1.0 INTRODUCTION
The term ’audit risk’ refers to the possibility that the auditors may unknowingly fail to appropriately modify their opinion on financial statements that are not well stated. It can also be stated that audit risk means the chance of damage to the audit firm as a result of giving an audit opinion that is wrong in some particular. Damage to the audit form may be in the form of monetary damages paid to a client or third party as compensation for loss caused by the conduct (for example, negligence) of the audit firm or simply loss of reputation with the client (and perhaps also the audit) or the business community.Audit risk is reduced by gathering evidence – the more the evidence gathered, the less the audit risk assumed.
MUST READ: A
- Auditors’ importance, responsibility and independence
- Legal position and liability of auditors
- Procedures for auditing transactions i - fixed assets and investments
- Audit cycle and procedures
- Audit evidence and procedures
- Audit planning
- Audit reports
- Audit risks-types
In this unit, you will be considering the following topics.
- Types of audit risks;
- Audit firm organisation and audit risk;
- Particular audits and audit risk;
- Risk-based audit methodology.
2.0 OBJECTIVES
At the end of this unit, you should be able to:- define audit risk
- explain the types of audit risk
- describe the features of audit firm organisation
- minimise risk
- explain the risk-based audit methodology.
3.0 MAIN CONTENT
3.1 Audit Risks – Types
There are three types of audit risks, namely:- normal audit risk
- higher than normal audit risk and
- audit work risk
3.1.1 Normal Audit Risk
All audits involve risk. However strong the audit evidence and however careful the auditor, there is always a possibility of an error or fraud being undetected. In general, if there are indications that audit risk is normal and there are no indications of higher than normal risk, then the auditor could be regarded as one that:- organises his office and staff in a competent manner;
- follows the auditing standards and guidelines; he is unlikely to be found negligent and to have to pay damages as a consequence of fraud or error not discovered by him.
Indications that risk is normal may include the following:
- Past experience indicates risk is normal;
- The management and staff of the client are competent and have integrity;
- The accounting system is well designed, it works and it is subject to strong internal controls;
- The client is old established and is not subject to rapid change;
- The board of directors is actively engaged in the company and control and its leadership is of good quality;
- The board of directors has competent non-executive directors and better still, an audit committee.
- key controls;
- substantive tests;
- analytical review.
3.1.2 Higher than Normal Risk
Some audit assignments involve high audit risk. Some audits contain at least one area of high risk.Indications of higher than normal audit risk are as follows:
- Previous experience;
- Future plans of the enterprise which include sale or flotation on the Stock Exchange of the company;
- High gearing;
- Liquidity problems;
- Poor management;
- Lack of controls and/or poor book-keeping;
- Recent changes of ownership/control;
- Dominance by a single person;
- Rapid staff turnover;
- In small companies, non-involvement of the proprietor or conversely over-reliance on management for control;
- Changes of accounting procedures or policies;
- Evidence from background research;
- Over-reliance on one or a few products, customers, suppliers;
- Recent high investment in new ventures or products;
- Problems inherent in the nature of the business e.g. stock counting or valuing difficulties, difficulty in determining the extent of liabilities, warranty claims, cut-off;
- The existence of ‘put upon enquiry’ situation.
- sceptical;
- to use high caliber audit staff;
- collection of a wide range of audit evidence in each area;
- meticulous preparation of audit working papers;
- probing of all high risk areas to the bottom;
- extreme care in drafting the audit report.
3.1.3 Audit Work Risk
All audit work involves normal risk and some audit works involve higher than normal risk. This is because there is always a possibility of the accounts containing a misstatement due to error or fraud.In addition to the audit risk arising from client activity, there is also a risk that the audit work may be of an inadequate standard.
The risk arising from audit work may include the following:
- Failure to recognise ‘put upon enquiry’ situations;
- Failure to draw the correct inferences from audit evidence and the analytical review;
- Use of the wrong procedures in a particular situation;
- Failure to perform necessary audit work because of time or cost considerations;
- Failure to detect error or fraud because of poor sampling method or inadequate sample sizes.
SELF-ASSESSMENT EXERCISE 1
- What is audit risk?
- What factors might indicate that risk is normal?
3.2 Audit Firm Organisation and Audit Risk
It is essential that an audit firm should organise its affairs in such a way as to minimise the risk of paying damages to clients or others arising out of negligent work.Features of organisation, which may minimise risk are as follows:
- Proper recruitment and training of all personnel;
- Allocation of staff with appropriate ability to particular audits;
- Planning of the work of the firm in such a way that each audit can be approached in a relaxed but disciplined way and timing problems can be accommodated;
- Two-way communication with staff on matters of general concern and in connection with specific audits;
- Use of audit manuals which conform to the audit standards and guidelines;
- Use of audit documentation which is comprehensive and yet which allows for special situations;
- Use of budgetting and other techniques to ensure that audits are remunerative and yet risk- minimising;
- Use of precise and frequently updated letters of engagement;
- Use of review techniques for all audits;
- Existence of technical section so that all new developments (accounting, law, audit procedures) are rapidly incorporated into the firm’s actions.
3.3 Particular Audits and Audit Risk
Risks arising from a particular audit can be minimised by:(a) techniques for recognising the existence of audit risk;
(b) segregating normal risk areas from high risk areas;
(c) allocating staff who are competent to do the work especially in high risk areas;
(d) extensive background research into the client and its industry;
(e) careful planning with emphasis on high risk areas;
(f) comprehensive documentation;
(g) good briefing of audit staff;
(h) emphasis to staff on the need for recognition of high risk situations and good communication when high risk or put upon enquiry situations are discovered;
(i) particular attention to the conclusions reached from audit evidence;
(j) special emphasis on the analytical review;
(k) review of the audit work by a senior auditor unconnected with the
particular audit;
(l) emphasis on materiality considerations and sample sizes.
(f) comprehensive documentation;
(g) good briefing of audit staff;
(h) emphasis to staff on the need for recognition of high risk situations and good communication when high risk or put upon enquiry situations are discovered;
(i) particular attention to the conclusions reached from audit evidence;
(j) special emphasis on the analytical review;
(k) review of the audit work by a senior auditor unconnected with the
particular audit;
(l) emphasis on materiality considerations and sample sizes.
Social Plugin