Objectives LO1 Explain the role of professional judgment in audit sampling decisions. LO2 Distinguish audit sampling work from nonsampling work.

Learning Objectives LO1 Explain the role of professional judgment in audit sampling decisions. LO2 Distinguish audit sampling work from nonsampling work.
1 Chapter 9 Materiality and Audit Risk 2 3 Under which auditing approach(es) are auditors required to obtain an understanding of the internal controls?

1 Chapter 9 Materiality and Audit Risk 2 3 Under which auditing approach(es) are auditors required to obtain an understanding of the internal controls?
Advanced Auditing Materiality and the Audit Risk Model

Advanced Auditing Materiality and the Audit Risk Model

Similar presentations

Ads by Google