In: Operations Management
Identifying and Assessing Audit Risk
Blue &Green Chartered Accountants has just been appointed the external auditor for Orange Ltd.
Tom Brown is the Audit Senior for the new client and is in the process of planning the audit for the year ended December 31, 2016. He is currently performing risk assessment procedures to identify and assess the risk of material misstatement for further development of the audit procedures to ensure that the requisite audit evidence is obtained.
Background Data
Orange Ltd is a public limited company which was incorporated on June 1, 2000 as a motor insurance business. Its primary activity is the provision of motor insurance in return for a premium and its main expenses are Operating Expenses, Claims Expenses and Payroll Costs. The company’s major assets are Fixed Assets and Investments and its major liability is Outstanding Claim Settlement.
The Managing Director is connected to the Chairman of the Board of Directors by marriage and is paid a 40% share of profits in addition to a fixed salary. The criteria for profit pay is that the company must achieve a 25% Return on Investment; the other companies in the industry make an average ROI of 10%.
The following issues were extracted from the respective sources noted:
Review of previous year financial statements and discussion with previous auditors
There is a concern that the fair value of a commercial building owned by the company is materially overstated as the building which is currently unoccupied is in an area which has become rundown
The Provision for Outstanding Claims is deemed to be understated as based on the tests done the level of provision on a case to case basis is understated
Review of the Management Letters from the previous auditors
The procedure to review balances due from a customer on a periodic basis to assess collectivity has not been effective as it was discovered that the supervisor was not doing the review as required
The procedure to review Claims and make a provision based on an assessment of liability was not applied consistently, especially in the case of bodily injury which were the higher cost claims. The Managing Director had given directives to ensure that provisions were kept as low as possible.
The Managing Director authorized the write off of a material amount from Deferred Tax Liability which was unsupported.
Required:
1. Identify at least five (5) significant risk factors in the scenario above
2. State the type of risk for each risk noted in (1) above (5marks)
3.Using your judgment, assign an appropriate risk rating for
Inherent Risk
Control Risk
Provide a brief justification for your risk rating. Use the table below as a guide to assign ratings
Risk Level |
Risk Rating |
High |
80 – 100% |
Medium |
50% - 79% |
Low |
0% - 49% |
In general risks can be categorized as external and internal risks for instance political risk, financial risk, market risk, intellectual property risk, social risk, safety risk etc. Risks can be acknowledged by identifying the adverse events that can go wrong and then getting acquainted with the prospective impacts on the project and categorizing all the significant tasks that the project must perform and then classifying all the potential means by which these functions might be unsuccessful while performing the concerned functions.
Risks that can be categorized as low impact and low probability of happening are fundamentally insignificant and can normally be get rid of from active consideration. Risks that are portrayed as high impact and high possibility of occurrence often cause a project to be terminated. Thus business administrators need to establish if the project should be terminated or the prospective benefits are so enormous that taking the risks is justified.
Low-impact and high risk probability are basically due to apprehensions of numerous factors that may be independently inconsequential risks but in collective could amount to a considerable risk. For instance uncertainty concerned with the actual expenses of labor and materials, productivity of the labor force etc.
High-impact and low-probability events are infrequent in happening and thus it is not easy to allocate probability to them however the main purpose should be to categorize and be acquainted with administrator action plans to scrutinize, lessen and administer the risks.
Inherent risk are most frequent for instance where accountants have to make use of a bigger than standard amount of judgment and estimation where multifaceted financial factors and aspects are involved. Thus inherent risks compared to control risks are much more difficult to control and manage due to its complexity characteristics.