The risk that the auditor may unknowingly fail to appropriately modify the opinion on FS that are materially misstated
Define material misstatement
An omission or misstatement of accounting information that, in light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement.
What are the 5 types of issues that can cause misstatements
Inaccuracies in the collection or processing of data
Omissions
Incorrect estimates or judgments
Departures from GAAP
Inappropriate selection of application of accting policies
What are the 3 types of misstatements and give a brief description.
Factual Misstatements: Statements about which there is no doubt
Judgmental Misstatements: Differences between mgmt and the auditor concerning estimates that may be unreasonable, or the inappropriate application of accting policies
Projected Misstatements: When the auditor takes a sample and then uses it to estimate a population and there appears to be a misstatement.
Define the following acronyms: (1) RMM, (2) DR, (3) AR, (4) IR, (5) CR
(1) Risk of Material Misstatement
(2) Detection Risk
(3) Audit Risk
(4) Inherent Risk
(5) Control Risk
The level of audit risk (audit risk model) is comprised of which factors?
AR = RMM (risk of material misstatement) x DR (detection risk), OR
AR = [IR (inherent risk) x CR (control risk)] x DR (detection risk)
Be prepared to utilize derivations of this formula, such as solving for DR
The level of risk of material misstatement is comprised of which two factors?
RMM = IR (inherent risk) x CR (control risk)
This exists independently of the financial statement audit.
This risk exists within the entity due to doing business plus internal control
True / False: The RMM level is due to the financial statement audit
False
The RMM (risk of material misstatement) exists independent of the financial statement audit (it just exists due to the client doing business and implementing controls)
True / False: The components of audit risk can be assessed either quantitatively (e.g. as a percentage) or descriptively (e.g., high, medium, low)
True
How is RMM determined?
By performing risk assessment procedures and possibly tests of controls.
This can be an overall assessment (one rating to RMM) OR
Based on the assessment of the combination of IR and CR
Define inherent risk. Which factors generally have a high inherent risk?
The risk of material misstatement assuming that there are no related controls
** high-volume transactions
** complex calculations
** amounts derived from estimates
** cash
Special Considerations -------
** a change in technology that renders a product obsolete
** a lack of working capital
** a decline in the overall industry or economy
** business risk factors (see A2)
Define control risk. Which factors generally have a high control risk?
The risk that material misstatement will occur or not be detected by the entity's internal control.
** the controls are not effective to the specific assertion
** the controls are not operating effectively
** it would not be efficient to test the operating effectiveness of controls
True / False: The auditor may change his assessment of either IR or CR during the course of the audit.
True
True / False: The auditor can change inherent risk or control risk.
False
The auditor can change his assessment of these risks, but not the risk itself.
Define detection risk. What adjustment to DR must be made if RMM is (1) high, (2) low.
The risk that the auditor will not detect a material misstatement that exists in a relevant assertion.
If RMM is (1) high, the acceptable level of DR must be low (a smaller deviation is acceptable) to achieve the AR. The smaller the acceptable deviation, the more work must be performed to ensure no misstatement has occurred.
If RMM is (2) low, the DR can be set higher (less risk) and less work is needed to ensure no misstatement has occurred.
How is DR mitigated?
Through tests of details (substantive testing) and
Analytical procedures
When considering AR, IR, CR, and DR, which of these can the auditor control?
Only DR (detection risk).
What types of activities might occur is the DR = low?
Nature of Testing: change from less effective (direct test documentation inside the company) to more effective (require more confirmations from outside the entity) testing.
Extent of Testing: use a larger sample size
Timing of Testing: perform at year-end rather than at interim
What steps are required in assessing audit risk during planning?
Step 1: determine audit risk (typically set by the firm, and typically at a low level). During the exam assume = low
Step 2: assess inherent risk based on the auditor's understanding of the client. High = accounts are likely to contain material misstatement. Low = accounts are less likely to contain material misstatement.
Step 3: assess control risk based on the auditor's understanding of the design and implementation of internal controls. Assume high unless the auditor can test the effectiveness.
Step 4: determine detection risk and the NET involved to achieve AR.
True / False: There is a positive relationship between RMM and DR. As RMM increases, DR increases.
False
There is an inverse relationship. As RMM increases (high risk), the acceptable level of DM decreases (low acceptance level).
True / False: There is a positive relationship between RMM and amount of substantive procedures. As RMM increases, the amount of substantive procedures increases.
True
True / False: There is a positive relationship between AR and materiality. As AR increases, materiality increases.
False
There is an inverse relationship. As AR increases (high risk), the acceptable level of materiality decreases (low quantitative amount).