Contemporary auditing

A staff auditor was listening to a conversation between two senior auditors regarding the audit risk model. Following are some statements made in that conversation regarding the audit risk model.

Required
Indicate whether you agree or disagree with each of the statements. Present the rationale for your answer.
1. Audit risk can be applied quantitatively or qualitatively. In essence, it is a concept used to ensure that the auditor gathers sufficient evidence to render and opinion on the financial statements with little likelihood of being wrong.
2. Setting audit risk at 5 percents a valid setting for controlling audit risk at a low level only if the auditor assumes that inherent risk is 100 percent, or significantly greater that the real level of inherent risk.
3. Inherent risk may be very small for some accounts (for example, the recording of sales transactions at a Wal-Mart) in fact; some inherent risks may be close to 0.01 percent. In such cases, the auditor does not need to perform direct tests of account balances if he or she can be assured that inherent risk is indeed that low.
4. Control risk refers to both (a) the design of controls and (b) the operation of controls. To assess control risk as low, the auditor must gather evidence on both the design and operation of controls.
5. Detection risk at 50 percent implies that the direct test of the account balance has a 50 percent chance of not detecting a material misstatement.
6. Audit risk should vary inversely with engagement risk: The higher the risk with being associated with the client, the lower should be the audit risk taken.
7. In analyzing the audit risk model, it is important to understand that much of it is judgmental. For example, setting audit risk is judgmental, assessing inherent and control risk is judgmental, and setting detection risk is influenced by the individual risk preferences of the auditor.

1.

I agree with the statement that Audit Risk Model can be applied quantitatively and qualitatively. This is evidenced by the use of mathematical models such as;

Audit Risk = Risk of material misstatement * (1- probability of detection by auditor).

Qualitatively

This is evidenced by existence of GAAS provisions in the Audit Risk Model. Furthermore, the assessment of efficiencies of controls is a qualitative factor.

2.

Not true.

This is because setting of audit risk depends on the reliance of financial statements.

Reliance of financial statements refers to the fact that, since detection risk is low inherent risk is low too. Setting of audit risk requires that the higher the reliance of the financial records the lower the audit risk. Thus when the inherent risk is 100% or higher, than the level of inherent risk, then the audit risk should be set high.

3.

I disagree.

With assurance of inherent risk being low, this does not rule out the need for direct tests of account balances. This is because; inherent risk is not the only component of Audit risk. The auditor should test the account balances for other risks such as control risk.

4.

I agree.

 Control risk refers to both control design and control operations. There is risk of poor control design which might increase chances of detection risk. Control operations points out to risk of inefficiencies. An auditor should collect sufficient evidence in order to asses control risk as low.

I agree.

            Detection risk at 50% means a 50% chance of material misstatement detection failure. This is first explained by the definition of detection risk as the risk of failure to detect material misstatement (Braun, 2001).

6.

I disagree.

            Audit risk should not vary inversely with engagement risk. This is because engagement risk is a risk that is outside the audit risk model. Engagement risk affects the auditor. Even with this risk, GAAS provide that the auditor should hold to standards and deliver appropriately.

I agree.

Audit risk is judgmental since it involves estimating the level of inherent risk. Assessing inherent risk is judgmental in that it involves the auditor applying personal judgment on certain issues. For example, assessing attitude of managers as well as their aggressiveness when doing their work. In addition, assessing control risks also depends on personal judgment in reference to individual preferences of auditor. Some auditors rank control design risk above control operation risk (Braun, 2001).

REFERENCE

Braun, K.W. [2001].The Disposition of Audit-Detected Misstatements: An Examination

of Risk and Reward Factors and Aggregation Effects, Contemporary Accounting Research, Vol. 18, No. 1, 71–99.