BA 120.

1 Auditing Theory
Audit Risk, Business Risk and Audit Planning

Todays Today s Class

` ` ` ` ` `

Review of previous week Various types of risks relevant to audit Managing risks Relationship between materiality and audit risk The audit risk model Quiz

Review: Auditing, Integral to the Economy

` ` ` ` `

Auditing defined RA 9298 The objectives, scope, and responsibilities of an independent p auditor in undertaking g an audit Differences among assurance services, attestation services, audit services, and other related services Code of ethics

LESSON STRUCTURE
Assessing Client Acceptance and Retention Decisions Understanding the Client Obtaining E id Evidence about Controls Obtaining S b t ti Substantive Evidence Wrapping U th Up the Audit

PSA 210 Agreeing the terms of Audit Engagements g g

PSA 300 Planning an Audit for Financial Statements PSA 315 Understanding the Entity and its Environment and Assessing the Risks of M Material i l Misstatement

PSA 320 Audit Materiality

Nature of Risk

Business Risk

Financial Reporting Risk

Engagement Risk

Audit Risk Audit Risk Risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.

How to control audit risk

` `

Avoid audit risk by not accepting certain companies as clients thereby reducing engagement risk to zero. Set audit risk at a level that the auditor believes will mitigate the likelihood that the auditor will fail to identify material misstatements.

Managing Engagement Risk

Factors that affect the auditors decision to accept or retain an audit: ` Management integrity ` Independence p and competence p of management g and the board of directors ` The quality of the organizations risk management process and controls l ` Reporting requirements, including regulatory requirements ` Participation of key stakeholders ` Existence of related-party transactions ` The financial health of organization g

PSA 210
Pre-requisites for an audit: ` Determine D whether h h the h financial f l reporting framework f k applied is acceptable ` Obtain agreement from management that it acknowledges and understands its responsibility on:
p p preparation of financial statements; ` its internal control; ` provide auditor with access to all relevant information and other th resources.
`

High-risk High risk audit clients

Inadequate capital ` Lack L k of fl long-run strategic and d operational l plans l ` Low cost of entry into the market ` Dependence D d on a limited li i d product d range ` Dependence on technology that may quickly become obsolete ` Instability of future cash flows ` History of questionable accounting practices ` Previous inquiries by the SEC or other regulatory agencies g
`

PSA 210: Engagement letter

` The

objective and scope of the financial statements; ` The Th responsibilities bl of f the h auditor; d ` The responsibilities of management; ` Identification Id ifi i of f the h applicable li bl fi financial i l reporting i framework for the preparation of the financial statements; ` Reference to the expected form and content of any reports to be issued by the auditor and a statement that there may be circumstances in which a report may differ from its expected form and content.

PSA 300: Planning an Audit of FS

(#6) The auditor shall establish an overall audit strategy that sets the scope, timing and direction of the audit, and that guides the development of the audit plan. ` Identify the characteristics of the engagement that define its scope; ` Ascertain the reporting p g objectives j of the engagement g g to plan p the timing of the audit and the nature of the communications required; ` Consider the factors that, in the auditors professional judgment, are significant g in directing g the engagement g g teams efforts; ; ` Consider the results of preliminary engagement activities and, where applicable, whether knowledge gained on other engagements performed by p y the engagement g g partner p for the entity y is relevant; ; and ` Ascertain the nature, timing and extent of resources necessary to perform the engagement. Refer to Appendix of PSA 300 on factors that need to be considered in each item.

PSA 320: Materiality

Information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements. Materiality depends on the size of the item or error judged in the particular circumstances of its omission or misstatement. misstatement Thus, Thus materiality provides a threshold or cut-off point rather than being a primary qualitative characteristic which information must t have h if it i is to t be b useful. f l Materiality should be considered by the auditor when: a. Determining the nature, timing, and extent of audit procedures, and b. Evaluating the effects of misstatements.

Materiality and audit risk

PSA 315, #10: There is an inverse relationship between materiality and level of audit risk, risk that is, is the higher the materiality level, the lower the audit risk and vice versa.

The Audit Risk Model

AR = f(IR, CR, DR) Where
IR initial susceptibility of a transaction or accounting adjustment j to be recorded in error, , or for the transaction not to be recorded in the absence of internal controls. CR - risk that the clients internal control system will fail to prevent or detect d a misstatement. i DR risk that the audit procedures will fail to detect a material misstatement.

Limitations of the Audit Risk Model

`
`

Inherent risk is difficult to assess.

Audit risk is judgmentally determined. determined ` The model treats each risk component as separate and independent p when in fact the components p are not independent. p ` Audit technology is not so precisely developed that each component of the model can be accurately assessed. ` The model is not particularly useful for helping auditors determine the necessary control testing for issuing an opinion on the effectiveness of internal controls as is be required q in an integrated audit.

Implementing the Audit Risk Approach

`
`

Understand the business and its risks

Understand key business processes ` Understand managements risk management and control p processes ` Develop expectations ` Assess quality of control system ` Determining residual risk ` Manage remaining audit risk and respond to risks of material misstatement. misstatement

PSA315: Understanding the entity

The auditor must understand the following aspects of the entity:
Industry, regulatory, and other external factors, including the applicable financial reporting framework; ` Nature of the entity, including the entitys selection and application of accounting policies; ` Objectives Obj i and d strategies i and d the h related l db business i risks i k that h may result in a material misstatement of the financial statements. ` Measurement and review of the entitys entity s financial performance. ` Internal control.
`

Quiz
Auditing: Integral to the Economy