Professional Documents
Culture Documents
Assessment
Week 7, Chapter 8
10-1
1-2
Learning objectives
After studying this presentation, you should be able to:
1 understand the importance of audit risk assessment and why it is
linked to financial statement assertions
2 explain the importance of business risks in audit planning
3 describe the procedures performed by an auditor to assess risk
4 understand the importance of internal control to an entity and to
its independent auditors
5 indicate the procedures for obtaining and documenting an
understanding of the entity’s internal control
6 explain why and how a preliminary assessment of control risk is
made
7 explain the importance of the concept of audit risk and its three
components.
Engagement AUDIT PROCESS
Letter
Financial Statements - Management assertions
Understand internal
Perform preliminary controls
analytical procedures
Learning objectives
Completeness
Existence
Accuracy, Valuation and Allocation
Obligations and Rights
Classification
Presentation
1-8
1.2 Management’s financial statement
assertions – Transactions (2)
Revenue
$641,653,000
Occurrence
Completeness
Accuracy
Cut-off
Classification
Presentation
10-10
Learning objectives
• Enquiries
– Management, staff, internal
auditors, company bankers, legal
advisors
• Analytical procedure
– Provide a broad indication of the
likelihood of possible errors
• Observations and inspections
– Inspection of manuals, visiting
business premises, observing
10-17
3. Risk assessment procedures (2)
To identify significant risks, the auditor is
required to:
1. Identify the risk and any related controls
2. Consider the account balance, class of
transaction or disclosure that is at risk
3. Link the identified risk to the assertions.
4. Establish whether the risk is material
5. Consider whether it is likely the risk could
lead to misstatement in financial statements
Example: Risk assessment procedure
Example: Risk assessment procedure
1-21
1. Identify the risk:
Subjectivity of valuations
balance at risk:
Investment Properties
Valuation
3. Link the identified risk to
the assertions:
• Accuracy, Valuation and
Allocation; Disclosure;
Presentation
4. Establish whether it is
material: $45.3 million
compared to overall group
materiality of $8 million.
5. Consider likelihood of
misstatement: Auditors
comfortable with valuation.
Learning objectives
• Five components:
– Control environment
– Risk assessment processes
– Control activities
– Information system
– Monitoring of controls.
1-29
4.2.1. Control environment (1)
1-40
7. Documenting the
understanding (continued)
Learning objectives
1-55
Audit Risk
1-56
Example
10-57
7.2. The relationships among risk
components
• An auditor’s objective is to achieve an acceptably
low level of audit risk
• There is an inverse relationship between
inherent and control risks and the level of
detection risk that the auditor can accept
• Auditors,
– cannot control inherent risk (IR) and control risk (CR),
– can assess these risks and design substantive
procedures to produce an acceptable level of
detection risk
7.2.1. Non-quantified audit risk
model
• Auditors may use non-quantified expressions for risk:
– This is consistent with the quantified audit risk model, in
that the acceptable levels of detection risk are inversely
related to the assessments of inherent and control risks.
– If the assessments of control and inherent risks are both
high, then the acceptable level of detection risk will
generally have to be very low.
– Conversely, if control and inherent risks are both low, then
the acceptable level of detection risk can be high.
7.3. Acceptable detection risk matrix (1)
1-61