Professional Documents
Culture Documents
audit risk
reference to the key auditing standards which give guidance to auditors
This article outlines and explains the concept of audit risk, making
This article outlines and explains WHAT IS AUDIT RISK? likely that errors in transactions
the concept of audit risk, making According to the IAASB Glossary and balances will lead to a
reference to the key auditing of Terms1, audit risk is defined material misstatement in the
standards which give guidance to as follows: financial statements. It would be
auditors about risk assessment. inefficient to address insignificant
Identifying and assessing ‘The risk that the auditor expresses risks in a high level of detail, and
audit risk is a key part of the an inappropriate audit opinion whether a risk is classified as
audit process, and ISA 315, when the financial statements are a key risk or not is a matter of
Identifying and Assessing the Risks materially misstated. Audit risk is a judgment for the auditor.
of Material Misstatement Through function of material misstatement
Understanding the Entity and Its and detection risk.’ RELEVANT ISAs
Environment, gives extensive There are many references
guidance to auditors about WHY IS AUDIT RISK SO throughout the ISAs to audit
audit risk assessment. The IMPORTANT TO AUDITORS? risk, but perhaps the two most
purpose of this article is to give Audit risk is fundamental to the important audit risk-related ISAs
summary guidance to CAT Paper audit process because auditors are as follows:
8, Paper F8 and P7 students cannot and do not attempt to
about the concept of audit risk. check all transactions. Students ISA 200, Overall Objectives
All subsequent references in should refer to any published of the Independent Auditor
this article to the standard will accounts of large companies and the Conduct of an Audit in
be stated simply as ISA 315, and think about the vast number Accordance with ISAs
although ISA 315 is a ‘redrafted’ of transactions in a statement
standard, in accordance with of comprehensive income and a ISA 200 sets out the overall
the International Auditing and statement of financial position. objectives of the auditor, and
Assurance Standards Board It would be impossible to check the standard explains the nature
(IAASB) Clarity Project. For all of these transactions, and and scope of an audit designed
further details on the IAASB no one would be prepared to to enable an auditor to meet
Clarity Project, read the article by pay for the auditors to do so, those objectives. References to
Lisa Weaver, examiner for Paper hence the importance of the audit risk are frequently made
about risk assessment.
P7, in the August 2009 issue of risk‑based approach toward by ISA 200, and the standard
Student Accountant. auditing. Traditionally, auditors also requires that the auditor
have used a risk-based approach shall plan and perform an audit
in order to minimise the chance with professional scepticism,
of giving an inappropriate audit recognising that circumstances
opinion, and audits conducted might exist that may cause
in accordance with ISAs must the financial statements to
follow the risk‑based approach, be materially misstated.
which should also help to ensure Professional scepticism is
that audit work is carried out defined as an attitude that
efficiently, using the most includes a questioning mind and
effective tests based on the audit a critical assessment of evidence.
risk assessment. Auditors should
direct audit work to the key risks
(sometimes also described as
significant risks), where it is more
student accountant 11/2009
02
ISA 315, Identifying and Assessing the Risks of Material Misstatement Through
Identifying and assessing audit risk is a key part of the audit process, and
ISA 315, Identifying and 1 Risk assessment procedures Observation and inspection
Assessing the Risks of ISA 315 gives an overview of Observation and inspection may
Material Misstatement Through the procedures that the auditor also provide information about
Understanding the Entity and should follow in order to obtain the entity and its environment.
Its Environment an understanding sufficient to Examples of such audit
assess audit risks, and these procedures can potentially cover
ISA 315 deals with the auditor’s risks must then be considered a very broad area, including
responsibility to identify and when designing the audit plan. observation or inspection
assess the risks of material ISA 315 goes on to require of the entity’s operations,
misstatement in the financial that the auditor shall perform documents, and reports prepared
statements through an risk assessment procedures by management, and also
understanding of the entity and to provide a basis for the of the entity’s premises and
its environment, including the identification and assessment of plant facilities.
entity’s internal controls and risk risks of material misstatement ISA 315 requires that risk
assessment process. The first at the financial statement and assessment procedures should,
version of ISA 315 was originally assertion levels. ISA 315 goes on at a minimum, comprise a
published in 2003 after a joint to identify the following three risk combination of the above
to auditors about audit risk assessment.
audit risk project had been carried assessment procedures: three procedures, and the
out between the IAASB, and the standard also requires that
United States Auditing Standards Making inquiries of management the engagement partner and
Board. Changes in the audit risk and others within the entity other key engagement team
standards have arguably been the Auditors must have discussions members should discuss the
single biggest change in auditing with the client’s management susceptibility of the entity’s
standards in recent years, so about its objectives and financial statements to
the significance of ISA 315, and expectations, and its plans for material misstatement. Key
the topic of audit risk, should achieving those goals. risks can be identified at any
not be underestimated by stage of the audit process,
auditing students. Analytical procedures and ISA 315 requires that the
Analytical procedures performed engagement partner should also
The requirements of ISA 315 as risk assessment procedures determine which matters are
are summarised in Table 1 on should help the auditor in to be communicated to those
page 4. Let us consider each of identifying unusual transactions engagement team members not
these four stages in more detail. or positions. They may identify involved in the discussion.
aspects of the entity of which the
auditor was unaware, and may
assist in assessing the risks of
material misstatement in order to
provide a basis for designing and
implementing responses to the
assessed risks.
03 technical