AUDITING: A RISK ANALYSIS APPROACH - PowerPoint PPT Presentation

1 / 32
About This Presentation
Title:

AUDITING: A RISK ANALYSIS APPROACH

Description:

Studies of the business, the industry, the economy, and/or the client may lead ... Industry guides/GAAP. 29. Risk-driven vs. Procedure-driven Audits ... – PowerPoint PPT presentation

Number of Views:84
Avg rating:3.0/5.0
Slides: 33
Provided by: MicrosoftC89
Category:

less

Transcript and Presenter's Notes

Title: AUDITING: A RISK ANALYSIS APPROACH


1
AUDITING A RISK ANALYSIS APPROACH
5th edition
Larry F. Konrath
Electronic Presentation
by Harold O. Wilson
2
CHAPTER 5
AUDIT PLANNING
Assessment of Inherent Risk Materiality
3
AUDIT RISK DEFINED
  • Audit Risk The risk that the auditor may
    unknowingly fail to appropriately modify his/her
    opinion on financial statements that are
    materially misstated.

II
What are the odds I didnt detect a material
misstatement?
4
Material Misstatements (MM)
  • Errors Unintentional mistakes of omission or
    commission (e.g., improper data processing ,
    unrecorded transactions).
  • Irregularities (fraud) Intentional omissions or
    commissions leading to misstatements and/or
    misrepresentations (e.g., improper reporting,
    misappropriations of assets, concealments,
    falsified documents).

5
Professional Responsibility
  • Audit design must provide reasonable assurance
    of detecting MM.
  • Risk materiality must be considered in
    planning and evaluating the audit.
  • Assessment of the risk of MM must be made (and
    documented).

6
Auditor must
  • Assess risks potential areas of both
    unintentional and intentional MM.
  • Document responses to such (e.g., revisions of
    audit programs).
  • Perform tests evaluate results.
  • Communicate conclusions to audit committees,
    etc., as considered necessary.

Never communicate such to just one person!
7
INHERENT RISK (IR)
  • Inherent risk The susceptibility of an
    assertion to being a MM, assuming that there
    are no related controls.
  • If there were no internal controls, i.e., the
    only variables were the competence and integrity
    of personnel, the odds of a MM would appear to
    be quite high!
  • Conservative approach Assess IR as 100!

8
CONTROL RISK (CR)
  • Control risk The probability of the occurrence
    of a MM (i.e., a lack of prevention) and
    remaining undetected on a timely basis by the
    entitys internal controls. (The odds that the
    prescribed internal controls fail to work!)
  • Together, IR and CR determine the pre- audit
    probability that the financial statements are
    materially misstated!

9
A note on Control Risk
An extensive IC system reduces the probability
of MM thus, the presumption is that the more
extensive the controls, the less the audit
testing needed to reach the professional, but
unofficial, required level of 95 confidence
in the fairness of the financial statements.
10
A note on Control Risk
Initially, CR is subjectively assessed based on
prescribed internal controls. As the audit
testing progresses, CR is revised
(either statistically or subjectively) as the
auditor evaluates the extent and effectiveness
of the internal controls. If the control risk
is high, say over 45, perhaps the client is
not yet ready to be audited! Rework needed?
11
DETECTION RISK (DR)
  • Detection risk The probability that the auditor
    fails to detect a MM that exists in an
    assertion.
  • DR determines exact audit procedures and the
    sample sizes selected in the auditors attempt
    to ascertain the state of the universe under
    examination.
  • Auditors should attempt to quantify IR, CR and
    DR, i.e., audit risk (AR).

12
QUANTIFYING AUDIT RISK
  • Audit risk (AR) The joint probability of IR,
    CR and DR

AR IR x CR x DR
The acceptable, but unofficial, risk level for an
auditor to take is presumed to be about 5.
If so, the product of the above should be .05 or
less. Note To keep AR lt 5 may be either
impractical or uneconomical in a given case.
13
Example
  • Assume AR .05 (required in a specific case)
  • IR 1.00 (ultra-conservative)
  • CR .30 (initially seen as weak)

AR IR x CR x DR
The Detection Risk becomes the variable now
controllable by the auditor, and it, in turn, is
a function of a controllable sample size!
14
Maximum Allowable Detection Risk f(AR, IR,
CR)
  • DR AR / (IR x CR) .05 / (1.0 x
    .30) .17

The auditor, in selecting a sample size, must
test until DR .17 or less, using some form of
statistical sampling mathematics. To test
beyond that point is overauditing.
15
MATERIALITY and its IMPACT ON AUDIT EVIDENCE
  • Materiality An amount that would affect the
    decisions of a reasonably informed user of the
    information.
  • Quantitative Factors (absolute amount, impacts
    on interpretations, ratios, etc.)
  • Qualitative Factors (nature, impact, intent,
    industry, legalities, ethics, etc.)
  • Suggesting AJEs to the client in light of
    materiality thresholds aggregates!

16
MATERIALITY and its IMPACT ON AUDIT EVIDENCE
  • Planning stage
  • Nature, timing, extent of evidence
  • Conducting the audit
  • Is misstatement material?
  • Evaluation of audit results

17
Individual vs. Aggregate
  • Individual is the impact of a single error or
    irregularity on the financial statements
  • Aggregate is the total effect of two or more
    errors, each of which is not material by itself

18
Setting Aggregate Materiality
Function of Internal Control
  • Effective internal controls
  • Relatively high aggregate materiality
  • Weak internal controls
  • Relatively low aggregate materiality
  • Threshold can be raised or lowered as audit
    progresses

19
AUDIT RISK, AUDIT EVIDENCE and MATERIALITY
  • Important relationship
  • Understanding necessary to meet the requirements
    of
  • Professional skepticism a questioning attitude,
    prompting a critical assessment of audit
    evidence.
  • Due Care

20
AUDIT RISK, AUDIT EVIDENCE and MATERIALITY (cont)
  • If audit risk is high because of high control
    risk and/or high inherent risk
  • Aggregate materiality should be low
  • Greater amounts of evidence are necessary
  • If audit risk is low because of low control risk
    and/or low inherent risk
  • Aggregate materiality may be high
  • Lesser amounts of evidence are necessary

21
ANALYSIS OF INHERENT RISK
  • Affected by
  • The auditors fraud assessment
  • Understanding of the business
  • Considered in
  • Preliminary phases of audit planning
  • Study of business industry
  • Application of analytical procedures

22
ANALYSIS OF INHERENT RISK (cont)
  • Preliminary audit planning phase
  • Inquiry of client personnel
  • Planned use of client personnel
  • Client acceptance decision

23
ANALYSIS OF INHERENT RISK (cont)
  • Study of the business industry
  • Information concerning
  • the economy
  • Information concerning
  • the business
  • Information concerning
  • the business

24
Notes on Inherent Risk
  • Auditor suspicions of intent to have misleading
    financial reporting or asset misappropriations
    (i.e., fraud) is an overall influence on the IR
    assessment.
  • Industry complexity or uncertainty also
    influences audit planning programs.
  • Careful interviewing may give clues to client
    attitudes, pressures, problems, contingencies,
    high risk areas.

25
Notes on Inherent Risk
  • Studies of the business, the industry, the
    economy, and/or the client may lead to declining
    the engagement.
  • Losing confidence in the client should lead to
    withdrawal from the engagement.

Note Clients are not likely to be inconsistent
with their industry!
26
Indicators of errors or fraud.
  • Abnormal ratios trends?
  • Complications with IRS?
  • Significant related party transactions?
  • Compensation tied to performance?
  • Unusual accounting/GAAP applications?

27
Indicators of Forces on Earnings
  • Intense competition
  • Sluggish economy
  • Excessive debt
  • Dependence on a single
  • product/customer

28
RISK ANALYSIS SOURCES
  • Although evidence and clues emerge as the audit
    progresses, sources of inputs for audit attention
    are ever-present, such as
  • Management inquiry
  • Auditors current and prior workpapers
  • Permanent files
  • Predecessor audit correspondence, contact
  • Analytical procedures
  • Industry guides/GAAP

29
Risk-driven vs. Procedure-driven Audits
  • Risk-drivenaudit risk is considered
  • Procedures-drivenfollow standard audit report
    without focusing on risk

GAAS requires risk-driven!
30
Preliminary Audit Programs
  • Should reflect
  • Client discussions
  • Study of business industry
  • Analytical procedures
  • Study of internal control

31
Note Time Budgets Staffing
  • Experience is required to estimate when an
    overall opinion might be reached, after a
    pre-audit conference with the client, in light of
    the nature of the client, and
  • Inherent risks fraud potential
  • Prescribed internal controls
  • Prior audit results, timing, etc.
  • Experience of the staff expertise required
  • Scheduling demands of various types
  • Fairness to the client, in light of the above

32
End of Chapter 5
Write a Comment
User Comments (0)
About PowerShow.com