Chapter 4
Business Risk
Risks resulting from significant , event, circumstances, and actions or inaction's that could adversely affect managements ability to execute its strategies and to achieve its objectives, or through the setting of an inappropriate objectives or strategies.
Audit Procedures
Specific acts performed by the auditor in gathering evidence to determine if specific assertions are being met
Judgmental misstatements
These are misstatements that arise from the judgements of management concerning accounting estimates that the auditor considers unreasonable or the selection or application, before consideration of any related controls
Projected Misstatement
These are the auditor's best estimate of misstatements in populations, involving the projection of misstatements identified in an audit sample to the entire population from which the sample was drawn.
Fraud
An intentional act by one or more among management, those charged with governance, employees, or third parties, involving the use of deception that results in a misstatement of the financial statements.
Analytical Procedure
Evaluations of financial information made through analysis of Plausible relationships among both financial and non-financial data
Control Risk
The risk that a misstatement that could occur in an assertion about an account or disclosure and that could be material, either individually or when aggregated with in the misstatements will not be prevented or detected and corrected on a timely basis by the entity's internal control
Non-sampling Risk
The risk that auditors will make judgement errors caused by inappropriate audit procedures or misinterpretation of audit evidence and failure and failure to recognize a misstatements or deviations
Audit Risk
The risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated
Engagement Risk
The risk that the auditor is exposed to financial less or damage to his or her professionally reputation from litigation adverse publicity or other events arising in connection
Detection Risk
The risk that the procedures performed by the auditor will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements
Factual Misstatements
These are misstatements about which there is no doubt. For example an auditor may test a sales invoice and determine that the prices applied to the products ordered are incorrect. once the products are correctly priced the amount of misstatements is known. in such cases the auditor knows the exact amount of the misstatement
Inherent Risk
the susceptibility of an assertion in an account or disclosure to a misstatement to a misstatement error or fraud that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls
Errors
unintentional misstatements or omissions of amounts or disclosures
What are some limitations of the of the audit risk model?
4-4 Standard setters developed the audit risk model as a planning and evaluation tool. Therefore, the model is only as good as the judgments and assessments used as inputs. Following are some limitations. First, since the auditor assesses inherent risk and control risk, such assessments may be higher or lower than the actual inherent risk and control risk that exist for the client. Second, the audit risk model does not consider the possibility of judgment or nonsampling risk (auditor error in assessing risk, choosing audit procedures, and evaluating results).
Distinguishing between audit risk and engagement risk
4-1 Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated. Engagement risk is the risk that the auditor is exposed to financial loss or damage to his or her professional reputation from litigation, adverse publicity, or other events arising in connection with financial statements audited and reported on. In simple terms, audit risk is the risk that an auditor will issue an unqualified opinion on materially misstated financial statements, while engagement risk relates to the auditor's exposure to financial loss and damage to his or her professional reputation.
What steps should an auditor perform to identify the risk of material misstatements due to fraud.
4-10 The auditor performs the following steps to identify the risks of material misstatement due to fraud: • Discussion among the audit team members regarding the risks of material misstatement due to fraud. • Inquire of management, audit committee, and others about their views on the risks of fraud and how it is addressed. • Consider any unusual or unexpected relationships that have been identified in performing analytical procedures in planning the audit. • Understand the client's period-end closing process and investigate unexpected period-end adjustments. • Identification and assessment of fraud risk factors.
Why would a company institute a control policy that required mandatory vacations.
4-11 There are numerous risk factors that can cause an individual to misappropriate assets, such as cash (see Table 4-5). By requiring that an individual take a vacation, another individual will perform that person's duties. If some type of misappropriation is taking place, there is a strong probability that the misappropriation will be detected. Such a policy is particularly helpful in a small business that does not have sufficient personnel to provide total segregation of duties or where there is poor oversight by personnel responsible for the asset.
Marv Jackal, CPA, determines that a number of risks of material misstatements are pervasive to the overall financial statements, how should Jackal respond to such pervasive tasks (pervasive spread throughout: The corruption is so pervasive that it is accepted as the way to do business.)
4-12 If Jackal determines that a number of the risks of material misstatements are pervasive to the overall financial statement, he should reconsider the overall audit approach and respond to such pervasive risks by: • Assign more experienced personnel or those with specialized knowledge to assess the risks of material misstatement due to fraud; • Evaluate whether the selection and application of accounting policies by the entity, particularly those related to subjective measurements and complex transactions, may be indicative of fraudulent financial reporting resulting from management's effort to manage earnings, or a bias that may create a material misstatement; and • Incorporate an element of unpredictability in the selection of the nature, timing, and extent of audit procedures
How do inherent risk and control risk differ from detection risk
4-2 Inherent risk and control risk differ from detection risk in that inherent risk and control risk exist independent of the audit; that is, the levels of inherent risk and control risk are functions of the client and its environment. The auditor has little control over these risks. The auditor can control detection risk through the scope (nature, timing, and extent) of the audit procedures performed. Thus, detection risk has an inverse relationship with inherent risk and control risk.
Distinguishing between sampling risk and control risk differ from detection risk
4-3 Sampling risk refers to the fact that, in many instances, the auditor does not examine 100 percent of the class of transactions or account balance. Since only a subset of the population is examined, it is possible that the sample drawn is not representative of the population and a wrong conclusion may be made on the fairness of the account balance. Professional judgment errors (nonsampling risk) occur because an auditor may use an inappropriate audit procedure, fail to detect a misstatement when applying an appropriate audit procedure, or misinterpret an audit result.
In understanding the entity and its environment, the auditor gathers knowledge about which categories of information of information
4-5 In understanding the entity and its environment, the auditor gathers knowledge about: (1) the nature of the entity; (2) industry, regulatory, and other external factors; (3) objectives strategies, and business risks; (4) entity performance measures; and (5) internal control
give three examples of conditions and events that may indicate the existence of business risks
4-6 Some examples of conditions and events that may indicate the existence of business risks are: • Significant changes in the entity such as large acquisitions, reorganizations, or other unusual events. • Significant changes in the industry in which the entity operates. • Significant new products or services or significant new lines of business. • New locations. • Significant changes in the IT environment. • Operations in areas with unstable economies. • High degree of complex regulation.
Many entities are subject to regulations by state and federal regulatory bodies. for example, the environmental protection agency has a mission of protecting human health and the environment. What business risks would an entity face if it operated in the coal mining industry
4-7 A company that operates in the coal mining industry faces numerous business risks. The following are selected business risks disclosed by Arch Coal, Inc. - the second largest coal producer in the United States.
Distinguish between factual, judgmental and projected misstatements.
4-8 There are three types of misstatements: • Factual Misstatements. These are misstatements about which there is no doubt. For example, an auditor may test a sales invoice and determine that the prices applied to the products ordered are incorrect. Once the products are correctly priced, the amount of misstatement is known. In such cases, the auditor knows the exact amount of the misstatement. • Judgmental Misstatements. These are misstatements that arise from the judgments of management concerning accounting estimates that the auditor considers unreasonable or the selection or application of accounting policies that the auditor considers inappropriate. • Projected Misstatements. These are the auditor's best estimate of misstatements in populations, involving the projection of misstatements identified in an audit sample to the entire population from which the sample was drawn
Distinguish between errors and fraud. Give three examples of each.
4-9 Misstatements can result from errors or fraud. The term errors refers to unintentional misstatements of amounts or disclosures in financial statements. The term fraud refers to an intentional act by one or more among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage. Thus, the primary distinction between errors and fraud is whether the misstatement was intentional or unintentional. Unfortunately, it is often difficult to determine intent. For example, if the auditor detects a misstatement in an account that requires an estimate, such as bad debt expense, it may be difficult to determine whether the misstatement was intentional. Examples of misstatements due to errors or fraud include: • An inaccuracy in gathering or processing data from which financial statements are prepared. • An omission of an amount or disclosure. • A financial statement disclosure that is not presented in accordance with GAAP. • An incorrect accounting estimate arising from overlooking or clear misinterpretation of facts. • Judgments of management concerning accounting estimates that the auditor considers unreasonable or the selection or application of accounting policies that the auditor considers inappropriate.