CH05
CH05
CH05
ANALYSIS APPROACH
5th edition
Larry F. Konrath
Electronic Presentation
by Harold
O. Wilson
1
CHAPTER 5
AUDIT PLANNING:
2
KEY CONCEPTS OVERVIEW
■ Audit Risk: Inherent risk, Control risk,
Detection risk
■ Quantifying audit risk
■ Materiality modeling
■ Fraud “warning signs”& clues
■ Audit planning
■ Analytical procedures
3
LEARNING
OBJECTIVES
■ Define audit risk & its components
■ Quantify audit risk (joint probability of
components
■ Discuss materiality (quantitative and
qualitative aspects)
■ Relate inherent risk to audit planning,
analytical procedures, warning signs &
fraud, and client acceptance
■ Relate risks to audit programs & evidence
4
AUDIT RISK DEFINED
■ Audit Risk: The risk that the
auditor may unknowingly fail to
appropriately modify his/her
opinion on financial statements
that are materially misstated.
5
Material Misstatements (MM)
■ Errors: Unintentional mistakes of omission
or commission (e.g., improper data
processing , unrecorded transactions).
■ Irregularities (fraud): Intentional
omissions or commissions leading to
misstatements and/or misrepresentations
(e.g., improper reporting,
misappropriations of assets, concealments,
falsified documents).
6
Professional Responsibility
■ Audit design must provide reasonable
assurance of detecting MM.
■ Risk & materiality must be considered
in planning and evaluating the
audit.
■ Assessment of the risk of MM must
be made (and documented).
7
Auditor must …
■ Assess risks & potential areas of both
unintentional and intentional MM.
■ Document responses to such (e.g.,
revisions of audit programs).
■ Perform tests; evaluate results.
■ Communicate conclusions to audit
committees, etc., as considered
necessary.
Never communicate such to just one person!
8
INHERENT RISK (IR)
■ Inherent risk: The susceptibility of an
assertion to being a MM, assuming that
there are no related controls.
■ If there were no internal controls, i.e., the
only variables were the competence and
integrity of personnel, the odds of a MM
would appear to be quite high!
■ Conservative approach: Assess IR as 100%!
9
CONTROL RISK (CR)
■ Control risk: The probability of the
occurrence of a MM (i.e., a lack of
prevention) and remaining undetected on
a timely basis by the entity’s internal
controls. (The odds that the prescribed”
internal controls fail to work!)
■ Together, IR and CR determine the pre-
audit probability that the financial
statements are materially misstated!
10
A note on Control Risk
11
A note on Control Risk
AR = IR x CR x DR
The acceptable, but unofficial, risk level for an
auditor to take is presumed to be “about 5%.”
If so, the product of the above should be .05 or
less. Note: To keep AR < 5% may be either
impractical or uneconomical in a given case.
14
Example
Assume AR = .05 (“required” in a specific case)
IR = 1.00 (“ultra-conservative”)
CR = .30 (initially seen as “weak”)
AR = IR x CR x DR
The Detection Risk becomes the variable
now controllable by the auditor, and it, in turn,
is a function of a controllable sample size!
15
Maximum Allowable
Detection Risk = f(AR, IR, CR)
DR = AR / (IR x CR) =
.05 / (1.0 x .30) =
.17
The auditor, in selecting a sample size, must
test until DR = .17 or less, using some form of
statistical sampling mathematics. [To test
beyond that point is “overauditing.”]
16
MATERIALITY and its IMPACT
ON AUDIT EVIDENCE
■ Materiality: An amount … that would
affect the decisions of a reasonably
informed user of the [information].
■ Quantitative Factors (absolute amount,
impacts on interpretations, ratios, etc.)
■ Qualitative Factors (nature, impact,
intent, industry, legalities, ethics, etc.)
■ Suggesting AJEs to the client in light of
materiality thresholds & aggregates!
17
MATERIALITY and its IMPACT
ON AUDIT EVIDENCE
■ Materiality is constant in auditor’s mind.
22
Clues from cases…
■ Abnormal ratios & trends?
■ Complications with taxes, IRS?
■ Unusual accounting/GAAP applications?
■ International competition, complications?
■ Inordinate contingencies, lawsuits?
■ Unusual inventory changes, problems?
■ Unusual changes in personal (actual,
pending)?
23
RISK ANALYSIS SOURCES
Although evidence and clues emerge as the
audit progresses, sources of inputs for
audit attention are ever-present, such as…
■ Management inquiry
■ Auditor’s current and prior workpapers
■ Permanent files
■ Predecessor audit correspondence, contact
■ Analytical procedures
■ Industry guides/GAAP
24
Detection of MM should
prompt ...
■ Request for client to correct; auditor’s
suggested AJEs.
■ Consideration of extent and nature of risk
of more of the same
■ Revision(s) in current and future audit
program(s).
■ Management Letter comments to improve
controls and/or surveillance.
■ Consideration of impact on audit report.
25
RISK ANALYSIS &
AUDIT PROGRAMS
Professional Standards require specific
assessment of risk of MM and specific
audit procedures (alterations from
standard programs) as risk requires it.
■ The pre-sampling calculation of the Detection
Risk formula will influence the sample sizes
(i.e., testing).
■ Potential for deliberate MM must trigger
deliberate, maybe unique, audit procedures
(i.e., substantive testing)!
26
n=? FAQ?
What is the difference in substantive testing
and tests of controls, i.e., tests of transactions?
28
Critical Terms Review
■ Audit design ■ Professional
■ Aggregate skepticism
materiality ■ Time budgets & fees
■ Audit risk analysis ■ Warning signs
■ Inherent risk ■ Errors
■ Control risk
■ Fraudulent financial
■ Detection risk
reporting
■ Materiality
thresholds
■ Misappropriations
■ Misrepresentations
29
End of Chapter 5
30