Chapter 7

Risk Assessment and Inherent Risk

After Studying this chapter, you should be able to:

1. Understand the audit risk model, its components, and its relevance to audit planning
2. Explain the inheremt risk assessment process and assess inherent risk
3. Distinguish between overall risk response and risk response at the assertion level
4. Perform a preliminary fraud risk assessment
5. Describe the fraud triangle and identify conditions for fraud
6. Develop responses to identified fraud risks

And this chapter 7 referenced

1. CAS 200 Overall objectives of the independent auditor and the conduct of an audit in
accordance with Canadian auditing standards
2. CAS 240 The auditors responsibilities relating to fraud in an audit of financial statements
3. CAS 315 Indetifying and assessing the risks of material misstatement
4. CAS 330 Auditor’s responses to assessed risks

This chapter, we continue our discussions auditor’s risk assessment, with a focus on inherent
risk factors and significant risks (including fraud risk).

1. The audit risk Model

Audit risk that the auditor expresses an inappropriate audit opinion when the financial
statements are materiality misstated. Emphasizes that audit risk is related to the
process of auditing it is not the auditor’s business risk, such as loss from litigation or
adverse publicity, that can arise as a result of an audit
1) The audit risk model and its components
a. Risk of material misstatement
b. Risk of material misstatement at the financial statement level
 c. Risk of material misstatement at the assertion level ( Inherent risk and
Control risk)

d. Application of the audit risk model

e. High risk assertion
f. Low risk assertion
g. Managing detection risk
2. Inherent Risk Assessment
The inherent risk assessment process as outline in CAS 315 the auditor uses the
information gathered through risk assessment procedures. This auditor’s goal is to
identify RMM at the over all financial statement level and the assertion level. The
auditor will then evaluate the nature and significance of those risks, in order to (1)
design overall risk responses at the financial statement level and (2) design furher
audit procedures that address the risk at tha assetion level.
1) Identifity RMM and inherent risk factors, events or conditions that affect risk
of material misstatement before the consideration of controls.

a) Complexity
b) Subjectivity
c) Change
d) Uncertainty
e) Susceptibility to misstatement due to management bias and/or
fraud risk factors
2) Identifying and assessing overall financial statement risk, are risk that
pervasively to the financial statements a whole, and can potentially affect
many assertions. Explains that once auditors identifity overall financial
statement risk they will
a) Determine whether the risks affect the assessment of risks at the
assertion level
 b) Evaluate the nature and extent of their pervasive effect on the financial
statements

Below are some examples of events and conditions that are pervasive risks
that cannont be isolated to specific accounts and assertions.

a) Poorly trained or inexperienced accounting

b) Significant control deficiencies
c) A history of ongoing losses and liquidity
d) Past misstatements
e) Risks of material misstatements due fraud
f) Concern over management integrity
3) Identifying and assessing risk of material misstatement at the assertion level,
auditors need to identify the significant classes of transactions, account
balances, and disclosures.
4) Identifty significant risk, they represent those inherent risk farctors, either
individually or in combination, that have increased the likelihood of a
misstatement occurring or the mangnitude of the misstatement. Matters that
may have a higher risk of material misstatement and, therefore, may be a
significant risk
a) Transactions for which there are multiple acceptable accounting
b) Accounting estimates that have high estimation uncertainty or complex
models
c) Account balances or quantitave disclosure that involve complex
calculations
d) Accounting principles that may be subject to differing interpretation
e) Changes in the entity’s business that involve change in accounting
3. Risk Response for Levels of Risk
From the assessment of risk of material misstarement, the auditor develops (1) an
overall risk response, (2) a risk response at the assertions level, which is referred to as
futher audit procedures.
 1) Overall risk response, example of auditors assess risk of material
misstatement and develop on overall risk response to address the identified
significant risks. The risk response section of the planning memo summarizes
deloitte’s overall risk response, which addresses risk at the overall financial
statement level. That deloitte’s risk response encompasses the first four
recommendations CAS 330 as outlined below:
a) Assign more experienced staff or those with special skills or us experts
b) Instruct the engagement team to use a heightened level of professional
skepticism
c) Increase involvement of audit partners and managers
d) Closer supervision review
e) Incorporate additional elements of unpredictability in the selection of
further audit procedures to be performed
f) Consider if changes need to be made to the overall audit strategy
2) Risk reponse at assertion level, the risk response at the assertion level, or the
furthure audit procedures, involves (1) developing tests of control, if relevant
(2) substantive audit procedures that will test the specific assetions regareding
relevant classes of transactions, account balances, and disclosures.
4. Considering Fraud Risk
Auditors perform risk assessment procedures to assess the risk of material
misstatement due to fraud or errod, the risk of not detecting a material misstatement
due to fraud is higher than the risk of not detecting a misstatement due to error.
Outlines the following procedures the auditor should perform to obtain information
that will enable the auditor to assess fraud risk:
a) Discuss with the audit team members the risk of material misstatement
due to fraud
b) Make inquiries to management, those in charge of governance, and
others regarding processes for identifying and responding to fraud risk
c) Evaluate unusual and unexpected relationship identified when
performing analytical review procedures
 d) Evaluate the risk or revenue fraud and management override, and
understand period end

The auditor’s consideration of the risk of material misstatement due to fraud is

made at both the financial statement level and at the assertion level for classes of
transactions, account balances, and presentation and disclosures

5. Conditions For Fraud

The auditor should pay attention to the three conditions for fraud arising from
fraudulent financial reporting and misappropriations of assets. these three conditions
of incentives/pressures, opportunities, and attitudes/rationalization are referred to as
the fraud triangle.

1) Risk factors for fraudulent financial reporting

2) Risk factors for misappropriation of assets
6. Risk Response For Fraud Risks
When the auditor identifies risks of material misstatements due to fraud, requires the
auditor to develop responses to those risk at three levels:
1) Overall responses to fraud risks
2) Reponses to fraud risks at the assertion level
3) Responses to address management override of controls