Chapter 5

Risk

Audit risk

Audit risk is the risk that the auditor expresses an inappropriate opinion when the
financial statements are materially misstated.

One of the main requirements of the auditor is to reduce the audit risk to an
acceptably low level.

Auditors always have a risk of providing an unmodified audit opinion, if this were
to happen the auditor could be sued by the intended users and the firm can
damage its reputation. To avoid these auditors will plan and perform the audit in
such a way that audit risk is reduced to an acceptably low level.

Audit risk comprises of material misstatement and detection risk.

Risk of material misstatement includes inherent and control risks, where as

Detection risk includes sampling and non-sampling risk.

An auditor can only influence detection risk as inherent and control risks are
influenced by the client. To reduce audit risk, the auditor must reduce detection
risk by for example bringing more experienced members to the audit team.

Risk of material misstatement

The risk that the financial statements are materially misstated prior to the audit.
This can be due to fraud or errors.

Objective of the auditor is to identify and assess the risk of material

misstatement.
What is a misstatement?

A difference between the reported amount, presentation, disclosure of a financial

statement item that is required for the item to be in accordance with the
applicable financial reporting framework.

When conducting a thorough assessment of risk, the auditors would, identify

areas of financial statements where misstatements are likely to occur, plan
procedures, carry out an effective audit, reduce the level of risk issuing an
opinion, minimize the risk of reputational damage.

There are three categories of misstatements,

Factual Misstatement: Misstatement about which there is no doubt.

Judgmental Misstatement: Differences in accounting estimates that the auditor

may consider unreasonable, selection or application of accounting policies that
the auditor considers inappropriate.

Projected Misstatement: Auditor’s best estimate of the total misstatement in a

population through the projection misstatements identified in a sample.

Inherent risk

The susceptibility of any disclosure to misstatement that could be material before

consideration of any related controls.

Complex accounting treatment is an example of an inherent risk, Inherent risk can

arise due to the nature of the industry.

Inherent risk factors may be qualitative or quantitative, qualitative inherent risk

factors include, complexity, subjectivity, change, uncertainty, susceptivity to
management.

Examples of inherent risks include property plant and equipment being

overstated if expenditure on repairs is treated as capital. Provision liabilities
overstated if no obligation is created at the reporting date.
Control risk

Risk that there is a misstatement that could occur and that could be material, will
not be prevented, or detected and corrected on a timely basis by the entity’s
controls.

Client should have controls in place, segregations of duties, reconciliations,

physical controls etc. to prevent and detect misstatements. If effective controls
are in place the control system will either prevent the misstatements from
occurring or will detect misstatements that have occurred.

If controls are not effective, control risk will increase and there will be greater risk
of misstatements.

Detection risk

The risk that the procedures performed by the auditor to reduce the audit risk to
an acceptably low level will not detect a misstatement that exists and that could
be material.

Detection risk comprises of sampling and non-sampling risk.

Sampling risk: Risk that the auditor’s conclusion based on a sample is different
from the conclusion that would have been reached is the whole population was
tested, meaning that the sample was not a true representative of the population.

Non-Sampling risk: Risk that the auditor’s conclusion is inappropriate for any
other reason for example application of inappropriate procedures or the failure to
recognize a misstatement.

Auditor must amend the audit approach in response to risk assessment and this
can be achieved by,

Emphasizing the need for professional skepticism, assigning more experienced

staff, changed the nature, changing audit strategy for example auditor’s
determination or the auditor’s plans.
Professional Scepticism

An attitude that includes a questioning mind, being alert which may indicate
possible misstatement due to fraud or error. Professional scepticism is necessary
for the critical assessment of audit evidence as it assists the auditor in remaining
alert to audit evidence. Professional scepticism is an attitude that is applied by the
auditor when making professional judgements.

Professional scepticism requires the auditor to provide audit evidence,

information that brings into question the reliability of documents and responses
to enquires, conditions that may indicate fraud, circumstances that suggest the
need for audit procedures.

Materiality

Misstatements are material if they could reasonably influence the economic

decisions of the users taken based on financial statements.

If financial statements contain material misstatement, they cannot be deemed to

show a true and fair view. Focus of an audit is identifying the significant risks of
material misstatement in the financial statement.

Determination of materiality is a matter of professional judgement, the auditor

must consider if the misstatement would be affecting the economic decision of
the users, size and nature of misstatements, information needs of the users as a
group. Bottom line is that materiality is a subjective matter.

Material by size

ISA 320 recognizes the need to establish to establish a financial threshold to guide
audit planning and procedures.

0.5% to 1% - Sales revenue

1% to 2% - Total assets

5% to 10% - Profit before tax

In the exam use the lower end of the range to judge if the misstatement is
material, use the mnemonic RAP (Revenue, Assets, Profits) to memorize.

Material by nature

Materiality is not only looked at from a financial perspective. Some items may be
material by nature. Examples include Misstatements that affect compliance, that
would turn a profit into a loss, that would turn a liability into an asset, all the
transactions with directors, disclosures in the financial statements.

Performance materiality

It is unlikely that auditors will be able to design tests that identify individual
material misstatements, that is why there is a concept of performance
materiality.

It is the amount set by an auditor at less than materiality for the financial
statements to reduce to an appropriately low level. The auditor sets performance
materiality at a value lower than overall materiality. This reduces the risk that the
auditor will fail to identify misstatements.

Risk assessment procedures

Risk assessment procedures include,

Enquiries with the management, Analytical procedures, Observation (of control

procedures for example), Inspection (of key strategic documents for example).

An auditor is required to obtain an understanding of,

Aspects of an entity such as the complexity of the entity’s organizational

structure, ownership, and governance (including level of distinction between the
owners, management and those charged with governance), the business model,
industry and regulations, applicable financial reporting framework and if the
company’s accounting policies are in accordance with it, components of internal
and external control deficiencies.
Analytical Procedures

Evaluations of financial information through analysis among both financial and

non-financial data and investigation of identified fluctuations, inconsistencies and
amount that differ from expected values by a significant amount.

Auditor is required to perform analytical procedures as risk assessment

procedures to help identify inconsistencies, unusual transactions or events that
might have audit implications. Another reason was to help identify risks of
material misstatement due to fraud and identify and assess aspects of the entity
of which the auditor was unaware.

Analytical procedures include comparisons, for example, comparable with prior

periods, anticipated results of the entity, similar industry information such as
industry averages.

Auditor will also consider relationships between related figures such as revenue
and receivables, purchases, and payables. And relationships between financial
and non-financial information.

Analytical procedures can be used at all stages of an audit.

Preliminary Analytical Procedures: Analytical procedures as a risk assessment

procedure to help auditor obtain an understanding of the entity and assess the
risk of material misstatement.

Substantive Analytical Procedures: Use analytical procedures as a substantive

procedure to help detect misstatement.

Final Analytical Procedures: Analytical procedures at the completion stage of the

audit when forming an overall conclusion as to whether the financial statements
are consistent.

Automated tools and techniques, including audit software and data analytic tools
are increasingly being used to perform this analysis.
Audit risk questions

Auditor is always trying to detect material misstatements in the financial

statements. In the exam you need to state the area of financial statements which
is at risk of material misstatements.

Identification of the risk Audit risk explanation

Customers are struggling to pay. Receivables may be overstated.
Client operates in a fast-paced Inventory may be overstated because it
environment. Or quality issues have might be obsolete due to the fast-paced
been made in the items. environment, or it could have an NRV
lower than the cost.
Revenue is falling. Cash flow problems The company might not be able to
and liquidity problems are visible. trade in the future and going concern
disclosures are at risk.

Once the risk has been identified you must suggest a relevant audit response to it.

Audit risk Relevant response

Receivables may be overstated. Inspect the after-date cash receipts,
review the aged receivables listing, and
discuss the need for an allowance to be
made with the management.
Inventory may be overstated. Obtain the aged inventory listing and
review for old items, discuss with
management the need for these items
to be written down to NRV.
Going concern disclosures. Assess the client’s ability to continue as
a going concern by examining the
forecasts prepared by management and
the reasonableness of the assumptions.
Ask them to disclose the status if
material.