External Auditing: Risk Categories
External Auditing – Week 4 discussion
What do following risk categories mean: planned detection risk, inherent risk, control risk, acceptable audit risk? Can you give some examples? How do we as auditors deal with them?
DETECTION RISK
Detection risk is the risk that auditor's substantive procedures will not detect a misstatement that exist in an account balance or class of transactions that could be material, individually or when aggregated with misstatements in other balances or classes. For example, the use of a limited sampling for the selection of transactions. Auditors should increase the number of sampling to reduce the detection risk.
INHERENT RISK
Inherent risk is the susceptibility of an account balance or class of transactions to material misstatement, individually or when aggregated with misstatements in other balances or classes assuming that there were no related internal controls. For example, a business whose inventory becomes obsolete quickly experiences high inherent risk.
CONTROL RISK
Control risk is the risk that a misstatement that could occur in an account balance or class of transactions and that could be material individually or when aggregated with misstatements in other balances or classes, will not be prevented or detected and corrected on a timely basis by the accounting and internal control systems. For example, segregation of duties, the person who requests an order of computer components shouldn’t be the person who authorizes the request.
Audit Risk
The audit risk (consisting of inherent and control risk) that the account balance or class of transactions contain misstatements that could be material to the financial statements whether individually or when aggregated with misstatements in other balances or classes.
Audit Risk Model: PDR = AAR ÷ (IR × CR) or AR = IR X CR X DR
Where,
AR = Audit Risk
IR = Inherent Risk
CR = Control Risk
DR = Detection Risk
What do following risk categories mean: planned detection risk, inherent risk, control risk, acceptable audit risk? Can you give some examples? How do we as auditors deal with them?
DETECTION RISK
Detection risk is the risk that auditor's substantive procedures will not detect a misstatement that exist in an account balance or class of transactions that could be material, individually or when aggregated with misstatements in other balances or classes. For example, the use of a limited sampling for the selection of transactions. Auditors should increase the number of sampling to reduce the detection risk.
INHERENT RISK
Inherent risk is the susceptibility of an account balance or class of transactions to material misstatement, individually or when aggregated with misstatements in other balances or classes assuming that there were no related internal controls. For example, a business whose inventory becomes obsolete quickly experiences high inherent risk.
CONTROL RISK
Control risk is the risk that a misstatement that could occur in an account balance or class of transactions and that could be material individually or when aggregated with misstatements in other balances or classes, will not be prevented or detected and corrected on a timely basis by the accounting and internal control systems. For example, segregation of duties, the person who requests an order of computer components shouldn’t be the person who authorizes the request.
Audit Risk
The audit risk (consisting of inherent and control risk) that the account balance or class of transactions contain misstatements that could be material to the financial statements whether individually or when aggregated with misstatements in other balances or classes.
Audit Risk Model: PDR = AAR ÷ (IR × CR) or AR = IR X CR X DR
Where,
AR = Audit Risk
IR = Inherent Risk
CR = Control Risk
DR = Detection Risk