Audit Risk - 1
A. Define audit risk.
Audit risk is the risk that the auditors may unknowingly fail to appropriately modify their opinion on financial statements that are materially misstated.
B. Describe its components of inherent risk, control risk, and detection risk.
The risk of material misstatement may be separated into two components-inherent risk and control risk. Both inherent risk and control risk exist independently of the audit of financial statements, or in other words, the risk of misstatement exists regardless of the audit being done or not.
Inherent risk is the possibility of material misstatement of an assertion before considering the clients internal control. Factors that affect this are from the nature of the client and its environment, or from the nature of the account. The auditor should seriously consider whether to accept the engagement because inherent risk increases the overall risk of the audit. It is often useful to segregate transactions into three types- routine, non-routine, and estimation when assessing inherent risk.
Control risk is the risk that a material misstatement could occur in a relevant assertion and not be prevented or detected on a timely basis by the client’s internal control. Control risk is a part of the effectiveness of design and operation of internal control. Its part is achieving the client’s objectives related to the preparation of its financial statements.
Detection risk is the risk that auditors will fail to detect a material misstatement that exists in a relevant assertion. It is a part of the effectiveness of audit procedures and their application by the auditors. This risk is only present when an audit is performed. So if there is no audit there is no detection risk. Auditors don’t assess detection risk; they try to restrict it by performing important procedures. Detection risk happens because auditor’s procedures are not 100% effective. Detection risk varies inversely with the risk of material misstatement.
Audit risk is the risk that the auditors may unknowingly fail to appropriately modify their opinion on financial statements that are materially misstated.
B. Describe its components of inherent risk, control risk, and detection risk.
The risk of material misstatement may be separated into two components-inherent risk and control risk. Both inherent risk and control risk exist independently of the audit of financial statements, or in other words, the risk of misstatement exists regardless of the audit being done or not.
Inherent risk is the possibility of material misstatement of an assertion before considering the clients internal control. Factors that affect this are from the nature of the client and its environment, or from the nature of the account. The auditor should seriously consider whether to accept the engagement because inherent risk increases the overall risk of the audit. It is often useful to segregate transactions into three types- routine, non-routine, and estimation when assessing inherent risk.
Control risk is the risk that a material misstatement could occur in a relevant assertion and not be prevented or detected on a timely basis by the client’s internal control. Control risk is a part of the effectiveness of design and operation of internal control. Its part is achieving the client’s objectives related to the preparation of its financial statements.
Detection risk is the risk that auditors will fail to detect a material misstatement that exists in a relevant assertion. It is a part of the effectiveness of audit procedures and their application by the auditors. This risk is only present when an audit is performed. So if there is no audit there is no detection risk. Auditors don’t assess detection risk; they try to restrict it by performing important procedures. Detection risk happens because auditor’s procedures are not 100% effective. Detection risk varies inversely with the risk of material misstatement.