Chapter 8: Overview of the risk-based audit process

A risk-based audit approach is an audit approach that begins with an assessment of

the types and likelihood of restatement in the account balance and then adjusts the amount
and type of auditor to the likelihood of material misstatements occurring in account balances.

Factors to consider in implementing the audit risk model

1. high-risk activities
2. existence of large non-routine transactions
3. matters requiring judgment or management intervention
4. Potential for fraud

The risk-based audit process

Phase 1 risk assessment
Phase 2 risk response
Phase 3 reporting

Risk is a concept used to express uncertainty about events and or their outcomes that could
have a material effect on the organization.

The four critical components of risk that are relevant to conducting the audit are:
1. Audit risk. The risks that an auditor may give an unqualified opinion on financial
statements that are materially misstated.
2. Engagement risk. The economic risk that a CPA firm is exposed to simply because it
is associated with a particular client including loss of reputation, the inability of the
client to pay the auditor, or financial loss because management is not honest and
inhibits the audit process. engagement risk is controlled by careful selection and
retention of clients.
3. Financial reporting risk. Those risks that relate directly to the recording of
transactions and the presentation of financial data in an organization's financial
statement.
4. Business risk. Those risk that affects the operations and potential outcomes of
organizational activities.

Audit risk is defined as the risk that the auditor fails to find material misstatements in the
client's financial statements and thereby inappropriately issues an unqualified opinion on the
financial statements. the auditor control of the twist into different ways:
1. avoid audit risk by not accepting certain companies as clients, for example, reduce
engagement risk to zero.
2. set all that risk at the level that the auditor believes will mitigate the likelihood that
the auditor will fail to identify material misstatements.

At the broadest level, business risk and financial reporting risk originated with the
audit client and its environment, and these risks that affect the auditor's engagement risk
and audit risk. the effectiveness of risk management processes will determine whether a
company or audit firm continues to exist.
Financial reporting risk could arise from issues such as asset impairments, market to
market accounting, warranties, pensions, estimates as well as competent and integrity of
management and its incentives to misstate differential statements.
Business risk and financial reporting risk may affect each other. For instance,
management facing strong competition and weak financial results may be motivated to
circumvent a weak internal control system or to take advantage of complex financial
instruments to achieve desired financial reporting results that do not necessarily portray
economic reality. Audit firms have discovered that being associated with companies with
poor integrity creates a risk that can destroy the audit firm or significantly increased the cost
of conducting the audit.

Chapter 9: Risk assessment -Part 1

Performing these preliminary engagement activities helps to ensure that the auditor plans
and audit engagement for which:
1. The auditor maintains the necessary independence and ability to perform the
engagement.
2. There are no issues with management integrity that may affect the auditor's
willingness to continue the engagement.
3. There is no misunderstanding with the client as to the terms of the engagement.

Client acceptance/ Retention decision

The decision should involve more than just a consideration of management integrity.
Strict client acceptance/ continuance guidelines should be established to screen out the
following:
1. Clients that are in financial and or organizational difficulty
2. Clients that constitute a disproportionate percentage of the firm's total practice
3. Disreputable clients
4. Clients that offer an unreasonably low fee for the auditor's services

Audit firm limitations

An external auditor should not undertake an engagement not qualified to handle. ItA
CPA firm needs to maintain its integrity, objectivity, and reputation for providing high-quality
services. No auditor can afford to be regularly associated with clients to engage in and
management fraud or other unlawful activity. Before accepting an engagement, the CPA
should investigate the history of the prospective client, including such patterns at the
identities and reputation of the directors, officers, and significant shareholders.
In summary, before accepting an engagement with the new client, the CPA firm shall
assess whether it:
1. competent to perform the engagement and has the capabilities, including time
and resources to do so,
2. can comply with the relevant ethical requirements, and
3. has considered the integrity of the client and does not have information that
would lead it to conclude that the client lacks integrity
An engagement letter, which includes the audit free, also includes a description of the
timing of the external auditors work and a description of documentation to the client is
expected to provide to the external auditor . in writing and engagement letter, care should be
taken when describing the degree of responsibility the auditor takes concerning discovering
fraud and misstatements. If the client wants it its auditors to go beyond the requirements of
the auditing standards, the auditors should have their attorneys review the wording to make
sure that it says not only what is intended but also what is possible.
The agreed terms of the audit engagement shall be recorded in an audit engagement letter
or other suitable forms of the written agreement and shall include:
1. the objective and scope of the audit of the financial statements
2. the responsibilities of the auditor
3. the responsibilities of management
4. Identification of the applicable financial reporting framework for the preparation of
the financial statement
5. About the expected form and content of any reports to be issued with the auditor and
his statement that may be circumstances in which a report may differ from its
expected form and content
Phase 1-B Planning the audit to develop an overall audit strategy and audit plan
audit planning involves the establishment of the overall audit strategy for the management
and developing an audit plan, in order to reduce audit risk to an acceptably low level.
Planning involves the engagement team to benefit from their experience and insight and to
enhance the effectiveness and efficiency of the planning process.

Levels of materiality
overall materiality- materiality for the financial statements as a whole is based on the
auditor's professional judgment as to the highest amount of misstatements that could be
included in the financial statements without affecting the economic decisions taken by a
financial statement user.
Specific materiality- in some cases there may be a need to identify the statements of lesser
amounts than overall materiality that would affect the economic decisions, financial
statement users. This could relate to sensitive areas such as particular note disclosures,
compliance with legislation, or certain terms in a contract or transactions of fun which
bonuses are based it could also relate to the nature of a potential misstatement.
performance materiality- used by the auditor to reduce the risk to an appropriately low level.