ACCT 3014 notes-PDF
Carissa Law-ACCT 3014 Notes
Directors, officers, management or employees of a company • •
S290 of the Code and s324 of the Corporations Act prohibit an auditor from being an employee, director or officer of a client company Under s324 of CA, a person is deemed to be an officer of the company if he or she: a) Is an officer of a related company OR b) Was an officer or promoter of the company or a related company during the past 12 months
Providing non-audit services to client •
•
•
Scenario: Auditor firm recommends a software installation or some or some other improvement in client’s system and at a later date audits the output of that system o If system is ineffective, will the auditor evaluate the system harshly? 2003 report of HIH Royal Commission concluded that the provision of NAS to clients raises 2 threats to auditor independence o Self-review threats, which arise when auditor may need to review work performed by the auditor’s firm o The sacrifice of auditor integrity in order to procure non-audit work Under s 300 of the CA, the director’s report for a listed company must include the following in relation to each auditor who provided audit services to the company in the relevant financial year:
(a) details of the amounts paid or payable to the auditor for non-audit services provided, during the year, by the auditor (or by another person or firm on the auditor's behalf); (b) a statement whether the directors are satisfied that the provision of non-audit services, during the year, by the auditor (or by another person or firm on the auditor's behalf) is compatible with the general standard of independence for auditors imposed by this Act; (c) a statement of the directors' reasons for being satisfied that the provision of those non-audit services, during the year, by the auditor (or by another person or firm on the auditor's behalf) did not compromise the auditor independence requirements of this Act. Valuation services − A valuation requires estimation of a value or range of values, for as A, L or a business as a whole. This involves application of chosen methods and techniques regarding future developments. − Self review threat may arise − Safeguards that can reduce self-review threat” o Having a member who was not involved in providing the valuation service to review the audit or valuation work performed o Making arrangements so that personnel providing such services do not participate in the audit.
Week 2 Planning the Audit −
Auditor should plan audit engagements (ASA 300): o To enable the auditor to obtain sufficient appropriate evidence! minimize legal liability; good reputation o To keep audit costs reasonable! remain competitive o To avoid misunderstandings with the client! good client relationship; facilitate high quality cost at reasonable cost
Planning an audit and designing an audit approach
11
Carissa Law-ACCT 3014 Notes
1. Accept client and perform initial audit planning 2. Understanding the client's business and industry 3. Assess client business risk 4. Perform preliminary analytical procedures 5. Set materiality and assess acceptable audit risk and inherent risk 6. Understand internal control and assess control risk 7. Gather information to assess fraud risk 8. Develop overall audit plan and audit program
1. Accepting audit engagement and performing initial audit planning Steps in accepting client engagement Step 1: Client evaluation
Evaluate integrity of management
• Communicating with existing auditors • Making enquiries of other third parties • Reviewing previous experience with existing clients
Identify special circumstances and unusual risks
• Identifying intended users of the audit financial statements • Assessing a prosprctive client's legal and fnancial stability
Step 2: Ethical and legal considerations
12
Carissa Law-ACCT 3014 Notes
Evaluate independence
• Can the firm meet independence criteria? • Auditor have to give writtenr representation that there are no contraventions of independence requirements • Auditor should take reasonable steps to ensure conflicts of interest cease • Auditor cannot play a significant role in audit of a listed company for more than 5 consecutivey years
Assess competence to perform audit
• Engagement team to have appropriate competence and capabilities to perform the audit in accordance with Australian Auditing Standards, legal and regulatory requirements
Determine ability to use due care
• Involves review of work done and judment exercised by those assisting in the audit
Step 3: Prepare engagement letter
Prepare engagement letter
• ASA 210 Terms of Audit Engagements for details of an engagement letter which includes scope of audit procedures, quality control, fees and other matters. • Sets out expecations of the audit.
2. Understanding the client’s business and industry − ASA 315.11 states: The auditor shall obtain an understanding of the following: a) Relevant industry, regulatory, and other external factors and the applicable financial reporting framework b) The nature of the entity, e.g. operations, ownership, governance, structure What does the auditor need to understand? 1. Industry and external environment • Reasons: o Risks associated with specific industries may affect the auditor’s assessment of client business risk and acceptable audit risk. May influence auditors against accepting engagements in riskier industries, e.g. high-tech/ damage to environment o Familiarity with inherent risks common to most clients in certain industries aids the auditor in assessing their relevance to the client. E.g. potential inventory obsolescence in the fashion clothing industry o Many industries have unique accounting requirements that auditor must understand to evaluate whether the client’s financial statements are in accordance with accounting standards. E.g. accounting requirements exists for not-for-profit organisations, construction companies etc • Must also understand external environment, e.g. wild volatility in economic conditions, extent of competition and regulatory requirements. 2. Business operations and processes.
13
Carissa Law-ACCT 3014 Notes
•
•
Understand major sources of revenue, key customers and suppliers, sources of financing, and information about related parties that may indicate areas of increased client’s business risks (AASB 124) Steps: o Tour client facilities and operations o Identify related parties " Inquiry of management " Review information provided by management about RP and RP transactions " Examination of share registers and other statutory records to identify principal shareholders and directors’ interests " Inquiry as to affiliation of management with other entities " Review of minutes of meetings of shareholders " Review income tax returns
3. Management and governance • Assess management’s philosophy and operating style, and ability to identify and respond to risk because these significantly influence the risk of material misstatements in the financial statements. Can help determine whether client has changed accounting policies. • Steps: Check o Company policies " Ensure that management has authorization from BOD to make certain decisions and that the decisions of management are properly reflected in the statements " Include a record in permanent files of the most important policies followed by client. E.g. cost to be included in inventory valuation o Constitution " Determine whether FS are properly presented and relevant prescribed rules have been followed. " Especially rules relating to: allotment and issue of shares, calling general meetings, appointment and retirement of directors, declaration of dividends o Code of ethics " Examine any changes and waivers of the code that have implications about governance system, and related integrity and ethical values of senior management. o Minutes of meetings " Common authorizations: e.g. dividend payments, acquisition of property, remuneration of senior executive officers, new contracts and agreements, and longterm loans. " Make an abstract of the minutes by obtaining a copy and highlighting significant portions " Ensure that management has complied with decisions taken by shareholders and BOD. E.g. authorised remuneration of officers traced to each officer’s payroll to test whether the correct remuneration amount was paid. Litigations, pending share issues need to be included in footnotes. 4. Client objectives and strategies • Auditors should understand client objectives related to: o Reliability of financial reporting o Effectiveness and efficiency of operations o Compliance with laws and regulations " Become familiar with the terms of contracts and other legal obligations (superannuation plans, contracts with vendors, leases, royalty agreements, etc.) • Review and take notes from documents early in the engagement. Later, these documents can be examined more carefully as part of the tests of individual audit areas
14
Carissa Law-ACCT 3014 Notes 5. Measurement and review of performance • KPI include market share, sales per employee, unit sales growth, sales per square metre • Inherent risk of financial misstatements if client ahs set unreasonable objectives or if performance measurement system encourages aggressive accounting. o E.g. if objective is to obtain leading market share of industry sales, there is increased incentive to record sales before they have been earned or record sales for non-existent transactions. • Auditors should perform ratio analysis and benchmarking against key competitors.
3. Assess client’s business risk Business risk: Risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect the entity’s ability to 1. Reliability of financial reporting 2. Effectiveness and efficiency of operations 3. Compliance with laws and regulations − Auditor’s primary concern: risk of material misstatements in FS due to client’s business risk −
4. Performing preliminary analytical procedures −
Compare client ratios to industry or competitor benchmarks to provide an indication of the company’s performance
Purposes of audit documentation − Audit documentation: principal record of audit procedures applied, evidence obtained, and conclusions reached by the auditor in the engagement; a.k.a. audit working papers − Objective: aid auditor in providing reasonable assurance that an adequate audit was conducted in accordance to the auditing standards − Working papers provide: o Basis for planning the audit o Record of the evidence accumulated and results of the tests o Data for determining the proper type of audit report o Basis for review by supervisors and partners
Week 3 Audit Risk assessment Business Risk Approach:
Overall BR
• External factors (industry, regulatory, economic) • Internal factors (company's objectives, nature..) • Assess fraud risk and non-compliance with laws
Some BR
• Significant business risk may increase the risk of material misstatement and these are the risks that the auditor needs to address
Internal control
• Auditor needs to then understand Internal Controls and evaluate whether they address/minimise the BRs identfied as key by the Auditor.
15
Carissa Law-ACCT 3014 Notes
Audit risk −
Audit risk: what is the possibility that the auditor may not have uncovered a material misstatement in the financial statements, and thus issued an incorrect audit opinion.
Audit risk
The risk that the auditor will not detect the material misstatement (detection risk)
The risk of material misstatement of the financial report
Overall level i.e. the risks that affect financial report as a whole
Assertion level for T&E, A/B and P&D
Inherent risk
Audit risk
Control risk
The audit risk and what types of evidence to accumulate in each cycle:
PDR =
Reduced by proper planning, assignment of stadd, professional sceptism and supervision and review
model helps auditor decide how much
AAR IR × CR
where: PDR: planned detection risk AAR: acceptable (desired) audit risk IR: Inherent risk CR: Control risk Types of risks: 1. Planned detection risk: 2. Inherent risk: 3. Control risk: 4. Acceptable (desired) audit risk: 1. Planned detection risk (ASA 200) − The risk that audit evidence for a segment will fail to detect misstatements exceeding tolerable misstatements. • Inverse relationship with substantive evidence. E.g. If PDR is reduced, auditor needs to accumulate more evidence to achieve the reduced planned risk. − A function of the effectiveness of substantive procedures and their application by an auditor and thus is fundamental to the amount of audit work undertaken − Actual level of detection risk is controllable through: • Appropriate planning, direction, supervision and review • Variation in the nature, timing and extent of audit procedures • Effective performance of audit procedures and evaluation of their results
16
Carissa Law-ACCT 3014 Notes 2. Inherent risk −
Measures the auditor’s assessment of the likelihood that there are material misstatements (Errors or fraud) in a segment before considering the effectiveness of internal control. • Assessments are typically based on discussions with management, knowledge of the company and results in audits for prior years • Inversely related to planned detection risk, and directly related to evidence
−
Auditor determines how identified business risks are relevant to the audit client’s financial reporting. Factors include: • Changes in operating environment • New key personnel • New or revamped IS • Rapid growth (uncontrolled) • Corporate restructuring (target of a takeover) • Pressure to meet investor returns • Pressure to meet loan conditions • Pressure to achieve employee bonuses • Expand foreign operations
Factors affecting inherent risk • Nature of client’s business o E.g. electronic manufacturer faces a greater likelihood of obsolete inventory than a steel fabricator o More likely: inventory, accounts and loans receivable, and PPE • Results of previous audits o Misstatements in previous year’s audit have a high likelihood of occurring again. • Initial versus repeat engagement o Lack of prior years’ results would cause auditors to use higher inherent risk for initial audits than for repeat engagement in which no material misstatements have been found. • Related parties, i.e. parent and subsidiary; directors and corporate entity • Non-routine transactions, e.g. fire losses, major property acquisitions and lease agreements • Judgment required to correctly record account balances and transactions o E.g. allowance for DD, obsolete inventory and liability for warranty payments • Makeup of population o E.g. most auditors use a higher inherent risk for AR where most accounts are significantly overdue then when most accounts are current • Factors related to fraudulent financial reporting and misappropriation of assets
3. Control risk − a measure of the auditor’s assessment of the likelihood that misstatements exceeding a tolerable amount in a segment won’t be prevented or detected by the client’s internal control. • Inherent risk+ Control risk=risk of material misstatement • Inverse relationship with PDR, but direct relationship with substantive evidence 1. Each company will have these rules 2. The rules need to change (updated or amended) as the company activity change a. Important if a new business division is started or acquired b. IT systems changed c. If there are restructuring issues (staff sacked impacts segregation of duties)
17
Carissa Law-ACCT 3014 Notes 3. A key rule ‘segregation of duties’ costs money (more staff). So even if the rule would protect assets or information, Management may decide not to implement the rule based on a cost benefit analysis 4. Both management and external auditor need to know if a rule is working
4. Acceptable audit risk • measure of how willing the auditor is to accept that the FS may be materially misstated after the audit is completed and an unmodified audit opinion has been issued • 0 risk=certainty; 100%=complete uncertainty • 0 risk is impossible. Audit assurance: a complement to acceptable audit risk, an acceptable audit risk of 2% is the same as audit assurance of 98%. − Auditors decide engagement risk and use engagement risk to modify acceptable audit risk − Engagement risk: risk that the audit firm will suffer harm after the audit is finished, even though the audit report was correct Factors affecting engagement risk, and therefore acceptable audit risk: 1. The degree to which external users rely on the statements • Indicators: o Client size o Distribution of ownership: e.g. public companies more likely to have interested users o Nature and amount of liabilities • Methods use to assess: o Examine FS, including footnotes o Read minutes of BOD to determine future plans o Examine ASX releases for public companies o Discussing financing plans with management 2. The likelihood that a client will have financial difficulties after the audit report is issued • Indicators: o Liquidity position: e.g. constantly short of cash and working capital o Profits (losses) in previous years: e.g. declining profits or increasing losses-future solvency problems o Method of financing growth: e.g. more debt financing, more risk of financial difficulty. Are fixed assets financed with short or long-term loans? o Nature of client’s operations o Competence of management • Methods: o Analyse FS for financing difficulties using other analytical procedures o Examine historical and projected cash flow satments o Discuss financing plans with management 3. The auditor’s evaluation of management integrity • E.g. prior criminal conviction of key management personnel • Methods: o Chapter 6 client acceptance and continuance Limitation of audit risk model • PDR are highly subjective and approximations of reality o Hence, use broad and subjective measurement terms such as low, medium and high Relationship of risk to evidence Situation
Acceptable
Inherent risk
Control risk
Planned
Amount
of
18
Directors, officers, management or employees of a company • •
S290 of the Code and s324 of the Corporations Act prohibit an auditor from being an employee, director or officer of a client company Under s324 of CA, a person is deemed to be an officer of the company if he or she: a) Is an officer of a related company OR b) Was an officer or promoter of the company or a related company during the past 12 months
Providing non-audit services to client •
•
•
Scenario: Auditor firm recommends a software installation or some or some other improvement in client’s system and at a later date audits the output of that system o If system is ineffective, will the auditor evaluate the system harshly? 2003 report of HIH Royal Commission concluded that the provision of NAS to clients raises 2 threats to auditor independence o Self-review threats, which arise when auditor may need to review work performed by the auditor’s firm o The sacrifice of auditor integrity in order to procure non-audit work Under s 300 of the CA, the director’s report for a listed company must include the following in relation to each auditor who provided audit services to the company in the relevant financial year:
(a) details of the amounts paid or payable to the auditor for non-audit services provided, during the year, by the auditor (or by another person or firm on the auditor's behalf); (b) a statement whether the directors are satisfied that the provision of non-audit services, during the year, by the auditor (or by another person or firm on the auditor's behalf) is compatible with the general standard of independence for auditors imposed by this Act; (c) a statement of the directors' reasons for being satisfied that the provision of those non-audit services, during the year, by the auditor (or by another person or firm on the auditor's behalf) did not compromise the auditor independence requirements of this Act. Valuation services − A valuation requires estimation of a value or range of values, for as A, L or a business as a whole. This involves application of chosen methods and techniques regarding future developments. − Self review threat may arise − Safeguards that can reduce self-review threat” o Having a member who was not involved in providing the valuation service to review the audit or valuation work performed o Making arrangements so that personnel providing such services do not participate in the audit.
Week 2 Planning the Audit −
Auditor should plan audit engagements (ASA 300): o To enable the auditor to obtain sufficient appropriate evidence! minimize legal liability; good reputation o To keep audit costs reasonable! remain competitive o To avoid misunderstandings with the client! good client relationship; facilitate high quality cost at reasonable cost
Planning an audit and designing an audit approach
11
Carissa Law-ACCT 3014 Notes
1. Accept client and perform initial audit planning 2. Understanding the client's business and industry 3. Assess client business risk 4. Perform preliminary analytical procedures 5. Set materiality and assess acceptable audit risk and inherent risk 6. Understand internal control and assess control risk 7. Gather information to assess fraud risk 8. Develop overall audit plan and audit program
1. Accepting audit engagement and performing initial audit planning Steps in accepting client engagement Step 1: Client evaluation
Evaluate integrity of management
• Communicating with existing auditors • Making enquiries of other third parties • Reviewing previous experience with existing clients
Identify special circumstances and unusual risks
• Identifying intended users of the audit financial statements • Assessing a prosprctive client's legal and fnancial stability
Step 2: Ethical and legal considerations
12
Carissa Law-ACCT 3014 Notes
Evaluate independence
• Can the firm meet independence criteria? • Auditor have to give writtenr representation that there are no contraventions of independence requirements • Auditor should take reasonable steps to ensure conflicts of interest cease • Auditor cannot play a significant role in audit of a listed company for more than 5 consecutivey years
Assess competence to perform audit
• Engagement team to have appropriate competence and capabilities to perform the audit in accordance with Australian Auditing Standards, legal and regulatory requirements
Determine ability to use due care
• Involves review of work done and judment exercised by those assisting in the audit
Step 3: Prepare engagement letter
Prepare engagement letter
• ASA 210 Terms of Audit Engagements for details of an engagement letter which includes scope of audit procedures, quality control, fees and other matters. • Sets out expecations of the audit.
2. Understanding the client’s business and industry − ASA 315.11 states: The auditor shall obtain an understanding of the following: a) Relevant industry, regulatory, and other external factors and the applicable financial reporting framework b) The nature of the entity, e.g. operations, ownership, governance, structure What does the auditor need to understand? 1. Industry and external environment • Reasons: o Risks associated with specific industries may affect the auditor’s assessment of client business risk and acceptable audit risk. May influence auditors against accepting engagements in riskier industries, e.g. high-tech/ damage to environment o Familiarity with inherent risks common to most clients in certain industries aids the auditor in assessing their relevance to the client. E.g. potential inventory obsolescence in the fashion clothing industry o Many industries have unique accounting requirements that auditor must understand to evaluate whether the client’s financial statements are in accordance with accounting standards. E.g. accounting requirements exists for not-for-profit organisations, construction companies etc • Must also understand external environment, e.g. wild volatility in economic conditions, extent of competition and regulatory requirements. 2. Business operations and processes.
13
Carissa Law-ACCT 3014 Notes
•
•
Understand major sources of revenue, key customers and suppliers, sources of financing, and information about related parties that may indicate areas of increased client’s business risks (AASB 124) Steps: o Tour client facilities and operations o Identify related parties " Inquiry of management " Review information provided by management about RP and RP transactions " Examination of share registers and other statutory records to identify principal shareholders and directors’ interests " Inquiry as to affiliation of management with other entities " Review of minutes of meetings of shareholders " Review income tax returns
3. Management and governance • Assess management’s philosophy and operating style, and ability to identify and respond to risk because these significantly influence the risk of material misstatements in the financial statements. Can help determine whether client has changed accounting policies. • Steps: Check o Company policies " Ensure that management has authorization from BOD to make certain decisions and that the decisions of management are properly reflected in the statements " Include a record in permanent files of the most important policies followed by client. E.g. cost to be included in inventory valuation o Constitution " Determine whether FS are properly presented and relevant prescribed rules have been followed. " Especially rules relating to: allotment and issue of shares, calling general meetings, appointment and retirement of directors, declaration of dividends o Code of ethics " Examine any changes and waivers of the code that have implications about governance system, and related integrity and ethical values of senior management. o Minutes of meetings " Common authorizations: e.g. dividend payments, acquisition of property, remuneration of senior executive officers, new contracts and agreements, and longterm loans. " Make an abstract of the minutes by obtaining a copy and highlighting significant portions " Ensure that management has complied with decisions taken by shareholders and BOD. E.g. authorised remuneration of officers traced to each officer’s payroll to test whether the correct remuneration amount was paid. Litigations, pending share issues need to be included in footnotes. 4. Client objectives and strategies • Auditors should understand client objectives related to: o Reliability of financial reporting o Effectiveness and efficiency of operations o Compliance with laws and regulations " Become familiar with the terms of contracts and other legal obligations (superannuation plans, contracts with vendors, leases, royalty agreements, etc.) • Review and take notes from documents early in the engagement. Later, these documents can be examined more carefully as part of the tests of individual audit areas
14
Carissa Law-ACCT 3014 Notes 5. Measurement and review of performance • KPI include market share, sales per employee, unit sales growth, sales per square metre • Inherent risk of financial misstatements if client ahs set unreasonable objectives or if performance measurement system encourages aggressive accounting. o E.g. if objective is to obtain leading market share of industry sales, there is increased incentive to record sales before they have been earned or record sales for non-existent transactions. • Auditors should perform ratio analysis and benchmarking against key competitors.
3. Assess client’s business risk Business risk: Risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect the entity’s ability to 1. Reliability of financial reporting 2. Effectiveness and efficiency of operations 3. Compliance with laws and regulations − Auditor’s primary concern: risk of material misstatements in FS due to client’s business risk −
4. Performing preliminary analytical procedures −
Compare client ratios to industry or competitor benchmarks to provide an indication of the company’s performance
Purposes of audit documentation − Audit documentation: principal record of audit procedures applied, evidence obtained, and conclusions reached by the auditor in the engagement; a.k.a. audit working papers − Objective: aid auditor in providing reasonable assurance that an adequate audit was conducted in accordance to the auditing standards − Working papers provide: o Basis for planning the audit o Record of the evidence accumulated and results of the tests o Data for determining the proper type of audit report o Basis for review by supervisors and partners
Week 3 Audit Risk assessment Business Risk Approach:
Overall BR
• External factors (industry, regulatory, economic) • Internal factors (company's objectives, nature..) • Assess fraud risk and non-compliance with laws
Some BR
• Significant business risk may increase the risk of material misstatement and these are the risks that the auditor needs to address
Internal control
• Auditor needs to then understand Internal Controls and evaluate whether they address/minimise the BRs identfied as key by the Auditor.
15
Carissa Law-ACCT 3014 Notes
Audit risk −
Audit risk: what is the possibility that the auditor may not have uncovered a material misstatement in the financial statements, and thus issued an incorrect audit opinion.
Audit risk
The risk that the auditor will not detect the material misstatement (detection risk)
The risk of material misstatement of the financial report
Overall level i.e. the risks that affect financial report as a whole
Assertion level for T&E, A/B and P&D
Inherent risk
Audit risk
Control risk
The audit risk and what types of evidence to accumulate in each cycle:
PDR =
Reduced by proper planning, assignment of stadd, professional sceptism and supervision and review
model helps auditor decide how much
AAR IR × CR
where: PDR: planned detection risk AAR: acceptable (desired) audit risk IR: Inherent risk CR: Control risk Types of risks: 1. Planned detection risk: 2. Inherent risk: 3. Control risk: 4. Acceptable (desired) audit risk: 1. Planned detection risk (ASA 200) − The risk that audit evidence for a segment will fail to detect misstatements exceeding tolerable misstatements. • Inverse relationship with substantive evidence. E.g. If PDR is reduced, auditor needs to accumulate more evidence to achieve the reduced planned risk. − A function of the effectiveness of substantive procedures and their application by an auditor and thus is fundamental to the amount of audit work undertaken − Actual level of detection risk is controllable through: • Appropriate planning, direction, supervision and review • Variation in the nature, timing and extent of audit procedures • Effective performance of audit procedures and evaluation of their results
16
Carissa Law-ACCT 3014 Notes 2. Inherent risk −
Measures the auditor’s assessment of the likelihood that there are material misstatements (Errors or fraud) in a segment before considering the effectiveness of internal control. • Assessments are typically based on discussions with management, knowledge of the company and results in audits for prior years • Inversely related to planned detection risk, and directly related to evidence
−
Auditor determines how identified business risks are relevant to the audit client’s financial reporting. Factors include: • Changes in operating environment • New key personnel • New or revamped IS • Rapid growth (uncontrolled) • Corporate restructuring (target of a takeover) • Pressure to meet investor returns • Pressure to meet loan conditions • Pressure to achieve employee bonuses • Expand foreign operations
Factors affecting inherent risk • Nature of client’s business o E.g. electronic manufacturer faces a greater likelihood of obsolete inventory than a steel fabricator o More likely: inventory, accounts and loans receivable, and PPE • Results of previous audits o Misstatements in previous year’s audit have a high likelihood of occurring again. • Initial versus repeat engagement o Lack of prior years’ results would cause auditors to use higher inherent risk for initial audits than for repeat engagement in which no material misstatements have been found. • Related parties, i.e. parent and subsidiary; directors and corporate entity • Non-routine transactions, e.g. fire losses, major property acquisitions and lease agreements • Judgment required to correctly record account balances and transactions o E.g. allowance for DD, obsolete inventory and liability for warranty payments • Makeup of population o E.g. most auditors use a higher inherent risk for AR where most accounts are significantly overdue then when most accounts are current • Factors related to fraudulent financial reporting and misappropriation of assets
3. Control risk − a measure of the auditor’s assessment of the likelihood that misstatements exceeding a tolerable amount in a segment won’t be prevented or detected by the client’s internal control. • Inherent risk+ Control risk=risk of material misstatement • Inverse relationship with PDR, but direct relationship with substantive evidence 1. Each company will have these rules 2. The rules need to change (updated or amended) as the company activity change a. Important if a new business division is started or acquired b. IT systems changed c. If there are restructuring issues (staff sacked impacts segregation of duties)
17
Carissa Law-ACCT 3014 Notes 3. A key rule ‘segregation of duties’ costs money (more staff). So even if the rule would protect assets or information, Management may decide not to implement the rule based on a cost benefit analysis 4. Both management and external auditor need to know if a rule is working
4. Acceptable audit risk • measure of how willing the auditor is to accept that the FS may be materially misstated after the audit is completed and an unmodified audit opinion has been issued • 0 risk=certainty; 100%=complete uncertainty • 0 risk is impossible. Audit assurance: a complement to acceptable audit risk, an acceptable audit risk of 2% is the same as audit assurance of 98%. − Auditors decide engagement risk and use engagement risk to modify acceptable audit risk − Engagement risk: risk that the audit firm will suffer harm after the audit is finished, even though the audit report was correct Factors affecting engagement risk, and therefore acceptable audit risk: 1. The degree to which external users rely on the statements • Indicators: o Client size o Distribution of ownership: e.g. public companies more likely to have interested users o Nature and amount of liabilities • Methods use to assess: o Examine FS, including footnotes o Read minutes of BOD to determine future plans o Examine ASX releases for public companies o Discussing financing plans with management 2. The likelihood that a client will have financial difficulties after the audit report is issued • Indicators: o Liquidity position: e.g. constantly short of cash and working capital o Profits (losses) in previous years: e.g. declining profits or increasing losses-future solvency problems o Method of financing growth: e.g. more debt financing, more risk of financial difficulty. Are fixed assets financed with short or long-term loans? o Nature of client’s operations o Competence of management • Methods: o Analyse FS for financing difficulties using other analytical procedures o Examine historical and projected cash flow satments o Discuss financing plans with management 3. The auditor’s evaluation of management integrity • E.g. prior criminal conviction of key management personnel • Methods: o Chapter 6 client acceptance and continuance Limitation of audit risk model • PDR are highly subjective and approximations of reality o Hence, use broad and subjective measurement terms such as low, medium and high Relationship of risk to evidence Situation
Acceptable
Inherent risk
Control risk
Planned
Amount
of
18
