Upload
alyssa-martinez
View
11
Download
3
Tags:
Embed Size (px)
DESCRIPTION
hh
Citation preview
Chapter 3
Risk Assessment and Materiality
Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin
Audit Risk
The risk that an auditor will issue an
unqualified opinion on materially
misstated financial statements.
Financial statement
level
Individual account
balance or class
of transactions level
LO# 1
3-2
Engagement Risk
An auditor’s exposure
to financial loss and
damage to
professional reputation.
Client and third
party lawsuits
Negative
publicity
LO# 1
Local audit
failure …
3-3
The Audit Risk Model
Audit Risk = IR × CR × DR
Inherent risk and control risk:
Risk that material misstatements exist
Nonsampling
risk
Sampling
risk
Detection risk:
Risk that auditor will not detect misstatements
• Inappropriate audit procedure
• Fail to detect when using
appropriate audit procedure
• Misinterpreting audit results
LO# 2
3-4
Using the Audit Risk Model
Set a planned level of audit risk such that an opinioncan be issued on the financial statements.
Assess inherent risk and control risk.
Use the audit risk equation to solve for the appropriatelevel of detection risk:
AR = IR × CR × DR
DR = AR
IR × CR
Auditors use this level of detection risk to design audit
procedures that will reduce audit risk to an acceptable level.
LO# 3
3-5
Relationship of the Entity’s Business Risks to the
Audit Risk ModelFigure 3-1
LO# 3
3-6
Using the Audit Risk Model
Qualitative terms may also be used in the audit risk model.
Case AR IR CR DR
1 Very low High High Low
2 Low Low Moderate Moderate
3 Very low Low Low High
LO# 3
3-7
Limitations of the
Audit Risk Model
Preliminary
Assessment
Level of Risk
Actual
or Achieved
Level of Risk
LO# 4
+ / –
The audit risk model is a planning tool, but it has some limitations
that must be considered when the model is used to revise an audit
plan or to evaluate audit results.
• The desired level of audit risk may not actually be achieved.
• It does not consider potential auditor error.
• There is no way of knowing what the preliminary level of risk
actually was.
3-8
The Auditor’s Risk
Assessment Process
Auditors need to
identify business risks and
understand the potential
misstatements that
may result.Business risks
include any external or
internal factors, pressures, and
forces that bear on the entity’s
ability to survive and
be profitable.
LO# 5
3-9
The Auditor’s Risk Assessment ProcessFigure 3-2 An Overview of the Auditor’s Assessment of Business Risks and the Risk of
Material Misstatements
LO# 5
3-10
Understanding the Entity
and Its Environment
Industry
Factors
Regulatory
Environment
Nature of
the Entity
Internal
Control
Objectives and
Strategies
Business
Risks
Performance
Measures
LO# 5
3-11
Understanding the Entity
and Its Environment
LO# 5
3-12
Understanding the Entity
and Its Environment
LO# 5
3-13
Auditor’s Risk Assessment Procedures
(How do we gather this evidence?)
Inquiries of
Management
and Others
Analytical
Procedures
Observation
and Inspection
LO# 5
3-14
Examples of misstatements include:
An inaccuracy in gathering or processing data from which financial statements are prepared.
A difference between the amount of a reported financial statement account and the amount that would have been reported under GAAP.
The omission of a financial statement element, account, or item.
An incorrect accounting estimate arising from an oversight or misinterpretation of facts.
The omission of information required to be disclosed in accordance with GAAP.
LO# 6
Assessing the Risk of Material
Misstatement Due to Error or Fraud
3-15
Errors are unintentional misstatements:
Mistakes in gathering or processing financial data used to prepare financial statements.
Unreasonable accounting estimates arising from oversight or misinterpretation of facts.
Mistakes in the application of accounting principles relating to amount, classification, manner of presentation, or disclosure.
LO# 6
Assessing the Risk of Material
Misstatement Due to Error or Fraud
3-16
Fraud involves intentionalmisstatements. The fraud risk identification process includes:
Sources of information about possible fraud
Communications among the audit team
Inquires of management and others
Fraud risk factors
Analytical procedures
Other information
LO# 6
Assessing the Risk of Material
Misstatement Due to Error or Fraud
3-17
Three conditions usually
exist when fraud occurs.
Incentive or
pressure to
perpetrate fraud
Opportunity
to carry out
the fraud
Attitude or
rationalization
to justify fraud
LO# 6
Assessing the Risk of Material Misstatement
Due to Error or Fraud
(Fraud Triangle)
3-18
Financial stability
or profitability
is threatened
Excessive pressure
for management to
meet third party
expectations
Management’s personal
financial situation
is threatened
LO# 6
Fraudulent Financial Reporting
Risk Factors Relating to Incentive/Pressure include:
Assessing the Risk of Material Misstatement
Due to Error or Fraud
(See Table 3-4)
3-19
Ineffective
monitoring of
management
Nature
of the
industry
Deficient
internal
control
Complex
or unstable
organizational
structure
LO# 6
Fraudulent Financial Reporting
Risk Factors Relating to Opportunities include:
Assessing the Risk of Material Misstatement
Due to Error or Fraud
(See Table 3-5)
3-20
Risk Factors Relating to
Attitudes/Rationalizations
(See Table 3-6)
Poor communication
channels for reporting
inappropriate behavior
Weak ethical
standards for
Management
behavior
Committing to
aggressive or
unrealistic forecasts
Use of
inappropriate accounting
based on materiality
LO# 6
Fraudulent Financial Reporting
Risk Factors Relating to Attitudes/Rationalizations include:
3-21
Fraud involves
intentional misstatements.
Fraudulent
financial reporting
Misappropriation
of assets
LO# 6
Assessing the Risk of Material
Misstatement Due to Error or Fraud
3-22
Fraudulent financial reporting includes acts such as the following:
Manipulation, falsification, or alteration of accounting records or supporting documents used to prepare financial statements.
Misrepresentation in, or intentional omission from, the financial statements of events, transactions, or significant information.
Intentional misapplication of accounting principles relating to amount, classification, manner of presentation, or disclosure.
LO# 6
Assessing the Risk of Material
Misstatement Due to Error or Fraud
3-23
Misappropriation of assets involves the
theft of an entity’s assets to the extent that financial statements are misstated.
Examples include:
Stealing
assets
Embezzling
cash received
Paying for
goods and services
not received by
the company
LO# 6
Assessing the Risk of Material
Misstatement Due to Error or Fraud
3-24
Access
to assets
Inadequate
separation
of duties
No mandatory
vacation policy
Personal
financial
pressures
Adverse
employee management
relationships
Small, valuable
inventory items
Sudden changes in
employee behavior
Lack of
inventory
control
LO# 6
Assessing the Risk of Material
Misstatement Due to Error or Fraud
Misappropriation of Assets
Risk Factors for Misappropriation of Assets include:
Employee
disregard
of internal
control3-25
Auditor’s Response to
the Risk Assessment (See Figure 3-3)
Financial statement level risks
Develop an overall
response.
Determine what can go wrong
at the account or assertion level.
LO# 7
Assess the risk of material misstatement at the financial statement and assertion levels.
Do
these
risks relate
pervasively
to the
financial
statements?
Design audit
procedures for
assertion level risks.
Assertion level risks
Yes
No
3-26
Auditor’s Response to the Risk
Assessment
LO# 7
To respond appropriately to pervasive financial statement risk, the auditor may do the following:
Emphasize to the audit team the need to maintain professional skepticism.
Assign more experienced staff or those with specialized skills.
Provide more supervision.
Incorporate additional elements of unpredictability in the selection of audit procedures.
3-27
Evaluation of Audit
Test ResultsAt the completion of the audit, the auditor should consider:
1. whether the accumulated results of audit procedures affect the
assessments of the entity’s business risk and the risk of material
misstatement, and
2. whether the total misstatements cause the financial statements to
be materially misstated.
THEN…
If the financial statements are materially misstated, the auditor
should
1. request management to eliminate the material misstatement, or
2. if management does not make needed adjustments, the auditor
should issue a qualified or adverse opinion.
LO# 8
3-28
Evaluation of Audit
Test ResultsIf the auditor determines that the misstatement is or may
be the result of fraud, and has determined that the effect
could be material, the auditor should:
Attempt to obtain audit evidence to determine whether, in
fact, material fraud has occurred and, if so, its effect.
Consider the implications for other aspects of the audit.
Discuss the matter and the approach to further investigation
with an appropriate level of management that is at least one
level above those involved in committing the fraud and with
senior management.
If appropriate, suggest that the client consult with legal
counsel.
Consider withdrawing from the engagement.
LO# 8
3-29
Documentation of the
Auditor’s Risk AssessmentThe auditor should document:
Discussions among engagement personnel.
Procedures performed to identify and assess the risks
of material misstatement due to fraud.
Risks of identified material misstatement due to fraud
and a description of the auditor’s response to the risks.
Fraud risks or other conditions that result in additional
audit procedures.
The nature of the communications about fraud made to
management, the audit committee, and others.
LO# 9
3-30
Communications about FraudWhenever the auditor has found evidence that a fraud may
exist, that matter should be brought to the attention of an
appropriate level of management. Fraud involving senior
management and fraud that causes a material misstatement of
the financial statement should be reported directly to the audit
committee of the board of directors.
The auditor should reach an understanding with the audit
committee regarding the expected nature and extent of
communications about misappropriations perpetrated by
lower-level employees.
LO# 10
3-31
The disclosure of fraud to parties other than the client’s
senior management and its audit committee ordinarily is not
part of the auditor’s responsibility and ordinarily would be
precluded by the auditor’s ethical and legal obligations of
confidentiality, except when the following conditions exist:
To comply with certain legal and regulatory requirements.
To a successor auditor when the successor makes
inquiries in accordance with AU 315, Communications
between Predecessor and Successor Auditors.
In response to a subpoena.
To a funding agency or other specified agency in
accordance with requirements for the audits of entities
that receive governmental financial assistance.
LO# 10
Communications about Fraud
3-32
Materiality
The magnitude of an omission or misstatement of
accounting information that makes it probable that
the judgment of a reasonable person relying on
the information would be changed or influenced
by the omission or misstatement.
Materiality is not an absolute and
it is not a black or white issue!
The determination of materiality
requires professional judgment.
LO# 11
3-33
Steps in Applying Materiality
on an Audit
Step 1:
Determine a materiality level for the overall financial statements(planning materiality)
Step 2:
Determine tolerable misstatement (allocation of materiality at individual account/class of transactions
level)
Step 3:
Evaluate auditing findings(near the end of the audit)
LO# 12
3-34
Step 1 – Determine Overall
Materiality
The quantitative base formateriality is a percentage(typically 3-5 percent) of:
• Total revenues.
• Gross profit.
• Income before taxes.
• Income from continuingoperations.
• Total assets.
• Three year average income.
The quantitative amountsmay be adjusted lower forqualitative factors such as:
• Close to violating loancovenants.
• Break-even earnings.
• Management turnover.
• High market pressures.
• High fraud risk.
• Higher than normal riskof bankruptcy.
LO# 12
3-35
Step 2 –Determine Tolerable
MisstatementTolerable misstatement is the amount of planning
materiality allocated to an account or class of
transactions. Combined tolerable misstatement is
generally greater than planning materiality because:
Not all accounts will be misstated by their full
tolerable misstatement allocation.
Audits of individual accounts are conducted
simultaneously.
When errors are identified, additional testing is
typically performed in that account and related
accounts.
Overall materiality serves as a “safety net.”
LO# 12
3-36
Step 3 – Evaluate Audit
FindingsWhen the audit evidence is gathered, the auditor:
Aggregates misstatements from each account or
class of transactions (including known and likely
misstatements).
Considers the effect of misstatements not adjusted in
the prior period.
Compares the aggregate misstatement to planning
materiality.
If the aggregate misstatement is less than planning
materiality, the auditor can conclude that the financial
statements are fairly presented, if not, an adjustment
should be made.
LO# 12
3-37
End of Chapter 3
Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin