chapter 9 materiality and risk
DESCRIPTION
Audit Risk. CPA. Chapter 9 Materiality and Risk. Presentation Outline. Steps in Applying Materiality Risk in Auditing Planning Model Relationships Evaluating Results. I. Steps in Applying Materiality. Step 1 in Applying Materiality. Set preliminary judgment about materiality. - PowerPoint PPT PresentationTRANSCRIPT
9 - 1
Chapter 9Materiality and Risk
Audit Risk
CPA
9 - 2
Presentation Outline
I. Steps in Applying Materiality
II. Risk in Auditing
III. Planning Model Relationships
IV. Evaluating Results
9 - 3
9 - 4
Step 1 in Applying MaterialitySet preliminary judgment about materiality.
The preliminary judgment about materiality is the maximum amountthe auditor believes the statements could be misstated and still not
affect the decisions of reasonable users. Decided early in audit.
Permissible misstatements are often less for smaller clients.
Although the FASB and AICPA are unwilling to provide specific materiality guidelines to practitioners, bases are needed for
evaluating materiality. See Figure 9-2 on page 235.
Qualitative factors can affect materiality. See factors on pages 234-235.
9 - 5
Step 2 in Applying MaterialityAllocate preliminary judgment about materiality to
segments.
An allocation is necessary because evidence is accumulated bysegments rather than the financial statements taken as a whole. The allocation to account balances is known as the tolerable misstatement.
Most practitioners allocate materiality to balance sheet rather than income statement accounts. This is because most income
statement misstatements have an equal effect on the balance sheet because of the double-entry bookkeeping system.
The sum of the tolerable misstatement is allowed to exceed overall materiality because (1) it is unlikely that all accounts will be
misstated by the full amount of tolerable misstatement, and (2) some accounts are overstated while others are understated, resulting in a
net amount that is likely to be less than overall materiality.
9 - 6
Illustration of Tolerable Misstatement Allocation for Current Assets
Tolerable Account Misstatement Cash $ 4,000Accounts receivable 20,000Inventory 36,000
Preliminary judgment about materiality $50,000
9 - 7
Step 3 in Applying MaterialityEstimate total misstatement in segment.
One way to calculate the estimate of misstatement is to make a direct projection from the sample to the population.
$3,500 net misstatement of the inventory sample
$3,500 ÷ $50,000 × $450,000 = $31,500
$50,000 total inventory sampled
$450,000 total recorded population value for inventory
$31,500 direct projection estimate of misstatement
×÷
=
9 - 8
Illustration of Estimating Total Misstatement in Segment
Tolerable Direct SamplingAccount Misstatement Projection Error TotalCash $ 4,000 $ 0 $ N/A $ 0Accounts receivable 20,000 12,000 6,000* 18,000Inventory 36,000 31,500 15,750* 47,250
Preliminary judgment about materiality $50,000*estimate for sampling error is 50%
9 - 9
Tolerable Direct SamplingAccount Misstatement Projection Error TotalCash $ 4,000 $ 0 $ N/A $ 0Accounts receivable 20,000 12,000 6,000* 18,000Inventory 36,000 31,500 15,750* 47,250Total estimated misstatement amount $43,500 $16,800 $60,300Preliminary judgment about materiality $50,000*estimate for sampling error is 50%
Step 4 in Applying MaterialityEstimate the combined misstatement.
9 - 10
Tolerable Direct SamplingAccount Misstatement Projection Error TotalCash $ 4,000 $ 0 $ N/A $ 0Accounts receivable 20,000 12,000 6,000* 18,000Inventory 36,000 31,500 15,750* 47,250Total estimated misstatement amount $43,500 $16,800 $60,300Preliminary judgment about materiality $50,000*estimate for sampling error is 50%
Step 5 in Applying MaterialityCompare combined estimate with preliminary or
revised judgment about materiality.
Because the estimated combined misstatement exceeds thepreliminary judgment, the financial statements are not acceptable.The auditor may perform additional audit procedures to reevaluatethe estimate, or require adjustment for the estimated misstatements.
9 - 11
II. Risk in Auditing
A. Components of Audit Risk
B. Acceptable Audit Risk
C. Inherent Risk
D. Control Risk
E. Planned Detection RiskAudit Risk
A. Components of Audit Risk
Inherent Risk(IR)
Control Risk(CR)
Detection Risk(DR)
Audit Risk(AR)
Susceptibility of an assertion to material misstatement assuming no
related internal controls.
Risk of misstatements not being detected by system of internal
control.
Risk of misstatements not being detected by the auditor.
Misstatement that remains undetected by the auditor.
Caught by internal controls
Caught by auditor
Undetected misstatement
Total misstatement
-
-
=
9 - 13
B. Acceptable Audit Risk
1. Reliance by External Users2. Likelihood of Financial Failure
3. Integrity of Management
Audit
Risk
The following factors mean that audit risk should be kept lower:
9 - 14
1. Reliance by External UsersWhen external users place
heavy emphasis on the financial statements,
acceptable audit risk should be kept low. The following
generally results in more users of the financial
statements: Larger clients
Publicly held corporations Extensive use of liabilities
XYZ Co.
Financial Statements
9 - 15
2. Likelihood of Financial Failure
There is a greater chance of having to defend the quality of the audit when there is a financial failure. Failure
indicators include: Shortage of funds
Declining net income or continued losses
Risky industries such as technology
Management lacking competency to deal with
financial difficulties
9 - 16
3. Integrity of Management
If a client has questionable integrity, the auditor is likely to assess acceptable audit risk lower. Indications of integrity
problems include: Frequent disagreements with
prior auditors, the IRS, and/or SEC
Frequent turnover of key financial and internal audit
personnel Ongoing conflicts with labor
unions and employees
9 - 17
C. Inherent Risk1. Nature of the Client’s Business
2. Results of Previous Audits
3. Initial vs. Repeat Engagement
4. Related Parties
5. Nonroutine Transactions
6. Judgment Required
7. Make-up of the Population
9 - 18
1. Nature of the Client’s Business
Inherent risk is likely to vary from business to business for accounts such as inventory,
accounts and loans receivable, and property, plant, and
equipment. The nature of the business should have little effect on cash,
notes payable, and mortgages payable.
Ricky’s Electronics
9 - 19
2. Results of Previous Audits
Misstatements found in the previous year’s audit have a high likelihood
of occurring again. Many types of misstatements are
systematic in nature, and organizations are
slow in making changes to eliminate them.
9 - 20
3. Initial vs. Repeat Engagement
Most auditors use a larger inherent risk for initial audits than for repeat engagements in which
no material misstatements had been
found.
9 - 21
4. Related Parties
Examples of related party transactions are
those between parent and subsidiary companies,
and management or owners and the company.
Increases inherent risk because there is a greater
likelihood of misstatement.
9 - 22
5. Nonroutine Transactions
Transactions that are unusual for the client are more likely to be recorded incorrectly.
Examples include fire losses, major property
acquisitions, etc.
9 - 23
6. Judgment Needed
Many account balances require estimates and a
great deal of management judgment
including: Uncollectible accounts
receivable Obsolete inventory Warranty liabilities
9 - 24
7. Make-up of the Population
Accounts receivable where most accounts are
significantly overdue Transactions with
related parties Disbursements made
payable to cash Inventory with a slow
turnover
9 - 25
D. Control Risk
There are two basic phases to an auditor’s evaluation of control risk:
1. Obtain an understanding of internal control. This phase applies to all audits.
2. Test the internal controls for effectiveness. This phase only applies when the auditor chooses to
assess control risk at below the maximum.
9 - 26
E. Planned Detection Risk
The auditor can reduce planned detection risk by performing more substantive testing.
Lowering Acceptable Audit Risk
Increased audit evidence
Lower Detection
Risk
9 - 27
III. Planning Model Relationships
A. Acceptable Audit Risk Relationships
B. Inherent Risk Relationships
C. Control Risk Relationships
D. The Overall Relationship of Components in Planning the Audit Process
E. The Audit Risk Model for Planning
9 - 28
A. Acceptable Audit Risk Relationships
Acceptable audit risk is the risk that the auditor is willing to take of giving an unqualified opinion when
the financial statements are materially misstated. As acceptable audit risk increases, the auditor is
willing to collect less evidence (inverse) and therefore accept a higher detection risk (direct).
Acceptableaudit risk
Planneddetection risk
Plannedaudit evidence
InverseDirect
9 - 29
B. Inherent Risk Relationships
Inherent risk is the susceptibility of an assertion to material misstatement assuming no related internal
controls. As inherent risk increases, the auditor must reduce
detection risk (inverse) by collecting more audit evidence (direct).
Inherentrisk
Planneddetection risk
Plannedaudit evidenceI
D
9 - 30
C. Control Risk Relationships
Control risk is the risk of misstatements not being detected by the client’s system of internal control.
As control risk increases, the auditor must reduce detection risk (inverse) by collecting more audit
evidence (direct).
Controlrisk
Planneddetection risk
Plannedaudit evidence
I D
9 - 31
D. The Overall Relationship of Components in Planning the Audit Process
Acceptableaudit risk
Inherentrisk
Controlrisk
Tolerablemisstatement
Planneddetection risk
Plannedaudit evidence
D = Direct relationship; I = Inverse relationship
I
D
I
I I
I
D
D
9 - 32
E. The Audit Risk Modelfor Planning
PDR = AAR ÷ (IR × CR)
PDR = Planned detection risk
AAR = Acceptable audit risk
IR = Inherent risk
CR = Control risk
9 - 33
IV. Evaluating Results
A. Audit Risk Model for Evaluating Results
B. Reducing Achieved Audit Risk
C. Revising Risks and Evidence
9 - 34
A. Audit Risk Model for Evaluating Results
AcAR = IR × CR × AcDR
AcAR = Achieved audit risk
AcDR = Achieved detection risk
IR = Inherent risk
CR = Control risk
9 - 35
B. Reducing Achieved Audit Risk
The audit risk model for evaluating results is stated in SAS 47. Research subsequent to the issuance of SAS 47 has shown that it is not appropriate to uses this evaluation formula as originally intended. However, the model does show three
possible ways to reduce achieved audit risk to an acceptable level.
Reduce inherent risk – not feasible unless new facts are uncovered during the audit process.
Reduce control risk – may be possible to reevaluate control risk to a lower level by conducting more tests of internal controls.
Reduce achieved detection risk – can be achieved by larger sample sizes and/or additional audit procedures.
9 - 36
C. Revising Risks and Evidence
Great care must be used when revising the risk factors when the actual results are not as favorable as planned.
When the auditor concludes that the original assessment of control risk or inherent risk was understated or
acceptable audit risk was overstated, a two step approach should be used:
1. The auditor must revise the original assessment of the appropriate risk.
2. The auditor should consider the effect of the revision on evidence requirements , without the use of the audit risk model.
Research shows that using the model in the evaluation stage often results in an insufficient increase of evidence.
9 - 37
Summary
Applying Materiality
Risk and Audit Planning
Evaluating Results
Audit Process
Internal Control
Risk