You are on page 1of 3


Week 8
11.11 Identify the three steps in a preliminary assessment of risk.

Step 1:
Step 2:
Step 3:

perform procedures to obtain an understanding of internal controls

identify potential misstatements in the financial statements
identify the necessary controls that are likely to prevent or detect potential

11.12 What audit strategy is the auditor likely to adopt if, at the planning
stage, control risk is assessed as less than high?
In assessing the control risk at less than high, the auditor has identified specific internal
control policies and procedures that they believe will be effective in preventing or detecting
misstatements related to the assertion. Evidence is needed to support this, therefore the audit
strategy the auditor will adopt is a lower assessed level of control risk approach.
11.21 Assessing control risk
An auditor is required to obtain a sufficient understanding of each of the components of an
entitys system of internal control to plan the audit of the entitys financial statements and to
assess control risk for the assertions embodied in the account balance, transaction class, and
disclosure components of the financial statements.
Explain the reasons an auditor may assess control risk at the
maximum level for one or more assertions embodied in an account
What must an auditor do to support assessing control risk at less
than high when the auditor has determined that controls have been
placed in operation?
(a) An auditor may assess control risk at the maximum level for some or all assertions
because the auditor believes internal controls are unlikely to pertain to an assertion, are
unlikely to be effective, or because evaluating their effectiveness would be inefficient.
(b) To support assessing control risk at less than the maximum level, an auditor must
determine whether internal controls are suitably designed to prevent or detect material
misstatements in specific financial statement assertions and obtain evidence through tests
of controls that the policies and procedures are operating effectively.
12.11 Which components of the audit risk model can be controlled by the auditor?
Discuss the interrelationships.
In terms of which components can be controlled by the auditor, the only part would be
detection risk (ASA 200). This is varied based on the assessment of inherent risk and control
risk. Inherent risk is given for a particular client, the auditor assesses it but cannot change it.
Similarly, control risk is given for a particular client, however if control risk is medium or

low the auditor may choose to rely on the controls and will therefore have to perform some
compliance testing. Audit risk is specified for the auditor, but is probably constant for the
majority of the clients of the audit firm.
For a given level of audit risk, detection risk is inversely related to the assessed levels of
inherent risk and control risk for each financial report assertion. The level of detection risk
influences the auditors assessment of the nature, timing and extent of the procedures needed
to gain sufficient appropriate audit evidence.

Identify and explain the three steps in assessing the risk of

material misstatement.

Step 1 Evaluate the type of potential misstatements that may occur

The auditor needs to recognise risk factors and then link those risk factors to assertions that
are likely to be misstated. Some risks may have a pervasive effect on the financial statements
and may influence multiple account balances and assertions while other risk factors will be
assertion specific.
Step 2 Evaluate the magnitude of potential misstatements
Some potential misstatements are more significant than others so the auditor needs to
consider their magnitude. For example, the existence of inventory is more significant for a
manufacturer than for a hotel. Auditors will need to allocate more audit attention to the
assertions that can have a potential material effect, individually or in aggregate, on the
financial statements.
Step 3 Evaluate the likelihood of material misstatement
The auditor must also determine how likely a possible material misstatement is. Once the
auditor has identified the various risks that might affect the financial statements they should
then assess the adequacy of the system of internal controls. The greater the effectiveness of
internal controls, the less the likelihood of material misstatement.

Identify the three types of substantive procedures and discuss

the effectiveness of each.

The three types of substantive procedures are:

Analytical procedures consist of the study and comparison of relationships among data.
These procedures have proven quite effective in detecting large misstatements in the
financial reports and tend to be the least costly of substantive procedures.
Tests of details of transactions primarily involve tracing and vouching the individual
debit and credit entries in the account. When these procedures involve highly
appropriate evidence such as externally generated documents, they can be quite
effective. They tend to be more costly than analytical procedures, but less costly than
tests of details of balances.
Tests of details of balances verify the ending account balances directly, without any
explicit reference to the individual debit and credit entries. These procedures tend to be
the most effective and costly since they often involve the most competent forms of
evidence such as auditor observation and confirmation from outsiders.

12.19 What steps may the auditor perform in evaluating the reasonableness of
accounting estimates?
Due to the use of judgement and therefore the subjective nature of these balances, accounting
estimates are often the ones where the most disputes occur between the auditor and
management. ASA 540 suggests that one or a combination of the following approaches
should be adopted in the audit of accounting estimates to obtain sufficient appropriate audit
(a) Review and test the processes used by management to develop the estimate.
This would include a review of the data and assumptions used by management in
preparing the estimate, testing the calculations performed, and comparison of the
accuracy of estimates made by management in prior periods.
(b) The use of an independent estimate for comparison.
The auditor may make his or her own independent estimate of the balance and compare it
with managements.
(c) Review subsequent events.
A review of subsequent events after the end of the accounting period may provide
evidence as to the accuracy of the estimate made by management.