ACCT 4301 CH 4

If the auditor determines that the misstatement is or may be the result of fraud, and has determined that the effect could be material, the auditor should:

- Attempt to obtain audit evidence to determine whether, in fact, material fraud has occurred and, if so, its effect. - Consider the implications for other aspects of the audit. - Discuss the matter and the approach to further investigation with an appropriate level of management that is at least one level above those involved in committing the fraud and with senior management. - Suggest that the appropriate level of management consult with legal counsel. - Consider withdrawing from the engagement.

Documentation of the Auditor's Risk Assessment The auditor should document:

- Discussions among engagement personnel. - Procedures performed to identify and assess the risks of material misstatement due to error or fraud. - Fraud risks or other conditions that result in additional audit procedures. - The nature, timing, and extent of procedures performed in response to fraud risks identified and the results of that work. - The nature of the communications about error or fraud made to management, the audit committee, and others.

The auditor must identify and understand:

- Entity's objectives - Strategies used to achieve its objectives -Business risks associated with those objectives and strategies

Misappropriation of Asset Risk factors relating to Opportunities:

-Certain characteristics or circumstances may increase the susceptibility of assets to misappropriation (for example, large amounts of cash on hand or processed), -Inadequate internal control over assets may increase the susceptibility of misappropriation of those assets. For example, misappropriation of assets may exist because there is inadequate management oversight of employees responsible for assets (for example, inadequate supervision or monitoring of remote locations).

Misappropriation of Asset Risk factors relating to Attitudes/rationalizations:

-Disregard for the need for monitoring or reducing risks related to misappropriations of assets. -Disregard for internal control over misappropriation of assets by overriding existing controls or by tailing to correct known internal control deficiencies, -Changes in behavior or lifestyle that may indicate assets have been misappropriated.

Misappropriation of Asset Risk factors relating to Incentives/pressures:

-Personal financial obligations may create pressure for management or employees with access to cash or other assets susceptible to theft to misappropriate those assets. -Adverse relationships between the entity and employees with access to cash or other assets susceptible to theft may motivate those employees to misappropriate those assets.

Three conditions usually exist when fraud occurs

-incentive or pressure to perpetrate fraud -opportunity to carry out the fraud -attitude or rationalization to justify fraud

The Auditor's Risk Assessment Process

1. Auditors perform risk assessment procedures to obtain an understanding of the entity and its environment 2. This understanding helps the auditor identify business risks and understand the potential misstatements that may result. 3. Considering the response of the entity to the business risk leads the auditor to assess the risk of material misstatement at the financial statement and assertion level

At the completion of the audit, the auditor should consider: 1. Whether the total misstatements cause the financial statements to be materially misstated. THEN... If the financial statements are materially misstated, the auditor should:

1. Request management to eliminate the material misstatement, or 2. If management does not make needed adjustments, the auditor should issue a qualified or adverse opinion.

Which of the following is an example of fraudulent financial reporting?

A. Company management falsifies the inventory count, thereby overstating ending inventory and understating cost of sales. B. An employee diverts customer payments to his personal use, concealing his actions by debiting an expense account, thus overstating expenses. C. An employee steals inventory, and the shrinkage is recorded as cost of goods sold. D. An employee borrows small tools from the company and neglects to return them; the cost is reported as a miscellaneous operation expense.

why do auditors use the Audit Risk Model?

Auditors use this level of detection risk to design audit procedures that will reduce audit risk to an acceptable level.

To understand the nature of the entity, the auditor should obtain information about the entity's:

Business Operations Ownership and Governance Structures Investments and Investment Activities Financing and Financing Activities Financial Reporting

Fraudulent Financial Reporting Risk Factors Relating to Incentive/Pressure include:

Excessive pressure for management to meet third party expectations Financial stability or profitability is threatened by economic, industry, or entity operating conditions. Management's personal financial situation is threatened

Factual misstatement Judgmental misstatement Projected misstatement

Factual misstatement - no doubt about it proof is in F/S Judgmental misstatement - harder to convince management that it exists (longer useful lives) Projected misstatement - based on sampling

Fraud involves intentional misstatements which classifies as what two types?

Fraudulent financial reporting and Misappropriation of assets

When considering Industry the auditor should consider:

Industry Conditions •The market and competition including demand, capacity, and price competition •Cyclical or seasonal activity •Energy supply cost •Product technology relating to the entity's products

Fraudulent Financial Reporting Risk Factors Relating to Attitudes/Rationalizations include:

Ineffective communication of ethical standards or selection of inappropriate ethical standards Recurring attempts to justify marginal or inappropriate accounting based on materiality

audit risk equals

Inherent Risk x Control Risk x Detection Risk Inherent Risk and Control Risk = Risk of Material Misstatement --> CLIENT PART OF RISK DR = Sampling risk and non-sampling risk--> auditor part of risk

The auditor's Risk Assessment Process begins with the auditor performing risk assessment procedures such as:

Inquiries of management and others Analytical procedures Observation or inspection

While performing audit fieldwork on a client, the auditor reviews the client's depreciation policies and schedules on a select group of fixed assets. After a careful review of the estimated useful lives on these fixed assets, the auditor determines that the basis used to determine the length of the estimated useful lives for certain fixed assets is not supported by any internal or industry factors. The auditor would most likely consider this a:

Judgmental misstatement because it's an opinion on how long an asset will last.

If an auditor wanted to get a lower percentage of audit risk, they would have ______ audit work.

MORE more effort, bigger samples, and more procedures; to find smaller errors INVERSE RELATIONSHIP between audit risk and audit effort

Fraudulent Financial Reporting Risk Factors Relating to Opportunities include:

Nature of the Industry or entity's operations Complex or unstable organizational structure Ineffective monitoring of management Deficient internal control

When considering other external factors, the auditor should consider:

Other external factors: •general level of economic activity (e.g., recession, growth) •Interest rates and availability of financing Inflation and currency revaluation

When considering regulatory the auditor should consider:

Regulatory environment •Accounting principles and industry-specific practices •Regulatory framework for a regulated industry •Legislation and regulation that significantly affect the entity's operations •Taxation (corporate and other) •Government policies currently affecting the conduct of the entity's business •Environmental requirements affecting the industry and the entity's business

Control Risk a high risk control risk means? a low risk of control risk means?

Risk that a misstatement because it was not prevented, or detected and corrected, on a timely basis by the entity's internal control a higher risk of control risk --> controls are bad a lower risk of control risk --> controls are good AUDITOR HAS NO CONTROL OVER THIS RISK

Detection Risk a high risk of detection risk means? a low risk of detection risk means?

Risk that the procedures performed by the auditor will not detect misstatements that exist and could be material; samples are not representative of the entire population a high risk of detection risk --> more likely auditor does not catch the misstatement a low risk of detection risk means? more likely auditor will catch the misstatement through more procedures AUDITOR HAS CONTROL OVER THIS RISK

The fraud risk identification process includes:

Sources of information about possible fraud― Discussion among the audit team (Brainstorming Meeting) Inquiries of management and others Analytical procedures Investigation of unexpected period-end adjustments Identification of fraud risk factors

Limitations of the Audit Risk Model

The model is only as good as the judgments and assessments used as inputs (e.g. it does not consider potential auditor error) The desired level of audit risk may not actually be achieved.

Audit Risk

The risk that an auditor expresses an unqualified opinion when the financial statements are materially misstated. Financial statement level, Assertion level, and Individual account balance or disclosure level; phrase that recognizes audit risk "reasonable assurance" in basis for opinion

Changes in inherit risk and control risk

They can change from year to year by an auditors new assessment of them, but NOT by an auditors action or control (ie. the auditor doesn't change the internal controls of the entity or change the nature of the business) (Test of controls procedure)

Inherent Risk

a misstatement due to error or fraud that could be material, before consideration of any related controls; Relate to the type of industry or the nature of the business AUDITOR HAS NO CONTROL OVER THIS RISK

Fraud refers to...

an intentional act involving the use of deception that results in a misstatement in the financial statements.

The auditor needs to understand and assess the effectiveness of internal control in order to:

identify the types of potential misstatements and factors that affect the risks of material misstatement. It also assists in designing appropriate audit procedures

Audit risk is a function of what 3 types of risk? (audit risk model)

inherit risk, control risk, detection risk

Misappropriation of assets

involves the theft of an entity's assets to the extent that financial statements are misstated. Examples include: Stealing assets, Paying for goods and services not received by the company, and Embezzling cash received

The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the risk that:

material misstatements may exist in the financial statements

An auditor ______ ______ what achieved/actual audit risk is exactly.

never knows. Actual/Achieved audit risk - IT IS NEVER KNOWN

As a result of control testing, a CPA has decided to reduce control risk. What is the impact on substantive testing sample size if all other factors remain constant?

sample size would be lower. This is because detection risk can increase as a result of a reduction in control risk. More DR means an allowance for more misstatements so less audit effort as a result.

The Relationship of the Entity's Business Risks to the Audit Risk Model

the auditor should assess the entity's business risks, and then relate those risks to what could go wrong at the account balance or disclosure level.

Engagement Risk

the risk that an auditor is exposed to financial loss or damage to his/her professional reputation from Litigation, Adverse Publicly (Bad publicity) , or other events arising in connection with the audited financials.

Errors are...

unintentional misstatements of amounts or disclosures in the financial statements.

To respond appropriately to financial statement level risks, the auditor may do the following:

•Assign more experienced personnel or those with specialized knowledge. •Evaluate the selection and application of accounting policies to identify earnings management or bias that may create a material misstatement. •Incorporate additional elements of unpredictability in the selection of audit procedures.

Fraudulent financial reporting includes acts such as the following:

•Manipulation, falsification, or alteration of accounting records or supporting documents used to prepare financial statements. •Misrepresentation in, or intentional omission from, the financial statements of events, transactions, or significant information. •Intentional misapplication of accounting principles relating to amount, classification, manner of presentation, or disclosure.

To understand the entity and its environment, the auditor must understand the...

•Nature of the entity •Industry, regulatory, and external factors •Internal control •Objectives, strategies, and business risks •Entity performance measures