Professional Documents
Culture Documents
Audit
Risk
CPA
9-1
Presentation Outline
I. Steps in Applying Materiality
II. Risk in Auditing
III. Planning Model Relationships
IV. Evaluating Results
9-2
9-3
Step 1 in Applying Materiality
Set preliminary judgment about materiality.
Tolerable
Account Misstatement
Cash $ 4,000
Accounts receivable 20,000
Inventory 36,000
Preliminary judgment
about materiality $50,000
9-6
Step 3 in Applying Materiality
Estimate total misstatement in segment.
Preliminary judgment
about materiality $50,000
*estimate for sampling error is 50%
9-8
Step 4 in Applying Materiality
Estimate the combined misstatement.
9-9
Step 5 in Applying Materiality
Compare combined estimate with preliminary or
revised judgment about materiality.
Tolerable Direct Sampling
Account Misstatement Projection Error Total
Cash $ 4,000 $ 0 $ N/A $ 0
Accounts receivable 20,000 12,000 6,000* 18,000
Inventory 36,000 31,500 15,750* 47,250
Total estimated
misstatement amount $43,500 $16,800 $60,300
Preliminary judgment
about materiality $50,000
*estimate for sampling error is 50%
Because the estimated combined misstatement exceeds the
preliminary judgment, the financial statements are not acceptable.
The auditor may perform additional audit procedures to reevaluate
the estimate, or require adjustment for the estimated misstatements.
9 - 10
II. Risk in Auditing
9 - 11
A. Components of Audit Risk
Susceptibility of an assertion to
Total Inherent Risk
material misstatement assuming no
misstatement (IR)
related internal controls.
-
Caught by Risk of misstatements not being
internal Control Risk
detected by system of internal
controls (CR)
control.
-
Caught by Detection Risk Risk of misstatements not being
auditor (DR) detected by the auditor.
=
Undetected Audit Risk Misstatement that remains
misstatement (AR) undetected by the auditor.
B. Acceptable Audit Risk
Audit
Risk
9 - 14
2. Likelihood of Financial Failure
9 - 16
C. Inherent Risk
1. Nature of the Client’s Business
2. Results of Previous Audits
3. Initial vs. Repeat Engagement
4. Related Parties
5. Nonroutine Transactions
6. Judgment Required
7. Make-up of the Population
9 - 17
1. Nature of the Client’s
Business
Ricky’s Electronics Inherent risk is likely to vary
from business to business for
accounts such as inventory,
accounts and loans receivable,
and property, plant, and
equipment.
The nature of the business
should have little effect on cash,
notes payable, and mortgages
payable.
9 - 18
2. Results of Previous Audits
Misstatements found in
the previous year’s audit
have a high likelihood
of occurring again.
Many types of
misstatements are
systematic in nature,
and organizations are
slow in making changes
to eliminate them.
9 - 19
3. Initial vs. Repeat Engagement
9 - 20
4. Related Parties
Examples of related
party transactions are
those between parent
and subsidiary
companies, and
management or owners
and the company.
Increases inherent risk
because there is a
greater likelihood of
misstatement.
9 - 21
5. Nonroutine Transactions
Transactions that are
unusual for the client
are more likely to be
recorded incorrectly.
Examples include fire
losses, major property
acquisitions, etc.
9 - 22
6. Judgment Needed
Many account balances
require estimates and a
great deal of
management judgment
including:
Uncollectible accounts
receivable
Obsolete inventory
Warranty liabilities
9 - 23
7. Make-up of the Population
Accounts receivable
where most accounts are
significantly overdue
Transactions with
related parties
Disbursements made
payable to cash
Inventory with a slow
turnover
9 - 24
D. Control Risk
There are two basic phases to an auditor’s evaluation of
control risk:
1. Obtain an understanding of internal control. This
phase applies to all audits.
2. Test the internal controls for effectiveness. This
phase only applies when the auditor chooses to
assess control risk at below the maximum.
9 - 25
E. Planned Detection Risk
The auditor can reduce planned detection risk by
performing more substantive testing.
Increased audit
evidence
Lower
Detection
Risk
9 - 26
III. Planning Model
Relationships
A. Acceptable Audit Risk Relationships
B. Inherent Risk Relationships
C. Control Risk Relationships
D. The Overall Relationship of Components in
Planning the Audit Process
E. The Audit Risk Model for Planning
9 - 27
A. Acceptable Audit Risk Relationships
Acceptable
audit risk Direct Inverse
Planned Planned
detection risk audit evidence
Acceptable audit risk is the risk that the auditor is
willing to take of giving an unqualified opinion when
the financial statements are materially misstated.
As acceptable audit risk increases, the auditor is
willing to collect less evidence (inverse) and
therefore accept a higher detection risk (direct). 9 - 28
B. Inherent Risk Relationships
D
Inherent Planned Planned
risk I detection risk audit evidence
Planned Planned
detection risk audit evidence
I D
Control
risk
Control risk is the risk of misstatements not being
detected by the client’s system of internal control.
As control risk increases, the auditor must reduce
detection risk (inverse) by collecting more audit
evidence (direct).
9 - 30
D. The Overall Relationship of
Components in Planning the Audit Process
Acceptable
audit risk D D I
Inherent Planned I Planned
risk I detection risk audit evidence
I D I
Control
risk
Tolerable
misstatement
D = Direct relationship; I = Inverse relationship
9 - 31
E. The Audit Risk Model
for Planning
The audit risk model for evaluating results is stated in SAS 47.
Research subsequent to the issuance of SAS 47 has shown
that it is not appropriate to uses this evaluation formula as
originally intended. However, the model does show three
possible ways to reduce achieved audit risk to an acceptable
level.
Reduce inherent risk – not feasible unless new facts are uncovered
during the audit process.
Reduce control risk – may be possible to reevaluate control risk to
a lower level by conducting more tests of internal controls.
Reduce achieved detection risk – can be achieved by larger sample
sizes and/or additional audit procedures.
9 - 35
C. Revising Risks and Evidence
9 - 37