Question

In: Accounting

Please explain in detail, the audit risk model and how this model integrates with the Auditor's...

Please explain in detail, the audit risk model and how this model integrates with the Auditor's "gaining an understanding of the entity, including its internal control, to assess the risk of material misstatement whether due to fraud or error, and to develop the nature, timing and extent of further audit procedures.

Solutions

Expert Solution

Answer:

Audit Risk is the risk that an auditor expresses an inappropriate opinion on the financial statements.

Explanation

Audit risk is the risk that an auditor issues an incorrect opinion on the financial statements. Examples of inappropriate audit opinions include the following:

  • Issuing an unqualified audit report where a qualification is reasonably justified;
  • Issuing a qualified audit opinion where no qualification is necessary;
  • Failing to emphasize a significant matter in the audit report;
  • Providing an opinion on financial statements where no such opinion may be reasonably given due to a significant limitation of scope in the performance of the audit.

Model

Audit Risk = Inherent Risk x Control Risk x Detection Risk

Audit risk may be considered as the product of the various risks which may be encountered in the performance of the audit. In order to keep the overall audit risk of engagements below acceptable limit, the auditor must assess the level of risk pertaining to each component of audit risk.

Components : Explanation of the 3 elements of audit risk is as follows:

Inherent Risk : Inherent Risk is the risk of a material misstatement in the financial statements arising due to error or omission as a result of factors other than the failure of controls (factors that may cause a misstatement due to absence or lapse of controls are considered separately in the assessment of control risk). Inherent risk is generally considered to be higher where a high degree of judgment and estimation is involved or where transactions of the entity are highly complex. For example, the inherent risk in the audit of a newly formed financial institution which has a significant trade and exposure in complex derivative instruments may be considered to be significantly higher as compared to the audit of a well established manufacturing concern operating in a relatively stable competitive environment.

Control Risk : Control Risk is the risk of a material misstatement in the financial statements arising due to absence or failure in the operation of relevant controls of the entity. Organizations must have adequate internal controls in place to prevent and detect instances of fraud and error. Control risk is considered to be high where the audit entity does not have adequate internal controls to prevent and detect instances of fraud and error in the financial statements. Assessment of control risk may be higher for example in case of a small sized entity in which segregation of duties is not well defined and the financial statements are prepared by individuals who do not have the necessary technical knowledge of accounting and finance.

Detection Risk : Detection Risk is the risk that the auditors fail to detect a material misstatement in the financial statements. An auditor must apply audit procedures to detect material misstatements in the financial statements whether due to fraud or error. Misapplication or omission of critical audit procedures may result in a material misstatement remaining undetected by the auditor. Some detection risk is always present due to the inherent limitations of the audit such as the use of sampling for the selection of transactions. Detection risk can be reduced by auditors by increasing the number of sampled transactions for detailed testing.

Application : Audit risk model is used by the auditors to manage the overall risk of an audit engagement. Auditors proceed by examining the inherent and control risks pertaining to an audit engagement while gaining an understanding of the entity and its environment. Detection risk forms the residual risk after taking into consideration the inherent and control risks pertaining to the audit engagement and the overall audit risk that the auditor is willing to accept. Where the auditor’s assessment of inherent and control risk is high, the detection risk is set at a lower level to keep the audit risk at an acceptable level. Lower detection risk may be achieved by increasing the sample size for audit testing. Conversely, where the auditor believes the inherent and control risks of an engagement to be low, detection risk is allowed to be set at a relatively higher level.

Example

ABC is an audit and assurance firm which has recently accepted the audit of XYZ. During the planning of the audit, engagement manager has noted the following information regarding XYZ for consideration in the risk assessment of the assignment:

  • XYZ is a listed company operating in the financial services sector
  • XYZ has a large network of subsidiaries, associates and foreign branches
  • The company does not have an internal audit department and its audit committee does not include any members with a background in finance as suggested in the corporate governance guidelines
  • It is the firm’s policy to keep the overall audit risk below 10%

Inherent risk in the audit of XYZ’s financial statements is particularly high because the entity is operating in a highly regularized sector and has a complex network of related entities which could be misrepresented in the financial statements in the absence of relevant financial controls. The first audit assignment is also inherently risky as the firm has relatively less understanding of the entity and its environment at this stage. The inherent risk for the audit may therefore be considered as high.

Control risk involved in the audit also appears to be high since the company does not have proper oversight by a competent audit committee of financial aspects of the organization. The company also lacks an internal audit department which is a key control especially in a highly regulated environment. The control risk for the audit may therefore be considered as high.

If inherent risk and control risk are assumed to be 60% each, detection risk has to be set at 27.8% in order to prevent the overall audit risk from exceeding 10%.

Working

Audit Risk = Inherent Risk x Control Risk x Detection Risk

0.10 = 0.60 x 0.60 x Detection Risk

0.10   = Detection Risk = 0.278 = 27.8%
0.36

How does audit risk affect audit strategy?

The extent and nature of audit procedures is determined by the level of detection risk required to bring audit risk to an acceptable level.

Auditors cannot control the inherent risk or control risk. They can however balance these risks by determining a suitable detection risk to keep the overall audit risk in check.

Detection risk directly influences audit strategy. For example, if an audit requires a low detection risk to counter a high control risk, auditors may rely less on control testing and conduct extensive substantive procedures to form a valid audit opinion.


Related Solutions

Please explain in detail, the audit risk model and how this model integrates with the Auditor's...
Please explain in detail, the audit risk model and how this model integrates with the Auditor's "gaining an understanding of the entity, including its internal control, to assess the risk of material misstatement whether due to fraud or erroe, and to develop the nature, timing and extent of further audit procedures. Please explain audit risk model, its risk components and what they mean?
Question 4 Short answer question on audit risk model & audit strategies Briefly explain how the...
Question 4 Short answer question on audit risk model & audit strategies Briefly explain how the audit risk model should be applied in a financial statement audit. How do audit strategies affect audit testing? You do NOT need to define the components of the audit risk model.
Discussion: (1) Please describe the audit risk model (RMM: risk of material misstatement model) based on...
Discussion: (1) Please describe the audit risk model (RMM: risk of material misstatement model) based on your own understanding and explain the each term (factor) in the model in terms of how each factor affects to the overall audit risk (increase or decrease) and amount of audit evidence (nature, timing, and extent of evidence). (2) Also, describe its interrelationships among each of FOUR factors of the risk model; inherent risk, control risk, and detection risk at an acceptable audit engagement...
What is audit risk? What is the Audit Risk Model? What are the components of audit...
What is audit risk? What is the Audit Risk Model? What are the components of audit risk and how do these relate to each other? How does materiality and the audit approach interact with the Audit Risk Model?
HOW TO DO B PLEASE EXPLAIN IN DETAIL One measure of the risk or volatility of...
HOW TO DO B PLEASE EXPLAIN IN DETAIL One measure of the risk or volatility of an individual stock is the standard deviation of the total return (capital appreciation plus dividends) over several periods of time. Although the standard deviation is easy to compute, it does not take into account the extent to which the price of a given stock varies as a function of a standard market index, such as the S&P 500. As a result, many financial analysts...
What is the theory of the Audit Risk Model? Please provide. What are the related practices...
What is the theory of the Audit Risk Model? Please provide. What are the related practices of the Audit Risk Model? Please provide and give an example.
what is the relevance of the audit risk model at the time of planning an audit?
what is the relevance of the audit risk model at the time of planning an audit?
explain in detail the concept of risk and its importance how risk in the valuation of...
explain in detail the concept of risk and its importance how risk in the valuation of financial instruments
Audit risk is a function of inherent risk, control risk and detection risk. Explain Audit risk....
Audit risk is a function of inherent risk, control risk and detection risk. Explain Audit risk. Describe the relationships between all risks and their components?
12. when discussing acceptable audit risk (AAR) and the audit risk model which of the following...
12. when discussing acceptable audit risk (AAR) and the audit risk model which of the following statements is true A. AAR is objectively determined by the auditor B. When the auditor decides on a lower acceptable audit risk it means the auditor wants to be more certain that the financial statements are not materially misstated C. AAR is the risk that the auditor is willing to take that the financial statements are fairly stated D. The terms audit assurance overall...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT