Assessing Audit Risks - Session 1

ACCA Director Author

Assessing Audit Risks

Contents:

Session 1: Components of audit risks
Session 2: Audit risks and auditor’s responses
Session 3: Specific audit risks in the Financial Statements with auditor’s responses
Session 4: Materiality Levels

Referenced syllabus:

Syllabus 3. Assessing audit risks part (a)-(c)

Referenced standards:

ISA 330 The auditors’ responses to assessed risks
ISA 320 Materiality in planning and performing an audit

Exam focus:

Section B in the exam usually provides a scenario requiring students to analyse audit risks tailored to the client.

For analytical procedures:

Step 1 – What – clues from the case

Step 2 – Due to what reasons causing the change to take place

Step 3 – There is a risk that elements in accounts (such as assets, liabilities, income, expense) in SFP or P/L are over or understated, or under disclosure.

For other IFRS related items:

Step 1 – What – clues from the case

Step 2 – Materiality (in the AA exam, this could usually be ignored)

Step 3 – IFRS requirement, the IFRS number is not required

Step 4 – There is a risk that the IFRS requirement is not followed resulting in What Financial Statements (P/L, SFP) and what elements (assets, liabilities, income, expense) to be understated, overstated, under disclosure.

Additional note – for new audit client, explain detection risk (difficulties in identifying potential material misstatements).

Business risks:

Step 1 – What – clues from the case – 0.5 marks

Step 2 – It may …(go wrong), AND the impact (reduce profits or revenue, cash flows or liquidity problems, damage reputation due to non-compliance, problems in establishing a sound internal control system, drain on management’s time and resources) – 1.5 marks

Session 1: Components of audit risks

Audit risks:

Inherent risk:

Inherent risk is the probability that material misstatements (transaction – sales; account balances – assets, liabilities or equity; disclosures – contingencies, going concern disclosure) could occur, before considering the effect of internal controls.

Factors that increase inherent risk:

Complicated balances (requirement significant judgement) – work in progress, fair value, stage of completion of contract in progress, depreciation and residual value.

Change in industry

Problems:

1. Going concern problems – likely to window dress Financial Statements

2. Liquidity problems – likely to manipulate the liquidity position

3. Performance measurement based on profits – likely to manipulate profits

4. Highly regulated industry – provision liability may be understated

To assess inherent risk - Auditor obtains an understanding of the audit client, including its nature of business and operations, its organisation structure and management, and its external environment to assess the inherent risk.

Control risk:

Control risk Inherent risk is the probability that material misstatements (transaction – sales; account balances – assets, liabilities or equity; disclosures – contingencies, going concern disclosure) could occur, after considering the effect of internal controls.

Factors that increase control risk:

Lack of personnel with appropriate accounting and financial reporting skills.

Changes in key personnel including departure of key management.

Deficiencies in internal control, especially those not addressed by management.

Installation of significant new IT systems related to financial reporting.

To assess control risk:

Auditor ascertains and documents the entity’s internal control system to assess the effectiveness of the design of the internal controls.

Auditor performs test of controls to assess whether the internal controls are operating effectively.

Detection risk:

Detection risk is the probability that audit procedures failed to detect material misstatements in the financial statements.

Factors that increase detection risk:

Sampling risks – incorrect sampling techniques and sample sizes selected. However, if auditors use ‘Auditing Data Analytics’, they would not face sampling risks as 100% data will be sampled.

Non-sampling risks – inappropriate audit planning, procedures, supervision and review of audit work, assignment of audit personnel; facing tight deadline; new client; insufficient resources to check client’s operations (such as a failure to attend client’s inventory counts)

To reduce detection risk:

Reducing sampling risk - by increasing sample size;

Reducing non sampling risk – better quality control in relation to planning, resource allocation (audit personnel), to apply professional sceptisism during the audit and to supervise and review the audit work properly.

Relationships among risks:

To reduce the audit risk to the acceptable level, there is an inverse relationship between ROMM and Detection risk.

Risk-based approach:

Auditors shall use a risk-based approach by firstly finding out the BUSINESS RISKS that client is facing, followed by audit risks in client’s accounts.

Business risks are risks affecting client’s operations, they could include internal risks such as fraud, or left of directors; micro risks such as emergence of competitors; macro risks such as changes in government, interest rates etc.

Business risks could indicate audit risks in accounts, ie the emergence of competitors in the market place could force client to lower its profit margin, however, in order to maintain the profit target, management may manipulate accounts.

Dive deeper, conquer those exams, and truly make your mark by grabbing your spot in our ACCA online course today at www.globalapc.com – let’s crush this together!

Categories: : Audit and Assurance (AA)