520 likes | 803 Views
CHAPTER 5 Audit Risk & Materiality. The phrase “reasonable assurance†in the audit report indicates that there is some audit risk. Scope paragraph:
E N D
The phrase “reasonable assurance” in the audit report indicates that there is some audit risk. Scope paragraph: We conducted our audits in accordance with generally accepted auditing standards. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement...
Note the mention of materiality in the audit report. Scope paragraph: We conducted our audits in accordance with generally accepted auditing standards. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement...
Note the mention of materiality in the audit report. What is materiality?
What is materiality? Materiality is the magnitude of omitted or misstated information that probably would have made a difference in the judgment of someone relying on that information (FASB 2).
For each engagement, auditors typically establish a preliminary judgment about materiality. The preliminary judgment about materiality is the maximum amount by which the auditor be- lieves the statements could be misstated and still not affect the decisions of reasonable users.
For each engagement, auditors typically establish a preliminary judgment about materiality. - may be based on a firm-wide formula considering profitability and/or total assets, e.g., 6% of net income adjusted according to auditor judgment
How does the preliminary judgment about materiality affect the volume of audit evidence? A small materiality estimate will result in more evidence. A large materiality estimate will result in less evidence. “Investigate mis- statements over $100.” “Investigate misstate- ments over $10,000.”
factors affecting the preliminary judgment about materiality - materiality is strongly influenced by client size $1000... peanuts $1000 - WOW!
factors affecting the preliminary judgment about materiality - materiality is strongly influenced by client size - multiple bases of materiality may be appropriate FOR EXAMPLE: The auditor may be concerned that: net income is not misstated by $100,000, and total assets is not misstated by $300,000.
factors affecting the preliminary judgment about materiality - materiality is strongly influenced by client size - multiple bases of materiality may be appropriate - an irregularity is considered more ma- terial than an error of the same dollar amount. WHY?
factors affecting the preliminary judgment about materiality - materiality is strongly influenced by client size - multiple bases of materiality may be appropriate - an irregularity is considered more ma- terial than an error of the same dollar amount. - small differences from contractual requirements may be material (e.g., ratios related to debt agreements)
factors affecting the preliminary judgment about materiality - multiple bases of materiality may be appropriate - an irregularity is considered more ma- terial than an error of the same dollar amount. - small differences from contractual requirements may be material (e.g., ratios related to debt agreements) - immaterial amounts may accumulate into a material amount
set materiality, and assess acceptable audit risk and inherent risk What is acceptable audit risk? Acceptable audit risk is the risk that the auditor is willing to accept that an unqualified opinion will be issued for statements that are materially misstated.
the lower the acceptable audit risk 2%
the lower the acceptable audit risk the greater the certainty the auditor wants to achieve 2% 98%
the lower the acceptable audit risk the greater the certainty the auditor wants to achieve the greater the amount of audit evidence and costs 2% 98%
What is achieved audit risk? Achieved audit risk is the actual risk that the state- ments are materially mis- stated after an unqualified opinion has been issued.
achieved audit risk acceptable audit risk 5% 10% How do acceptable and achieved audit risk affect the audit report? < if audit report is supported by the evidence
> if achieved audit risk acceptable audit risk 5% 15% How do acceptable and achieved audit risk affect the audit report? audit report is not supported by the evidence
Risk is very difficult to quantify. subjective based on judgment
How can an auditor reduce audit risk? gather more evidence audit risk achieved risk acceptable risk sufficient, competent evidence and cost
Auditors may face additional audit risk because of business risk; i.e., the risk that the client will have financial problems. Auditors should consider: - degree to which users rely on the cli- ent’s financial statements - likelihood that the client will have fi- nancial difficulties after the report has been issued - management integrity
audit risk inherent risk control risk detection risk = x x ? Audit Risk has 3 components which combine to make the audit risk model (AU 312):
Inherent Risk - defined as the risk that material mis- statements exist before considering the client internal controls - some accounts, components, cycles are inherently riskier than others auditors must: - identify inherently risky areas - gather appropriate evidence regarding those areas
inherent risk considerations - nature of client’s business EXAMPLE: Sally’s Clothing Boutique rents store space in a house. What are the inherently risky accounts? cash inventory accounts payable Sally’s
inherent risk considerations - nature of client’s business EXAMPLE: Sally’s Clothing Boutique rents store space in a house. What are the inherently less risky accounts? fixed assets equity Sally’s
poor integrity inherent risk considerations - nature of client’s business - integrity of management more evidence
inherent risk considerations - nature of client’s business - integrity of management - client motivation to misstate the finan- cial statements Are management bonuses based on net income?
inherent risk considerations - nature of client’s business - integrity of management - client motivation to misstate the finan- cial statements - results of previous audits - accounts, components which had material mis- statements in prior years should be tested extensively in the current year
inherent risk considerations - nature of client’s business - integrity of management - client motivation to misstate the finan- cial statements - results of previous audits - initial vs. repeat engagements Why are initial audit engagements inherently riskier than repeats?
Why are initial audit engagements inherently riskier than repeats? - during the initial engagement, the auditor is not familiar with client systems, internal controls, and personnel - during the initial engagement, be- ginning balances must be exten- sively examined
inherent risk considerations - nature of client’s business - integrity of management - client motivation to misstate the finan- cial statements - results of previous audits - initial vs. repeat engagements - related parties - nonroutine transactions Has GAAP been correctly applied?
inherent risk considerations - related parties - nonroutine transactions - judgment required to correctly record transactions - susceptibility to defalcation Example: CASH
inherent risk considerations - judgment required to correctly record transactions - susceptibility to defalcation - makeup of the population Which is riskier? average age of a/p, 15 days average age of a/p, 45 days
audit risk inherent risk control risk detection risk = x x ? Audit Risk has 3 components which combine to make the audit risk model: (AU 312)
audit risk inherent risk control risk detection risk = x x the risk that material misstatements will not be prevented or detected by internal controls Audit Risk has 3 components which combine to make the audit risk model: (AU 312)
audit risk inherent risk control risk detection risk = x x ? Audit Risk has 3 components which combine to make the audit risk model: (AU 312)
audit risk inherent risk control risk detection risk = x x Audit Risk has 3 components which combine to make the audit risk model: (AU 312) Detection risk is the risk that material misstate- ments will not be detected by the auditor.
Why does detection risk exist? - the auditor samples (sampling risk) - the auditor may select ineffective audit procedures - the auditor may apply procedures ineffectively - the auditor may incorrectly evaluate the results of procedures The last 3 reasons are nonsam- pling errors. The risk of their oc- currence is nonsampling risk.
audit risk inherent risk control risk detection risk = x x Audit Risk has 3 components which combine to make the audit risk model: (AU 312) Which of these components can the auditor influence?
audit risk inherent risk control risk directly - larger sample size - enhanced training indirectly: influence manage- ment Audit Risk has 3 components which combine to make the audit risk model: (AU 312) detection risk = x x Which of these components can the auditor influence?
audit risk as a double-hoop basketball game internal controls auditing procedures
audit risk as a double-hoop basketball game internal controls auditing procedures misstatements (inherently risky accounts are better shots)
audit risk as a double-hoop basketball game internal controls auditing procedures misstatements detected by internal controls
audit risk as a double-hoop basketball game internal controls auditing procedures misstatements not detected by internal controls (control risk)
audit risk as a double-hoop basketball game internal controls auditing procedures misstatements detected by auditors
audit risk as a double-hoop basketball game internal controls auditing procedures misstatements undetected by auditors (detection risk)