14Mar13

AC2103 RiskManagement,Control&Ethics Seminar12.1 AuditMonitoring(2)

TeamPresentation9or ClassDiscussion GroupActivity Takeaways
1

KeyTakeawayfromPresentation
Auditorsneedtounderstandthekey strategicandprocessbusinessrisks Understandingofaclientsbusinessmodel canhelpensurewhetherthe financialstatementsmakebusinesssense Residualbusinessriskshaveauditimplications Amountofauditworkisbasedonthe auditorsassessmentofRMM(IRXCR)
2

Importance of Business Risk for Auditors

1. Client Acceptance and Retention a.Assess audit risk b.Assess client business risk c.Audit completion and reporting d.Audit procedures planning e.Client acceptance and retention f.Control tests g.Knowledge acquisition & risk assessments h.Substantive tests i.Tests of f/s assertions j.Understand client business environ. & operations

AuditImplications ofBusinessRisks
Expectations Client Viability

2. Knowledge Acquisition & Risk Assessments

Understand 3. client business envirn. & ops

4. Assess

5. Assess

client biz risk

audit risk

6. Audit Procedures Planning AuditRisks 7. Control 8. Substantive

Identified Business Risk

Control Environment

tests

tests
Commentsfor Client
4

9. Tests of Financial Statement Assertions 10. Audit Completion and Reporting

3

Example of Audit Implications

Risk: New regulations on distribution of a companys key product Expectation

Relationship between Audit Risk Components

Audit risk model (decision tool):

AR = IR x CR x DR

Distribution cost may increase Might be in doubt if client cant comply Inventory valuation if product cant move Management might circumvent regulations Develop controls to ensure compliance with regulations

5

Client Viability

IR & CR - assessed by auditor AR & DR desired/acceptable or actual

Audit Risk

Control Environment

Comments for Client

Desired DR = Desired AR / Assessed RMM (IR x CR) Preliminary CR other than High, need to perform test of controls to confirm assessments If CR is high, than need to perform more substantive audit procedures If CR is low, then can perform less substantive 6 procedures

14Mar13

Examples of audit procedures

Example of Differing Evidence Among Cycles

Sales and collection cycle Inherent risk Control B risk Acceptable C audit risk Planned D detection risk Acquisition and payment cycle high low low medium Payroll and personnel cycle low low low high
9-8

Completeness Test of controls

Review

the evidence of control of accounting for numerical sequence of shipping documents and sales invoices

medium medium low medium

Substantive procedures
Tests

from supporting documentation (e.g., delivery note) to sales journal

2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley

Tolerable Misstatements, Risk, and Planned Evidence

Acceptable audit risk Inherent risk Control risk Tolerable misstatement
D I D I I

CriticalThinking
Whatinferencecanwemaderegardingthe internalcontrolsoverfinancialreportingwhen anauditorissueaTrue&Fairreport?
WhenCRislow,setDRhigher WhenCRishigh,setDRlower Ataminimum,theclienthasabaselinelevelof controlstomakeitauditable

Planned detection risk

I

Planned audit evidence

D I

D = Direct relationship; I = Inverse relationship

2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley 9-9

10

Announcement
It's more than just totting up the figures.
29 March 2004:

One partner brought up a weakness where some students had

difficulty in identifying the risks arising from a business and identifying the financial and audit implications.

Session12.2 Nomeeting TogothroughselfpacedACLexercise(detection offraud)andtocompleteonlinequizbynoon 9April(Tue)[Beethical!]

Internalauditmustalsoidentify businessrisksforfirms:survey
20August2007
11 12