THE RISK-BASED

APPROACH TO AUDIT:
AUDIT JUDGMENT
KELOMPOK 5:
DIKA FAUSIA DAYUNI
NGTYASRENNY NADIAN
TI
FEBRI TRI ANDRIANS
YAH
SARAH BENITA
MUTIARAHATI
 WHY IS A RISK-BASED APPROACH
TO AUDIT AN AID TO THE AUDITOR?
The primary objectives of the audit risk ISAS are for auditors to identify
and assess the risks of material misstatement at the financial statement
level and at the assertion level for classes of transactions, account
balances and disclosures.

Risk of Material Risk of Material

Misstatement Misstatement
Financial Statement Level Assertion Level
material misstatement that relate pervasively to risks of material misstatement of individual
the financial statements as a whole and transactions, account balances and
potentially affect many assertions. disclosures.
There are two audit approaches to auditor’s procedures in response to assessed
risks:

Audit Risk
The risk that the auditor expresses an inappropriate audit opinion
when the financial statements are materially misstated.

Business Risk
The risk resulting from significant conditions, events, circumstances,
actions or inactions that could adversely affect an entity’s ability to achieve its
objectives and execute its strategies, or from the setting of
inappropriate objectives and strategies.
1 Inherent Risk
.
the susceptibility of an assertion to a misstatement that could be
material, assuming that there are no related controls

2 Control Risk
.
the risk that a misstatement that could occur in an assertion
and that could be material will not be prevented or
detectedand corrected on a timely basis by the entity’s
internalcontrol

3.
Detection Risk
the risk that the auditor will not detect a misstatement that exists in
an assertion that could be material.
Broad
Approach to
Minimize Audit
Risk
Broad Approach to Minimize Audit Risk
(cont.)
Investigating the legitimacy of the entity and the integrity and competence of its management before
acceptance of the audit assignment and before commencing each subsequent audit

Considering the independence of the audit firm and its staff in relation to the entity before
acceptance of the audit assignment and before commencing each subsequent audit

Understanding the nature of the entity and the environment in which it operates before
commencing any detailed audit work
The nature of the entity and its environment
The entity’s internal control

Planning by the auditor to minimize risk of failing to detect material misstatement at the financial
statement and assertion level

Design of the audit approach on the basis of what is now known about the audit client and the setting of
performance materiality; forming an engagement team with the required experience and skills

Design of audit programmes to obtain the evidence necessary to form conclusions at the assertion level,
leading to an opinion on the truth and fairness of the financial statements taken as a whole
APractical
Example
Business Risks: Controls to reduce risk:
The volatility of the property market, often Vetting by responsible persons before letting to tenants,
occasioned by unexpected changes in interest such as requiring prospective tenants to give banker’s and
rates. character references from reliable individuals.

Risk of collapse (making its going concern status An accounting system recording amounts due and the issue
doubtful) of timely reminders if tenants fall behind with their rent.

Requiring tenants to pay by bank standing order

Properties with a realizable value below cost

Tenants will fail to pay the rent on the due dates or fail Allocation of responsibility for such matters as chasing up
to pay at all payment

The company not be able to fully let properties

Giving discounts for timely payments.
during an economic downturn
 Estimates in accounting – exercise of
judgement
The estimation of the likely profitability of long-term construction contracts.

The estimation of reserves in the mineral oil industry.

The estimation of future cash flows where there is some doubt about the going concern status
of the entity.

The estimation of the effect of technological change on the value of current inventories or the
impairment of non-current assets.
The estimation of the amount of significant accrued liabilities such as pension obligations.

Judgement about fair values.

Judgement about the outcome of litigation in respect of claims against the entity.

Estimates of the realizable value of property or equipment held for disposal.

 Approach to the components of audit risk
Audit Risk (AR) = Inherent Risk (IR) x Control Risk (CR) x Detection Risk
(DR)
BUSINESS RISK APPROACH TO
AUDIT
Possible objectives of entity:

Attaining a certain level of profitability.

Maximizing shareholder wealth.

Ensuring efficiency and effectiveness of operations.

Meeting a desired market share.

Giving customer satisfaction, however that might be measured.

Maintaining a desired level of liquidity.

Maintaining reputation.

Meeting the challenge of changes affecting the entity as they

occur.

Adhering to accepted principles of corporate governance, including adherence to predetermined

measures of environmental protection.
Earnings management and income smoothing

Healy and Wahlen Walker

(1999) (2013)

Earnings management occurs

Earnings management is the use of
managers use when
managerial discretion over (within
judgementand in structuring in
reporting transactions
GAAP) accounting choices, earnings
to alter financial reports financial
to either
reporting choices, and real economic
mislead some stakeholders about the
decisions to influence how underlying
underlying economic performance of the
economic events are reflected in one or
company or to influence contractual
more measures of earnings
outcomes that depend on reported
accounting numbers
 THE REASONS WHY MANAGEMENT MIGHT WISH TO ENGAGE
IN INCOME SMOOTHING OR EARNINGS MANAGEMENT
GENERALLY:
Management might indulge in income smoothing if profits have been adversely or
1
. favourably affected by conditions unlikely to be repeated.

Remuneration of key people within the entity is often tied to reported earnings.
1
. Income smoothing would avoid swings in remuneration.

Earnings management might be used to influence decisions by external investors and analysts
1
.
In the circumstances of a reorganization of a company or a proposed management takeover,
managers might be inclined to make excessive provisions (known as ‘big bath’ provisions).
1
. Earnings management might be used to influence perceptions of financial strength by a range of
third parties, including present and potential competitors, customers, suppliers, employees,
1
politicians and regulators.
.
BUSINESS RISK AND INHERENT RISK
APPROACHES: SIMILARITIES AND
DISSIMILARITIES
SIMILARITIES:
Approaches to business risk and inherent risk both use a top-down approach initially entity
considered in entirety – to decide what procedures must be performed to ensure that the
financial statements give a true and fair view of results and financial position.
The factors that increase inherent risk, such as management inexperience and lack of skills and
other negative entity level factors, may well make it less likely that business objectives will be
obtained.
The factors that serve to increase control risk, such as a poor control environment, may also
inhibit the achievement of business objectives.
Analysis of business risk and inherent risk may help the auditors in work designed to prove
that financial statements give a true and fair view. Both kinds of analysis give auditors a
better understanding of the entity and its operations.
DISSIMILARITIES

A)AUDITORS CONSIDER INHERENT RISKS IN RELATION TO IMPACT

THEY MAY HAVE ON FINANCIAL STATEMENTS.
B) BUSINESS RISK APPROACH CONSIDERS RISKS THAT INHIBIT THE
COMPANY IN ACHIEVING ITS OBJECTIVES. MANY COMPANY
OBJECTIVES HAVE LITTLE OR ONLY AN INDIRECT BEARING ON THE
FINANCIAL STATEMENTS.

WHILE FACTORS THAT FAIL TO REDUCE IMPACT OF INHERENT RISK

MAY ALSO FAIL TO REDUCE IMPACT OF BUSINESS RISK, BUSINESS
AND AUDIT OBJECTIVES ARE SO DISSIMILAR THAT THE FACTORS
CANNOT BE REGARDED AS CREATING A SIMILARITY
Impact that a business risk approach might
have on the audit process
Improves the basic audit of the financial statements and makes
it
less likely that erroneous conclusions will be reached.
It makes the audit more efficient and therefore more profitable.
It expands the potential for giving assurance to management
beyond traditional audit and is felt to add value to the audit from
the client perspective and thereby to create additional sources of
income.
The expanded audit has potential to contribute to corporate
governance arrangements and disclosures because of the
broader understanding of the business and its risks.
Better understanding of a client’s business and its risks
will
reduce the audit firm’s own business risk – sometimes referred
to as engagement risk.
 THE BUSINESS RISK APPROACH AND
SMALLER CLIENTS AND SMALLER
AUDIT FIRMS
The business risk approach is a method used in auditing to assess the risk of
material misstatement in financial statements. It involves considering the risks
inherent in a client's industry, operations, and internal controls, and tailoring
audit procedures accordingly. When it comes to smaller clients and smaller audit
firms, there are specific considerations and challenges associated with
implementing the business risk approach:
Smaller Clients:
1. Limited
Resources:
Smaller clients often have limited financial and human resources. This
can impact the effectiveness of internal controls and increase the risk
of errors or fraud.
Audit firms must assess how resource constraints may affect the
accuracy and completeness of financial statements

1. Owner-Manager Involvement:
Smaller businesses are often owner-managed, and key financial
decisions may be centralized. This concentration of control can
increase the risk of management bias or manipulation.
Auditors need to consider the influence of key individuals on financial
reporting and exercise additional professional skepticism.
 1. Sensitivity to Economic Changes
Smaller businesses may be more sensitive to economic fluctuations,
making them
vulnerable to changes in market conditions.
Auditors need to assess how economic factors might impact the client's ability
to continue as a going concern.
Smaller Audit Firms:
1. Limited Specialization:
Smaller audit firms may lack specialization in certain industries or complex
accounting areas.
Auditors must be aware of their own firm's limitations and either acquire the
necessary expertise or consider referring the engagement to a more specialized
firm.
1. Client Acceptance and Retention:
Smaller audit firms may face pressures to accept clients that pose
higher inherent
risks due to the need for revenue.
Proper client acceptance and retention policies should be in place to ensure that
the firm can effectively manage the risks associated with its client portfolio.
1. Staffing Challenges:
Smaller audit firms may have limited staffing resources, which can impact the
depth of audit procedures performed.
Proper planning and training are essential to ensure that audit teams have the
necessary skills to address the unique challenges of smaller clients.
 1. Technology Utilization:
Smaller firms may have limited access to advanced auditing technologies.
Investing in cost-effective technological solutions can enhance audit efficiency
and effectiveness.
Common Considerations:

1. Communication:
Effective communication between auditors and clients is crucial.
Smaller
clients may be less familiar with the audit process, requiring additional
explanation and guidance.

1. Documentation:
Comprehensive documentation of audit procedures is essential, particularly in
smaller firms where the same individuals may not be involved in every audit
engagement.
 1. Risk Assessment:
A thorough understanding of the client's business environment is
critical for accurate risk assessment. Smaller clients may require
more emphasis on qualitative factors.

In summary, while the business risk approach remains a fundamental

aspect of auditing, auditors dealing with smaller clients and working
in smaller firms must adapt their strategies to address the unique
challenges and circumstances associated with these engagements.
ANALYTICAL REVIEW A S A RISK ANALYSIS TOOL
An analytical review can be a valuable tool in risk
analysis, providing a systematic and comprehensive
examination of various factors that may pose risks to a
project, business, or organization
Here are some ways in which analytical reviews can
serve as an effective risk analysis tool:
1.Identification of Key Variables:
2.Trend Analysis:
3.Financial Analysis:
4.Market and Industry Analysis:
5.Scenario Analysis:
By integrating these aspects, analytical reviews provide
a holistic view of potential risks, allowing organizations
to develop risk mitigation strategies and make
informed decisions. It is important to note that
analytical reviews are most effective when conducted
regularly, considering both internal and external
factors, and involving key stakeholders in the process.
JUDGEMENT IN ACCOUNTING AND
AUDITING AND ITS RELATIONSHIP TO RISK

Judgment in accounting and auditing is a critical aspect of

financial reporting and assurance processes. Both
professions require professionals to exercise judgment in
various situations to ensure that financial information is
presented fairly, accurately, and in compliance with
applicable accounting standards and regulations.
Additionally, judgment plays a crucial role in assessing and
managing risks associated with financial reporting and
auditing.
 Revenue Recognition

Estimates Judgment Impairment

and
Assumption
in Assessments

s Accounting

Classification and
Presentation:
 Materiality

Risk
Assessment Judgment in Auditing Audit
Procedures

Going Concern
Assessment
Relationshipto
Risk
1. Inherent Risk
Judgment is used to assess inherent risk, which is the susceptibility of an
assertion to material misstatement before considering the effectiveness of
internal controls.
1. Control Risk
Auditors exercise judgment in evaluating the effectiveness of internal
controls. The assessment of control risk influences the extent and nature of
substantive procedures.

2.Detection Risk
The level of detection risk is inversely related to the assessed risks of material
misstatement. Auditors use judgment to determine the appropriate level of
substantive procedures to achieve the desired level of audit assurance.
In summary, judgment in accounting and auditing is
essential for making informed decisions in the face of
uncertainty. Professionals in these fields must consider
the specific circumstances of each engagement, apply
relevant standards and regulations, and use their
expertise to ensure the accuracy and reliability of
financial information.
THE RISK-
BASED
APPROACH TO
AUDIT: AUDIT
JUDGEMENT
 Management Of The Audit Process
The engagement parkner is responsible as we have seen for ensuring objectivity and independence issues
are considered, but also for planning and overall conduct and control of individual audit assignments,
and for making certain that sufficient appropriate evidence has been gathered and recorded in working
files to enable the audit opinion to be soundly based. The engagement partner has considerable interest in this
respect, as he or she signs the audit report. Much of the planning and control work will be delegated to
managers.

Managers are responsible for the delegated planning and overall conduct and control of individual audit
assignments and for the overall quality of the work performed. They bear, together with the engagement partner,
responsibility for the effective and efficient conduct of the audit, including maintaining cumulative
client knowledge. Cumulative client knowledge is an important aspect of quality control, comprising all the
knowledge about the client firm of value for the conduct of the audit. We shall return to the question of
cumulative client knowledge in this and later chapters, but gathering information is a costly exercise, and it
should be recorded to ensure that it remains useful and that you will not have to collect it again next year.
Seniors are responsible for the day to day conduct, control and quality of the individual audit
assignment. Unlike managers they will normally be present in the client company during
virtually the whole of the audit process. They will also bear some responsibility for the
maintenance of cumulative client knowledge, including descriptions of company systems, used in
the audit process

Assistant auditors are the people who carry out much of the day to day detailed audit work. Their
experience depends upon the time they have spent in professional life, and normally the seniors will
subject their work to considerable supervision and control. Some firms have a grade semisenior
between assistant auditor and senior.
The Terms of Reference Provide The Audit
Framework
The letter of engagement: role and contents
To whom the engagement letter is addressed
The letter should be addressed to a person having management authority in the entity
Objectives and scope of the audit
This section identifies the financial statements and states that the audit will be conducted with the
objective of expressing an opinion on the statements. ‘Scope of audit’ means what the auditor will be
doing in order to form reasonable conclusions in the course of an audit of the financial statements of
the company.
The responsibilities of the auditor
There is a reference to the ethical standards to which auditors must adhere. There is an
explanation of the audit process, including planning, and a reference to the fact that the audit is
about obtaining reasonable assurance of whether the financial statements are free from
misstatement.
Responsibilities of management and those charged with governance
The auditors inform management and those charged with governance of their responsibilities and
ask them to acknowledge and understand that they have responsibility for preparing financial
statements that are fairly presented in accordance with IFRS Standards (including IAS Standards).
As part of this responsibility they are required to establish internal controls they consider
necessary to enable them to prepare financial statements free of material misstatement, whether
due to fraud or error.
Audit reporting
There might be a reference here to the fact that the form and content of the audit report would
depend on the outcome of the audit work performed and that the draft audit report would be
discussed with management before issuance.
Fees
Normally, the letter will contain details of how audit fees are calculated, based on time spent by
members of the engagement team, the rates depending on their responsibility and skill and
experience required of them.
Recurring audits
There might be a statement here that the terms of the engagement letter would be
effective for the current and future years, until such time as circumstances change.
Finally
Two copies of this letter of engagement would be sent to the management (the
addressee) with the request that one be signed to indicate agreement and returned to the
audit firm.
 Planning The
Assignment
Study of the business
Introduction
In the case of companies audited in prior years, much information needed for planning
should be available in the working and other files, but in the first audit more time will be
devoted to this phase.

The external environment

It is imporkant for auditors to understand the industry within which their client operates, so
they can appreciate the kinds of competition the client might face and the problems and risks
of concern.

The internal environment

It is often difficult to separate the internal environment from the external, as many
internal features that are influence by a response to the external world.
Preparation of audit
planning memorandum
The auditor shall include in the audit
documentation:

The overall audit strategy;

The audit plan; and

Any significant changes made during the audit engagement to the overall audit strategy
or the audit plan, and the reasons for such changes.
Preparation of time and fee budgets

Time and fee budgets, both of which are directly dependent upon the auditor’s evaluation
of risk. This is because the risk evaluation will determine the extent of substantive
procedures performed. The amount of work carried out involves of course the use of
resources, the most important of which will be the time of partners and staff of the audit
firm. The time budget should be designed to provide sufficient time for audit risk to be
reduced to acceptable levels.
1. Kualifikasi dari auditor kan selalu digaung gaungkan harus pintar lah,
independen dll. Tetapi di small firm banyak auditor yang notabenya
masih junior secara pengalaman tapi sudah diangkat sebagai senior
tanpa kualifikasi tambahan. Bagaimana audit firm menghindari resiko
atas hal yang dialami auditor atas sesuatu diluar kapabilitasnya ?
2. Apakah manfaat pendekatan resiko berbasis audit bisa membantu
auditor dalam hal apa?
3. Adakah aturan dalam satu tim harus berapa orang?