OVERVIEW OF ELEMENTS OF THE

FINANCIAL REPORT AUDIT PROCESS

Part 2

SCHOOL OF BUSINESS & LAW

 3

RISKS
TESTS &
MATERIALITY
 What is the overview of the audit risk model ? – LO 4.5

• Auditors adopt a business risk approach to determining what is

sufficient appropriate audit evidence.

• Audit risk is the risk that the auditor will give an inappropriate
audit opinion when the financial report is materially misstated.

• Before issuing an opinion on the financial report, the auditor

needs to reduce audit risk to an acceptable level to ensure the
opinion is reliable.

• Audit risk is a function of the risks of material misstatement

(RMM) and of detection.

Ref: ASA 200.13 – Pages 151-153 of Textbook-7

 What is risk of material misstatement ?
• RMM is the risk that financial report is materially misstated prior to
audit.
• RMM may exist at:
• Overall financial report level for risks that relate pervasively to
financial report as a whole and may affect many assertions eg.
going concern risk and

• Assertion level for classes of transactions and balances that are

assessed to determine audit procedures to obtain sufficient
appropriate audit evidence .

• At assertion level the RMM is a combination of inherent and

control risk, eg: inherently risky items will increase RMM, but this
risk is reduced if proper controls implemented.

• Ref: Pages 151-153 of Textbook-7

 How to reduce audit risk ?
• An auditor reduces audit risk by performing audit procedures
until there is sufficient appropriate evidence for each assertion of
each significant transaction class or account balance to provide
reasonable assurance that the financial reports are not materially
misstated.

• The audit risk model focuses audit effort on those classes of

transactions or balances and the particular assertions that are
likely to contain material misstatements.

• Ref: Pages 151-153 of Textbook-7

What are the components of audit risk ?
There are three components.
• Inherent risk (IR):
• Susceptibility of an assertion to material misstatement
given inherent and environmental characteristics, but without
regard to prescribed control procedures.

• Control risk (CR):

• Risk that material misstatement might not be prevented
or detected by internal control procedures.

• Detection risk (DR):

• Risk that auditors’ substantive procedures will lead
auditor to conclude no material misstatement exists
when, in fact, one does.
• Ref: Pages 151-153 of Textbook-7
 How to reduce audit risk ?
• During the planning phase of the audit, a planned acceptable level of
detection risk is determined for each significant assertion. Therefore,
audit risk is a combination of inherent risk, control risk and
detection risk.

• Auditors cannot change inherent risk, although they can suggest

changes to enhance control system for future periods.

• Auditors cannot directly change control risk.

• An auditor can obtain evidence to support an assessed level of

control risk that’s is less than high and expect to rely on internal
control by examining the entity’s internal control and testing its
effectiveness.

• Ref : Pages 151-153 of Textbook-7

 How to reduce audit risk ?
• The level of detection risk is the lever an auditor can pull to reduce
audit risk by (ASA200.A45):
• Adequate planning

• Proper assignment of personnel to audit engagement team

• Application of professional scepticism

• Appropriate decisions on nature, timing and extent of audit

procedures.

• Effective performance of procedures and evaluation of results.

• Supervision and review of audit work performed.

• Ref: Page 153 of Textbook-7

 What is the interrelationship of the components of audit
risk ?

Ref: Page 154 of Textbook-7

 What is business risk ?
• Business risk is defined as:
The risk that an entity’s business objectives will not
be obtained as a result of external and internal factors,
pressures and forces brought to bear on an entity and,
ultimately, the risk associated with the entity’s survival and
profitability.

• Requires extensive knowledge of client’s business and industry

to develop a more efficient and effective audit.

• Focus on the client’s business risks leads to a more strategic and

systematic approach to the audit.

• Ref : Pages 154-155 of Textbook-7 - Bell et al.(1997)

What is the relationship of business risk to audit risk ?

Ref: Page 155 of Textbook-7

 What is materiality ? – LO 4.6
• Auditor must make preliminary assessment of materiality when
planning the audit.

• Materiality defined as information, individually or in aggregate,

that if misstated or omitted from a financial report may adversely
affect decisions about the allocation of scarce resources made by
financial report users - ASA 320.2.

• Auditor must determine materiality level for the:

• Financial report as a whole
• Particular classes of transactions, account balances and
disclosures.
Ref : Page 155 of Textbook-7
 What is overall materiality levels ?
• Used in practice to refer to materiality for the financial report as a
whole.
• The auditor will consider both amount and nature of
misstatements ASA 320.4.
• Materiality is a concept of relative significance which depends on
the amount of the item of interest and some relevant basis of
comparison.
• To estimate an amount for planning materiality, the auditor selects
a base and a suitable percentage to apply to that base.
• this requires professional judgment
• not all auditors do it the same way.

• Ref : Page 155 of Textbook-7

 What are materiality levels ?

• Ref : Page 156 of Textbook-7

 What are rules of thumb for planning materiality ?

• Ref : Page 157 of Textbook-7

What are the qualitative factors to be considered ?
An auditor should consider qualitative factors as well as quantitative assessment.

Qualitative factors include:

•the significance of the item to the particular entity

•the pervasiveness of the misstatement (e.g. the misstatement might affect the
presentation of numerous items in the financial report)

•the effect of the misstatement on the financial report

as a whole.

• Ref : Page 159 of Textbook-7

 What is the inverse relationship between materiality and audit
risk ?

• Ref : Page 159 of Textbook-7

What types of audit test ? – LO 4.7

• Tests of control – To obtain evidence about:

• The effectiveness of the design of the policies or procedures

in internal control or

• The operating effectiveness of those policies or procedures.

• These tests may produce evidence to support a lower

assessed level of control risk.

• Ref: Pages 161-162 of Textbook-7

What types of audit test ?

• An auditor performs tests of control to obtain evidence about

whether the control activities of the internal control system are
effective.

• The tests are designed to provide evidence to support an

assessment of control risk at a level below high, indicating
reliance on the keys controls.

• Ref: Pages 161-162 of Textbook-7

 Why are tests of control performed ?

• Substantive tests - To obtain evidence about:

• The validity and the propriety of the accounting treatment of

transactions and balances or

• Conversely, of errors or irregularities therein.

• These tests reduce detection risk

• Ref: Page 162 of Textbook-7

 What are substantive tests ?

• Performed on specific transactions and balances

to see whether the dollar amount of an account balance is
materially misstated.

• These tests reduce detection risk.

• There are two general categories of substantive tests:

• Analytical procedures

• Tests of details

• Ref: Page 162 of Textbook-7

 What are the types of substantive tests ?

• Analytical procedures: involve the study and comparison of

relationships between accounting data and related information

• Tests of details: obtaining evidence on the items or details

included in an account balance or class of transactions:

• Substantive tests of transactions

• Substantive tests of balances
• Substantive tests of disclosures

• Ref: Page 162 of Textbook-7

 4

EXPERTS &
WORKING
PAPERS
 How to use the work of an expert or another auditor ? – LO 4.8

• Given the complexity and highly specialised nature of many client

operations, auditors often find they are unable to service clients
effectively without specialist knowledge.

• Experts can be internal or external to the audit firm.

• Audit firms develop industry specialisations, have knowledge

management systems supporting the specialisations and have
employees designated as specialists by industry, function or
technical area.
• Ref: Pages 163-164 of Textbook-7
How to ensure that work by an expert is adequate ?
• An auditor should:

• Assess capabilities and competence of the expert.

• Assess objectivity of the expert.
• Obtain an understanding of the work of the expert.
• Evaluate the appropriateness of the work of the expert for the
relevant assertion by:
• Discussing or reviewing reasonableness of assumptions and
methods used,
• Considering relevance, completeness and accuracy of source
data used, and
• Considering consistency of expert’s work with results of other
audit procedures.

Ref: Page 164 of Textbook-7