Question

What are three control Risk associated with auditing a Company and for each control risk include:

• Identify the control risk
• Describe the factors that led you to identify the control risk
• Explain why you feel it is a key control risk
• Describe what testing you would plan to do to address the control risk

Answer 1

Ans: Audit Risk- Risk that the auditor gives an inappropriate opinion when the financial statements are materially mis-stated.

There are three types of risks associated with audit:

1. Inherent Risk- Susceptibility of an account balance or class of transaction to a material misstatement assuming that there are no internal controls

2. Control Risk- Risk that material misstatements will not be prevented or detected and corrected on a imely basis by the internal control system.

3. Detection Risk- Risk that substantive procedure performed by auditor fails to detect material misstatements. Some detection risk will always be present even if an auditor was to examine 100% of the account balance or class of transaction.

Sr. No	Identification of Risks	Factors that led to identification of Risks	Reason for it to be a key control risk	Steps taken to address the control risk
1	Inherent Risk	(a) Suspicious of fraudulent reporting and theft (b) Complexity of accounts and business transaction (c) Prior Period adjustments (d) Size and nature of business	(a) It is one of the major component of audit risk because the business operates in a complex environment (b) Inherent risk is a key control risk because it helps in determining NTE i.e nature, timing and extent of further audit procedure.	(a) The auditor must possess experience from prior audits. In this way, he can be able to identify and assess the inherent risk. (b) Identify and assess the controls established by the management. (c) Observe significant changes in controls from last assessment.
2.	Control Risk	(a) Absence of internal controls- When the Organization does not have proper internal controls, it gives rise to control risk (b)Weak Internal controls- The auditor identified that the internal controls within the organization is not effective.	(a)Control Risk is one of the key risk because it detects fraud and error which will not be detected and prevented by entity's internal control system.	(a) Preliminary assessment of control risk. (b) Documentation of understanding and assessment of control risk. (c)Identify potential misstatements (d) Perform tests of controls (e) Evaluation of evidences gathered and its assessment.
3	Detection Risk	(a) Selecting the wrong testing method for audit as different financial accounts needs specific testing. (b) Misinterpretation of audit results while evaluating results and deciding that the accounts are fairly presented but in fact they are materially misstated. (c) Wrongly applying an audit procedure or being unreasonable in applying audit procedure.	(a) detection risk is a key risk because it may result in an auditor giving inappropriate opinion on materially misstated financial statements. (b) It needs to be kept at an accpetable low level to help the users of financial statement make proper decision.	(a) Observe and change whenever necessary, the Composition of the engagement team i.e., size, competence, skill, objectivity and independence. (b) Perform rigorous testing on the transactions just before or after the year end also known as cut-off testing. (c) Rely more on external evidences than on internal evidences. (d) Perform substantive procedures than test of controls.