Question

Sam is an audit senior of Principal Auditors, a large international audit firm.
He has been asked by the audit partner, Sal Fields, to evaluate the following audit
risks of a major international client.
One of the client's soft drink factory warehouse reported large staff turnover in its
cash payment section. For two months, two employees were recording and
authorising batches of cheques for each other to overcome staff shortages.
Required: What aspect of Audit Risk will be affected (Control Risk and/or Inherent Risk) and
what is the likely impact on the identified risk? Provide a brief explanation.

Answer 1

{ Note-- Impact of identified risk on this business i will explain with taking some examples. I try to cover each and every point to cover for your better understanding.}

What is audit risk ?

•Audit Risk is the risk that an auditor expresses an inappropriate opinion on the financial statements.

::Explanation-

Audit risk is the risk that an auditor issues an incorrect opinion on the financial statements. Examples of inappropriate audit opinions include the following:

a).Issuing an unqualified audit report where a qualification is reasonably justified.

b).Issuing a qualified audit opinion where no qualification is necessary

c).Failing to emphasize a significant matter in the audit report

d).Providing an opinion on financial statements where no such opinion may be reasonably given due to a significant limitation of scope in the performance of the audit.

•Model of audit risk--

•Audit Risk = ( Inherent Risk x Control Risk x Detection Risk.)

Audit risk may be considered as the product of the various risks which may be encountered in the performance of the audit. In order to keep the overall audit risk of engagements below acceptable limit, the auditor must assess the level of risk pertaining to each component of audit risk.

••Inherent Risk-- is the risk of a material misstatement in the financial statements arising due to error or omission as a result of factors other than the failure of controls (factors that may cause a misstatement due to absence or lapse of controls are considered separately in the assessment of control risk).

For example-:

the inherent risk in the audit of a newly formed financial institution which has a significant trade and exposure in complex derivative instruments may be considered to be significantly higher as compared to the audit of a well established manufacturing concern operating in a relatively stable competitive environment.

•Control risk -

Is the risk of a material misstatement in the financial statements arising due to absence or failure in the operation of relevant controls of the entity.Control risk is considered to be high where the audit entity does not have adequate internal controls to prevent and detect instances of fraud and error in the financial statements.Assessment of control risk may be higher.

•For example-:

in case of a small sized entity in which segregation of duties is not well defined and the financial statements are prepared by individuals who do not have the necessary technical knowledge of accounting and finance.

•Difference between inherent risk & control risk.

The inherent risk stems from the nature of the business transaction or operation without the implementation of internal controls to mitigate the risk.

Control risk arises because an organization doesn’t have adequate internal controls in place to prevent and detect fraud and error.

••some numerical examples-

If inherent risk and control risk are assumed to be 60% each, detection risk has to be set at 27.8% in order to prevent the overall audit risk from exceeding 10%.

Working--

Audit Risk = Inherent Risk × Control Risk x Detection Risk.

0.10 = 0.60 x 0.60 x Detection Risk

0.10 ÷0.36= Detection Risk = 0.278

= 27.8%

I am so glad you asked for help when you needed it.