1305080572_448199
advertisement
Auditing A Risk-Based Approach To Conducting A Quality Audit 10th edition Karla M. Johnstone | Audrey A. Gramling | Larry E. Rittenberg CHAPTER 7 PLANNING THE AUDIT: IDENTIFYING AND RESPONDING TO THE RISKS OF MATERIAL MISSTATEMENT LEARNING OBJECTIVES 1. 2. 3. 4. 5. Describe the concept of material misstatement and apply a process for making materiality assessments Identify the risks of material misstatement and describe how they relate to audit risk and detection risk Assess factors affecting inherent risk, including fraud risk factors Assess factors affecting control risk Use planning analytical procedures to identify areas of heightened risk of material misstatement 7-2 Copyright © 2016 South-Western/Cengage Learning LEARNING OBJECTIVES 7. 8. Describe how auditors make decisions about detection risk and audit risk Respond to the assessed risks of material misstatement and plan the procedures to be performed on an audit engagement 7-3 Copyright © 2016 South-Western/Cengage Learning THE AUDIT OPINION FORMULATION PROCESS 7-4 Copyright © 2016 South-Western/Cengage Learning LEARNING OBJECTIVE 1 DESCRIBE THE CONCEPT OF MATERIAL MISSTATEMENT AND APPLY A PROCESS FOR MAKING MATERIALITY ASSESSMENTS WHAT IS A MISSTATEMENT • Misstatement: An error, either intentional or unintentional, that exists in a transaction or financial statement account balance • Essential to understand materiality in the context of designing and conducting a quality audit • Auditors are concerned about material misstatements 7-6 Copyright © 2016 South-Western/Cengage Learning MATERIALITY JUDGMENTS • (1) are a matter of professional judgment • (2) depend on the needs of a reasonable person relying on the information (an investor, potential investor, or other stakeholder) • (3) involve both quantitative and qualitative considerations 7-7 Copyright © 2016 South-Western/Cengage Learning DEFINING MATERIALITY Materiality • Magnitude of an omission or misstatement of accounting information that, in view of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement 7-8 Copyright © 2016 South-Western/Cengage Learning DEFINING MATERIALITY According to ISA 320, Materiality in Planning and Performing an Audit According to the Supreme Court of the United States Auditors’ judgments about materiality should be made based on a consideration of information needs of users as an overall group Fact should be viewed by reasonable investors as having significantly altered total mix of information made available 7-9 Copyright © 2016 South-Western/Cengage Learning A PROCESS FOR MAKING MATERIALITY ASSESSMENTS • Consider a client where financial statement materiality is set at $150,000 and materiality for the accounts receivable balance is set at $110,000. • The performance materiality for auditing accounts receivable might then be set at $30,000. • This approach compensates for the possibility that multiple undetected or uncorrected misstatements in the accounts receivable balance might exist. 7-10 Copyright © 2016 South-Western/Cengage Learning PROCESS FOR MAKING MATERIALITY ASSESSMENTS • The auditor will aggregate identified misstatements so the audit team can assess the materiality of these misstatements • The document where misstatements are aggregated is often referred to as a summary of unadjusted audit differences (SUAD) • Clearly trivial amount (posting materiality) • Inconsequential, whether: • Taken individually or in the aggregate • Judged by any criteria of size, nature, or circumstances 7-11 Copyright © 2016 South-Western/Cengage Learning QUALITATIVE CONSIDERATIONS • Auditors consider both quantitative effects (such as the dollar magnitude of a misstatement) and qualitative effects (such as the reason for the misstatement) • Qualitative reasons for considering quantitatively small misstatement material • Hiding failure to meet analysts’ consensus expectations • Changing a loss into income, or vice versa • Affecting compliance with loan covenants • Effecting the increases in management’s compensation Copyright © 2016 South-Western/Cengage Learning 7-12 LEARNING OBJECTIVE 2 IDENTIFY THE RISKS OF MATERIAL MISSTATEMENT AND DESCRIBE HOW THEY RELATE TO AUDIT RISK AND DETECTION RISK RISK DEFINITIONS Inherent Risk • The susceptibility of an assertion about a class of transaction, account balance, or disclosure to a misstatement that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls. Control Risk • The risk that a misstatement that could occur in an assertion about a class of transaction, account balance, or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control. 7-14 Copyright © 2016 South-Western/Cengage Learning RISK DEFINITIONS Audit Risk • The risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated. Detection Risk • The risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements. 7-15 Copyright © 2016 South-Western/Cengage Learning DETECTION RISK • Level of audit effort that auditor will expend on engagement depends on level of detection risk When risk of material misstatement is higher Detection risk is set lower Increase in evidence obtained through substantive audit procedures 7-16 Copyright © 2016 South-Western/Cengage Learning LEARNING OBJECTIVE 3 ASSESS FACTORS AFFECTING INHERENT RISK, INCLUDING FRAUD RISK FACTORS INHERENT RISK AT THE ACCOUNT / ASSERTION LEVEL • Factors indicating a higher level of inherent risk • Account represents an asset that can be easily stolen • Account balance made up of complex transactions • Account balance requires a high level of estimation to value • Account balance subject to adjustments that are not in the ordinary processing routine • Account balanced composed of a high volume of nonroutine transactions 7-18 Copyright © 2016 South-Western/Cengage Learning INHERENT RISK AT THE FINANCIAL STATEMENT LEVEL: BUSINESS RISKS • Inherent risk at financial statement level that affects business operations and potential outcomes of organizational activities • Examples of factors affecting this risk • • • • Overall economic climate Technological changes Competitor actions Geographic locations of suppliers 7-19 Copyright © 2016 South-Western/Cengage Learning RISK ASSESSMENT PROCEDURES FOR ASSESSING BUSINESS RISKS • Management inquiries • Review of client’s budget • Tour of client’s plant and operations • Review government regulations and client’s legal obligations • Knowledge management systems • Online searches • Review of SEC filings • Company Web sites • Economic statistics • Professional practice bulletins • Stock analysts’ reports • Company earnings calls 7-20 Copyright © 2016 South-Western/Cengage Learning INHERENT RISK AT THE FINANCIAL STATEMENT LEVEL: FINANCIAL REPORTING RISKS • When assessing this risk, auditors consider all items on a company’s financial statements that are subjective and based on judgment • Inherent risk at the financial statement level is affected by: • Competence and integrity of management • Potential incentives to misstate the financial statements 7-21 Copyright © 2016 South-Western/Cengage Learning RISK ASSESSMENT PROCEDURES FOR ASSESSING MANAGEMENT INTEGRITY • Inquiries • • • • • • Predecessor auditor Other professionals in business community Other auditors within audit firm Management Audit committee members Federal regulatory agencies • Review • News media and Web searches • Public databases Copyright © 2016 South-Western/Cengage Learning 7-22 FACTORS INDICATING A HIGHER LEVEL OF INHERENT RISK – FINANCIAL REPORTING RISKS • Discrepancies in accounting records • Unusual relationships between auditor and management • Lack of management competence • Company history of meeting analyst estimates or high earnings growth expectations • An impending initial public offering of stock • Disagreements over financial reporting with prior auditors • Auditor resignation • Unusual transactions with outsiders or significant related party transactions 7-23 Copyright © 2016 South-Western/Cengage Learning RISK ASSESSMENT PROCEDURES FOR ASSESSING FRAUD RISK • Brainstorming • A group discussion designed to encourage auditors to creatively assess client risks, particularly those relevant to possible existence of fraud • Occurs during the early planning phases of audit • Attended by entire engagement team and led by audit partner or manager • Other Procedures • Inquiry 7-24 Copyright © 2016 South-Western/Cengage Learning LEARNING OBJECTIVE 4 ASSESS FACTORS AFFECTING CONTROL RISK CONTROL RISK • Relates to susceptibility that a misstatement will not be prevented or detected on a timely basis by internal control system • The assessment can be made at: • Overall financial statement level • Account or assertion level 7-26 Copyright © 2016 South-Western/Cengage Learning FACTORS LEADING TO A HIGHER ASSESSMENT OF CONTROL RISK Poor controls in specific countries or locations Difficulty gaining access to the organization or those in control Little interaction between senior management and operating staff Weak tone at the top and poor control environment Inadequate accounting staff and information systems Growth of organization exceeds accounting system Disregard of regulations for prevention of illegal acts No internal audit function 7-27 Copyright © 2016 South-Western/Cengage Learning RISK ASSESSMENT PROCEDURES FOR ASSESSING CONTROL RISK • Interview relevant parties to understand processes used by the board and management to manage risk • Review risk-based approach used by internal audit function with its director and audit committee • Interviewing management about: • • • • Risk approach Risk preferences Risk appetite Relationship of risk analysis to strategic planning 7-28 Copyright © 2016 South-Western/Cengage Learning LEARNING OBJECTIVE 5 USE PLANNING ANALYTICAL PROCEDURES TO IDENTIFY AREAS OF HEIGHTENED RISK OF MATERIAL MISSTATEMENT PLANNING ANALYTICAL PROCEDURES Used as a risk assessment procedure can help auditors •Improve their understanding of the client’s business. •Identify risks of material misstatement in particular account balances and direct the auditor’s attention to high-risk areas 7-30 Copyright © 2016 South-Western/Cengage Learning AN EXAMPLE OF A PLANNING ANALYTICAL PROCEDURE • The auditor may develop an expectation of revenue based on production capacity. • Recorded revenue in excess of this expectation may indicate a heightened risk of misstatement in the revenue account—due to either fraud or error. • The auditor will then want to plan audit procedures to obtain sufficient appropriate evidence for the revenue account 7-31 Copyright © 2016 South-Western/Cengage Learning TYPES OF ANALYTICAL PROCEDURES • Trend analysis: Based on the history of changes in the account or ratio • Ratio analysis: Identifies relevant ratios to determine whether there are significant differences between the client results and auditor expectations See Exhibit 7.3 for Commonly Used Ratios 7-32 Copyright © 2016 South-Western/Cengage Learning LEARNING OBJECTIVE 6 DESCRIBE HOW AUDITORS MAKE DECISIONS ABOUT DETECTION RISK AND AUDIT RISK DETERMINING AUDIT RISK AND DETECTION RISK • Detection risk is affected by: • Effectiveness of substantive auditing procedures performed • Extent to which the procedures were performed with due professional care • High level of detection risk • Audit firm is willing to take higher risk of not detecting a material misstatement • Audit risk is also high 7-34 Copyright © 2016 South-Western/Cengage Learning QUANTITATIVE EXAMPLE: HIGH RISK OF MATERIAL MISSTATEMENT • Assuming an account with many complex transactions and weak internal controls • Inherent risk and control risk assessed at their maximum • Audit risk set at a low level • Audit risk model Audit Risk = Inherent Risk × Control Risk × Detection Risk 0.01 = 1.00 × 1.00 × Detection Risk Detection Risk = 0.01 / (1.0 × 1.0) = 1% 7-35 Copyright © 2016 South-Western/Cengage Learning QUANTITATIVE EXAMPLE: LOW RISK OF MATERIAL MISSTATEMENT • Assuming an account with simple transactions and well-trained personnel with no incentive to misstate financial statements • Inherent risk and control risk assessed at 50% and 20% respectively • Audit risk set at 5% Audit Risk = Inherent Risk × Control Risk × Detection Risk 0.05 = 0.50 × 0.20 × Detection Risk Detection Risk = 0.05 / (0.50 × 0.20) = 50% 7-36 Copyright © 2016 South-Western/Cengage Learning LEARNING OBJECTIVE 7 RESPOND TO THE ASSESSED RISKS OF MATERIAL MISSTATEMENT AND PLAN THE PROCEDURES TO BE PERFORMED ON AN AUDIT ENGAGEMENT PLANNING AUDIT PROCEDURES TO RESPOND TO THE ASSESSED RISKS OF MATERIAL MISSTATEMENT • Auditor should determine whether the audit will be: • Controls reliance audit • Substantive audit 7-38 Copyright © 2016 South-Western/Cengage Learning PLANNING AUDIT PROCEDURES TO RESPOND TO THE ASSESSED RISKS OF MATERIAL MISSTATEMENT When considering risk responses, auditor should: • Evaluate reasons for assessed risk of material misstatement • Estimate likelihood of material misstatement due to inherent risks of client • Consider the role of internal controls, and determine whether control risk is relatively high or low • Obtain more relevant and reliable evidence with increases in assessment of risk of material misstatement 7-39 Copyright © 2016 South-Western/Cengage Learning RISK RESPONSES Nature of response • Type of audit procedure Timing of response • When procedure is performed Extent of response • Amount of evidence 7-40 Copyright © 2016 South-Western/Cengage Learning
