Scribd Logo
Upload

Welcome to Scribd!

  • Chapter 8-Audit

    Uploaded by

    MisshtaC
    7 views17 pages

    Original Title

    CHAPTER 8-AUDIT

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    7 views17 pages

    Chapter 8-Audit

    Uploaded by

    MisshtaC

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 17
    Chapter VERVIEW OF RISK-BASED AUDIT PROCESS Expected Learning Outcomes 5 : After studying this chapter, you should be able to: 4. Understand the concept of risk-based audit approach. 2. Know the factors to be considered in implementing the risk- based audit model. 3. Understand the limitation in applying the risk-based audit model. 4. Distinguish between risk-based audit and account-based audit. 5. Discuss the activities in risk-based audit. 6. Identify the PSAs to be applied in the activities in the risk- based audit. fe , ; - BUGS CHAPTER 8 OVERVIEW OF RISK-BASED AUDIT PROCESS INTRODUCTION Risk-Based Audit Approach Defined Risk-based-audit.approach is an audit approach that begins with an assessment of the types and-likelihood of misstatements in account -balance and then adjusts the amount and type of audit work, to the likelihood of. material misstatements occurring in account balances. Given the rapidly changing environment in which today’s businesses operate, management, internal auditors ‘and external auditors must focus on the risks to the entity’s operations and ensure controls are in place to eliminate, mitigate, or compensate for those risks. Many public accounting firms find themselves using a risk-based auditing approach that employs a top-down evaluation of the client's risk that goes beyond the financial statements. For instance, audit teams’ now devote a significant amount of their engagement planning to their clients’ business risks (ie., the risks that the client will fail to achieve its objectives). Firms adopting this approach believe they must leam more about their clients’ strategies and processes to understand whether the financial statements are fairly presented. Under this approach, the auditor performs.the following: D Identification of the client’s strategy and the process . es fe strategy. for developing that Examination of the core business process and resource management , s nt. Identification for each of the key processes (as well as i. objectives, inputs, activities, outputs, systems and wrahsaetin }-processes) the ‘ ns. Assessment of the risks that the processes will : controls related to those risks. ® ©8 Not meet the goals and Overview of Risk-Based Audit Process _ 201 FACTORS TO_CONSIDER_IN_ IMPLEMENTING. MODEL :-CONS THE AUDIT RISK The following general observati T h ra rvations on an audit i i implementation of the audit risk model: BOG ae ese ® "8 High-risk activities © This includes Operations or events where a material misstatement could easily occur. For example, an inventory of high-value diamonds or gold bars held by a jeweler, or a new / complex accounting system being introduced. Existence of large non-routine transactions © Identified significant related party transactions outside the entity's normal course of business are to be treated as giving rise to significant risks. This includes infrequent and large transactions. For example: + Unusual volume of routine transactions with a related party; A major sales or supply contract; & The purchase or Sale of major business assets or business segments; and 4 Sale of the business to a third party. © Routine non-complex transactions that are subject to systematic processing are less likely to give rise to significant risks. ‘ © Examples would include: ees : we The assumptions and calculations used by management in developing major estimates; : oo Complex calculations or accounting principles, ; Revenue recognition (presumed to be a significant risk) that is subject to differing interpretation; : : Where management intervention is required to specify the accounting treatment to be used. oe + 202 Chapter § 4. Potential for fraud * . The risk of not detecting a,material misstatement resulting from fraud (which is intentional and deliberately concealed) is higher than the risk of not detecting one resulting from error. fea © In evaluating whether significant risk could result from the identified fraud risk factors and the possible scenarios and schemes identified in team discussions, consider the following: ‘F Skillfulness of the potential perpetrator; ‘> Relative size of individual amount manipulated; Level of authority of management or employee to: - directly or indirectly manipulate accounting records, and > override control procedures; © significant fraud risks may be identified at any stage in the auditias a result of new information being obtained. LIMITATION OF THE AUDIT RISK MODEL Audit risk is a concept that drives the auditor's thinking about planning the audit and then executing an audit. The illustrations are designed to provide guidance, but should not be applied rotely to any audit client. CPA firms in determi their approach to implementing the audit risk model should consider the following limitations: a) Inherent risk is difficult to formally assess. Some transactions because of their complexity are more susceptible to error but it is quite difficult to assess that level of risk independent of the clients accounting system. 5) The model treats each risk component as separate and independent when:in fact the components are -not independent. It is also quite difficult to separate a client’s material controls and inherent risk. ¢) Audit risk is judgmentally determined. d) Audit technology is not so fully developed that each component-of the model can be accurately assessed. Auditing is based on testing oft precise estimates of the model's components are not possible. Auditors can, however, make subjective assessments and use the audit risk model as guide. Overview of Risk-Based Audit Process 203 RISK-BASED AUDIT VS. ACCOUNT-BASED AUDIT In account-based. auditing, assess control risk for cycle: » auditors first obtain an understanding of control and Particular types of error and frauds in specific accounts and In risk-based audit, the audit team views all activities in the organization first in terms of risks to strategies and objectives and then in terms of management's plans ‘and processes to mitigate the risk The auditors obtain an understanding of the client's objectives. Then risks are identified and the auditors determine how management plans to mitigate the risk and whether thiose plans are in place and operating effectively, THE RISK - BASED AUDIT PROCESS _ Although specific audit procedures vary from one engagement to the next, the following stages are involved in every engagement: Phase I. Risk Assessment This phase involves the following activities: a. Performance of preliminary engagement activities to decide whether to “accept / continue an audit engagement. b. Planning the audit to develop an overall audit strategy and audit plan. c. Performance of risk assessment procedures to identify / assess risk of material misstatement through understanding the entity. Phase Il, 1.Risk Response, This phase covers the following activities: : a. Designing overall responses and further audit procedures to develop appropriate responses to the assessed risk of material misstatement. b. Implementing responses to assessed risk of material misstatement to reduce audit risk to an acceptably low level. Phase III, Reporting. This phase involves the following activities: ‘a. Evaluating the audit evidence obtained to determine what additional audit work (if any) is required. ? ie b. Forming an opinion based on audit findings and preparing the auditor's report. 204 Chapter 8 n divided into three phases. ‘Audit phases the diagram Iting documentation. is book has bee! For each of the ose and the resu! The audit approach discussed in th This is illustrated in Figure 8-2. outlines the major activities, their purp* an evidence-gathering pro n be viewed as having three phases: cess. As we discussed The audit process is primarily previously, the audit process cai 1. Risk assessment 2. Risk response 3. Reporting n be divided into the three distinct phases, nt may not occur in that particular order. Issuing a report is, of course, always the final phase, but the other two phases are more fluid. During the engagement, the auditor may obtain information that umulating additional evidence. necessitates modifying the audit program or acc! Or the auditor may proceed to gather evidence and then go back to planning. For example, auditors often finalize the audit program after performing the tests of controls. However, the structure assists in understanding the audit process. Although in theory the audit process ca the actual performance of the engageme! The auditor’sestandard=reportestates, “We conducted dur audits in accordance (with Philippine Standards on Auditing. Those standards require that we comply With the ethical requirements and plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatements.” The phrase eeasonable.assurance is intended to inform the users that. auditors.do i ure the: fair presentation: of the. financial..statements. This municates that there is somesrisk that the financial statements are not phrase com! even when the opinion of the auditor is unqualified. fairly stated The phrase, free-of material misstatement is intended:to-inform: a dor's responsibility is limited to material financial info saereenrer’ important because it is impractical for auditors to provide Tse ps immaterial amounts. Thus, materiality and risk are fundamental oe important to planning the audit and designing the audit Giprackae that are Overview of Risk-Based Audit Process _205 Figure 8-2: Risk-Based Audit Process* PURPOSE DOCUMENTATION Perform prelimi nny Decide whether to Listing of ik factors E agemeny Independence a 7 | Enasoernen lebet ——— = Wateraity a Develop an overall aud ten aay wo >) Audit team discussions w [_ strategy and aut pla Overall audit st a < Identify 7 assess —| Business and fraud risk RMM'* through including significant risks | i understanding the enti = ** Risk of Material Mixstatement) Ca ee i Design / Implementation of |_tlevantinlema conc] ‘Assessed RMM at Lf # FiS Level ‘= Assertion lev avila Update of overall strategy “ Develop appropriate ‘= Overall responses z responses to the 5) + Ausit pian that links 2: assessed RMM assessed RMM to im further audit procedures 2 x [REOTSESUOTTERTTDN Wak pananiok vi ably om level >). Aut findings 2}: “| * ~ New I revised risk factors i : and audit procedures \ eae an eaet| Determine what «© Changes in materiality ‘| Evaluate the audit ‘additional audit work ‘* Communications on @ |! | evidence obtained {if any) is required audit findings zi + Conclusions on audit - |i procedures performed « |} out a wi « angio ificant decisions Prepare the Aucitors For au ings Signed audit opinion Lee sm the A of Small and Med Sie Eats” Volumes | * Adapted from “Guide ‘and 1, Core Concepts Of IAC. ro Using Imeration! Practice! Applicator re er 2016 by IFAC. AI rights reserved. Used with permission 206 Chapter 8 RELEVANT PHILIPPINE STANDARDS ON AUDITING (PSAs) TO BE USED IN THE RISK-BASED AUDIT PROCESS GUIDANCE ON FUNDAMENTAL CONCEPTS: TOPIC Applicable PSA(s) General Principles PSA 200, Overall Objectives of the Independent ‘Auditor and the Conduct of an Audit in Accordance with Intemational Standards ‘on Auditing PSA 200, Quality Control for an audit of Financial Statements Quality Control Management Assertions PSA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment (Newly Revised Standard effective for audits of financial statements for periods ending on or after December 15, 2013) Audit Evidence PSA 500, Audit Evidence Audit Documentation ie PHASE | - RISK ASSESSMEI PSA 230, Audit Documentation NT INCLUDING MAKING CLIENT ACCEPTANCE AND Regulations in Planning the Audit CONTINUANCE DECISIONS fs Client Acceptance and PSA 210, Agreeing the Terms of Audit Engagements Continuance Considering Fraud PSA 240, The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements Consideration of Laws and | PSA 250, Consideration of Laws and Regulations in an Audit of Financial Statements Planning an Audit PSA 300, Planning an Audit of Financial Statements ‘Assessing Risk of Material Misstatements: [ Planning Audit Procedures Understanding Related Parties PSA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment (Newly Revised Standard effective for audits of oe ‘statements for periods ending on or after December 15, ES a, Meter in Planning and Performing an Audit , The Auditor's Responses t is PSA 560, Related Parties fe 2 Assessed fils Communicating with those Charged with Govemance about the Audit Plan PSA 260, Communication with Those Charged with Governance Overview of Risk-Based Audit Process __ 207 PHASE Il- RISK RESPONSE Testing Controls for the Financial Statement Audit ‘Audit Sampling for Tests of Controls PSA 330, The Auditors Responses to Assessed Risks PSA 630, Audit Sampling Testing Controls in an Integrated Audit ‘Obtaining Evidence about » Compliances with Laws and Regulations PSA 250, Consideration of Laws and Regulations in an Audit of Financial Statements ‘Substantive Audit Procedures Audit Evidence regarding the a. Valuation of investments in securities and derivative instruments; b. Existence and “condition of inventory; c. Completeness of litigation, claims, and assessments involving the entity; and d. Presentation and disclosure of segment information, in accordance with the applicable financial reporting framework PSA 330, The Auditors Responses to Assessed Risks PSA 500, Audit Evidence PSA 501, Audit Evidence Specific Considerations for Selected Items PSA 505, Extemal Confirmations External Confirmations ‘Audit Sampling for PSA 530, Audit Sampling Substantive Tests Es Obtaining Evidence about PSA 550, Related Parties Related Parties : : : Tuding Accounting PSA 540, Auditing Accounting Estimates, Including Fair Value Estimates | Accounting Estimates, and rela Disclosures a 208 Chapter 8 Analytical Procedures as a Substantive Test Using an Auditor's Specialist? Expert PSA 520, Analytical Procedures PSA 620, Using the Work of an ‘Auditor's Expert PHASE Ill REPORTING Evaluating the Implications PSA 250, Consideration of Laws,and Regulation in an Audit of Representations of Noncompliance with Financial Statements Laws and Regulations = - = Evaluating Financ PSA 450, Evaluation of Misstalements Identified during the Audit Statement Misstatements Subsequent Events PSA 560, Subsequent Events Disclosures about Related PSA 550, Related Parties Parties Going Concem’ PSA 570, Going Concern Management PSA 580, Written Representations Omitted Procedures Communicating with those Charged with Governance PSA 260, Communication with Those Charged with Govemance Supervision Engagement Quality Review Audit Opinions PSA 700, Forming an Opinion and Reporting on Financial Statements Audit Opinion Modifications PSA 705, Modifications fo the inion in th Auditor's Report Opinion in the Independent Matter Paragraphs in the Audit Report PSA 708, Emphasis of Malter Paragraphs and Me Paragraphs in the Independent Auditor's Rept ar Special Considerations PSA 800, Special Considerations Audits of Fini ~ Audits of Financial Statements Prepared in Accordance with Special Purpose PSA 805, Special Considerations — Air .¢«, Ness: Statements and Specie il Audits Of Single Financial Overview of Risk-Based Audit AUDIT RISK MODEL __209 UNDERSTANDING THE Nature of Risk nm Sie used om erie uncertainty about events and/or their outcomes: ffect on the organization. ‘The four critical components of risk that are relevant to conducting the audit are: 1: isk, The risk that an auditor may give an unqualified opinion on financial statements that are materially misstated. nent.Risk, The economic risk that a CPA Firm is exposed to,simply because it is associated with a particular client including loss of reputation, inability of the client to pay the auditor, or financial loss because management is not honest and inhibits the audit process. Engagement risk is controlled by careful selection and retention of client. 3. Financial-Reporting-Risk, Those risks that relate directly to the recording of transactions and the presentation of financial data in an organization's financial statements. 4, » Risk. Those risks that affect the operations and potential outcomes of organizational activities. 2 : Audit risk is defined as the risk--that»the»auditor. fails~to.find. material misstatements. inthe -client’s financial: statements:and»thereby- inappropriately issues.an-unqualified opinionon-the.financial statements. [he i (D Avoid audit risk by not accepting certain companies as client, ie, reduce ‘engagement risk to zero. Set audit at a level that the auditor believes will mitigate the likelihood that the auditor will fail to identify material misstatements. risk, the auditor must recognize that it is not possible to ever te audit risk, but it can be reduced by doing more work. dit fees, which may create tension with the In controlling audit completely eliminat ; However doing more work raises au client and its management. $5 risk and financial reporting risk originate with i i isks then affect the auditor's the audit client and its environment, and these ris fe ccnesieat tik and audit risk. The effectiveness of risk management Processes will determine whether a company or audit firm continues to exist. At the broadest level, busine: 210 Chapter 8 A number of factors affect a client’s business risk. For examine eee economic climate - favorable or unfavorable - can have a tremend fin on the organization’s ability to operate effectively. | aes bia es technological change, competitor actions, new product lines also affect business risk. Financial reporting risk could arise from issues such as asset impairments, mark-to-market accounting, warranties, pensions, estimates as well as competence and integrity of management and its incentives to misstate the financial statements. re Business risk and financial reporting risk may affect cach other. For instance, management facing strong competition and weak financial results may be motivated to circumvent a weak internal control system or to take advantage of complex financial instruments to achieve desired finaricial reporting results that do not necessarily portray economic reality. Audit firms have discovered that being associated with companies with poor integrity creates risk that can destroy the audit firm or significantly increase the cost of conducting the audit. + Figure 9-3 illustrates the relationship among these risks. Figure 9-3: Relationship Among Risks AUDIT RISK e

    You might also like