Question

Describe the audit risk model (RMM: risk of material misstatement model) based on your own understanding and explain the each term (factor) in the model in terms of how each factor affects to the overall audit risk (increase or decrease) and amount of audit evidence (nature, timing, and extent of eviden

Describe its interrelationships among each of FOUR factors of the risk model; inherent risk, control risk, and detection risk at an acceptable audit engagement risk level. ( directly proportional vs. inversely proportional, dependent, independent, positive, negative, etc..)

Answer 1

Audit Risk is the risk that an auditor expresses an inappropriate opinion on the financial statements.

Audit Risk = Inherent Risk x Control Risk x Detection Risk

Audit risk may be considered as the product of the various risks which may be encountered in the performance of the audit. In order to keep the overall audit risk of engagements below acceptable limit, the auditor must assess the level of risk pertaining to each component of audit risk.  

Inherent Risk is the risk of a material misstatement in the financial statements arising due to error or omission as a result of factors other than the failure of controls (factors that may cause a misstatement due to absence or lapse of controls are considered separately in the assessment of control risk).

Control Risk is the risk of a material misstatement in the financial statements arising due to absence or failure in the operation of relevant controls of the entity.

Detection Risk is the risk that the auditors fail to detect a material misstatement in the financial statements.

INTERRELATIONSHIP-

Audit risk model is used by the auditors to manage the overall risk of an audit engagement.

Auditors proceed by examining the inherent and control risks pertaining to an audit engagement while gaining an understanding of the entity and its environment.

Detection risk forms the residual risk after taking into consideration the inherent and control risks pertaining to the audit engagement and the overall audit risk that the auditor is willing to accept.

Where the auditor's assessment of inherent and control risk is high, the detection risk is set at a lower level to keep the audit risk at an acceptable level. Lower detection risk may be achieved by increasing the sample size for audit testing. Conversely, where the auditor believes the inherent and control risks of an engagement to be low, detection risk is allowed to be set at a relatively higher level.