Ak206 092173 629 14

Materiality and Risk
Chapter 9
2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 9-1
Auditing Definition
Auditing reduces information risk to a socially
acceptable level.
To accomplish this,
Set materiality (yardstick)
Manage risks.
Materiality
The auditors responsibility is to

determine whether financial
statements are materially misstated.
If there is a material misstatement,
the auditor will bring it to the clients
attention so that a correction can be made.
Materiality
Information is material when it is likely to
influence the economic decisions of financial
statement users.
Planning materiality (preliminary judgment) is
the largest amount of uncorrected dollar
misstatement that could exist in published
financial statements and still fairly present
financial statements in conformity with GAAP.
Tolerable misstatement is the amount an account
can be off and still be considered fairly stated.
Steps in Applying
Materiality
Set preliminary
Step
judgment about
1
materiality.
Planning
extent
Allocate preliminary of tests
Step judgment about
2 materiality
to segments.
Steps in Applying
Materiality
Step Estimate total

3 misstatement in segment.
Step Estimate the Evaluating

4 combined misstatement. results
Compare combined
Step
estimate with judgment
5
about materiality.
Auditors use materiality
to:
Plan the audit, directing attention,
determining the nature, timing and
extent of procedures to be performed.
Evaluate the evidence, something to
measure against
Guide for decisions about audit report
Planning Materiality is determined prior to
evidence gathering
Determining Whats Material
Not required to define materiality as a
specific dollar amount.
Rule of thumb for materiality is under
5% is not material where over 10%
would be material.
Auditors judgment determines
materiality
Factors that affect auditors
judgement on materiality
Absolute size - half a million
Relative size - in relation to F/S such as 5% of net
income.
Qualitative aspects (nature) - management fraud v.s.
employee fraud
Circumstances - what will F/S be used for, how widely
published
Uncertainty - lower materiality level because of risk of
being wrong.
Cumulative error - errors may accumulate into a
material error
Preliminary Assessment of
Materiality
Helps the auditor avoid surprises such as:
Not auditing enough - litigation
Auditing too much - costly
Fine tunes the audit for effectiveness and
efficiency.
2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 9 - 10
Assigning Materiality to
Accounts
Top Down, define total materiality and divide
amongst the accounts
Bottoms-up, assign materiality to each account
and add the amounts to get total materiality for
the F/S.
The amount assigned to the account is the
tolerable misstatement.
Allocate Preliminary Judgment
About Materiality to Segments
This is necessary because evidence is

accumulated by segments rather than
for the financial statements as a whole.
Most practitioners allocate materiality
to balance sheet accounts.
SAS 39 (AU 350)
Estimated Total
Misstatement Example
Net misstatement of the sample

Total sampled
Total recorded population value
= Direct projection estimate of misstatement
$3,500 $50,000 $450,000 = $31,500
Example of Estimate
for Sampling Error
Tolerable Direct Sampling

Account Misstatement Projection Error Total
Cash $ 4,000 $ 0 $ N/A $ 0
Accounts receivable 20,000 12,000 6,000* 18,000
Inventory 36,000 31,500 15,750* 47,250
Total estimated
misstatement amount $43,500 $16,800 $60,300
Preliminary judgment
about materiality $50,000
*estimate for sampling error is 50%
Analytical Procedures can help
determine materiality
Mathematical analysis of the F/S

Required as part of planning and review for an
audit.
Attention Directing
Helps to reduce risk.
Risk
Auditors accept some level of risk

in performing the audit.
An effective auditor recognizes that
risks exist, are difficult to measure,
and require careful thought to respond.
Responding to risks properly is critical
to achieving a high-quality audit.
Managing Risk using the
Model
Audit Risk = Inherent Risk x Control Risk x
Detection Risk
AR = IR x CR x DR
Inherent Risk
The risk that material misstatements have
entered the accounting system.
Based on type of business, environment, type
of management, etc.
What errors could occur?
Control Risk
Control risk is the probability that the clients
internal control activities will fail to detect
material misstatements.
What has client done to mitigate inherent
risks?
Detection Risk
The probability that audit procedures will fail
to produce evidence of material misstatements.
This is the only part of the risk model the
auditor controls by planning the nature, timing
and extent of audit procedures.
Audit Risk
The risk that an auditor will issue an
inappropriate opinion.
Manage audit risk by
Evaluating the clients inherent and control risk
Adjusting audit procedures (detection risk)
Who Controls the Risks
The auditor controls the audit risk by
controlling detection risk.
Inherent and control risk are controlled by the
client and the business the client is in.
Anchoring
Anchoring is the auditor using a carryover
view of the client's internal control structure
from previous audits.
How does this affect the audit?
Inherent Risk is affected by
Economic conditions such as asset valuations,
offsetting assets and liabilities, changes in
deferral policies, compliance with covenants.
Complexity of transactions.
Type of business, type of ownership, size of
business
Relative risk, some accounts are riskier than
others.
Major Factors When
Assessing Inherent Risk
Nature of the clients business

Results of previous audits
Initial versus repeat engagement
Related parties
Nonroutine transactions
Judgment correctly record account
balances and transactions
Makeup of the population
Planning the Audit
The auditor uses the knowledge of the
clients business to make preliminary
assessments of the clients inherent and
control risk.
These are preliminary risk assessments
prior to gathering evidence.
Risk is updated throughout the audit as
needed based on the findings.
Audit Risk Overall
The probability of giving an incorrect opinion
on financial statements as a whole.
On an individual item like accounts receivable,
it is the risk that a material misstatement
occurs beyond an acceptable level.
Acceptable level is defined by materiality
Risk and Evidence
Auditors gain an understanding of the

clients business and industry and
assess client business risk.
Auditors use the audit risk model to further
identify the potential for misstatements
and where they are most likely to occur.
Example of Differing
Evidence Among Cycles
Sales and Acquisition Payroll and
Collection and Payment Personnel
Cycle Cycle Cycle
Inherent
A risk
medium high low
Control
B risk
medium low low
Acceptable
C audit risk
low low low
Planned
D detection risk
medium medium high
Example of Differing
Evidence Among Cycles
Inventory and Capital Acquisition
Warehousing and Repayment
Cycle Cycle
Inherent
A risk
high low
Control
B risk
high medium
Acceptable
C audit risk
low low
Planned
D detection risk
low medium
Audit Risk Model
for Planning
PDR = AAR (IR CR)
PDR = Planned detection risk

AAR = Acceptable audit risk
IR = Inherent risk
CR = Control risk
Impact of Engagement Risk
on Acceptable Audit Risk
Auditors decide engagement risk and use

that risk to modify acceptable audit risk.
Engagement risk closely relates to
client business risk.
Factors Affecting
Acceptable Audit Risk
The degree of which external users

rely on the statements
The likelihood that a client will have
financial difficulties after the
audit report is issued
Factors Affecting
Acceptable Audit Risk
The auditors evaluation of

managements integrity
Making the Acceptable
Audit Risk Decision
Factors Methods to Assess Risk

Examine financial statements.
External users
Read minutes of the board.
reliance on
Examine form 10K.
financial
Discuss financing plans
statements
with management.
Making the Acceptable
Audit Risk Decision
Factors Methods to Assess Risk

Analyze financial statements
Likelihood
for difficulties using ratios.
of financial
Examine inflows and outflows
difficulties
of cash flow statements.
Management See Chapter 8 for client
integrity acceptance and continuance.
SAS 99: Consideration of Fraud in a
Financial Statement Audit
Overall Requirement
An audit should be planned and performed to obtain
reasonable assurance about whether the financial
statements are free of material misstatements,
whether caused by error or fraud.
An audit requires due professional care, which in turn

requires that the auditor exercise professional
skepticism.
Causes of Misstatements
Causes
Errors Fraud
Fraudulent Misappropriation
Financial of Assets
Reporting
Two Types of Fraud Considered in
an Audit
Fraudulent financial reporting (cooking the

books)--examples
Falsification of accounting records
Omissions of transactions
Misappropriation of assets--examples:
Theft of assets
Fraudulent expenditures
Professional Skepticism
An attitude that includes a questioning mind and a
critical assessment of audit evidence
The engagement should be conducted recognizing

possibility of material misstatement due to fraud
An auditor should not be satisfied with less than

persuasive evidence
Terminology Simplification
To simplify the display, we will abbreviate the
term used in the standard risk of material
misstatement due to fraud as follows:
Risk of material
misstatement = Risk of fraud
due to fraud
Fraud Conditions (Fraud
Triangle)
Incentive
(Pressure)
Opportunity Rationalization
(Attitude)
Examples of Risks Factors
for Fraudulent Reporting
1. Incentives/Pressures
Financial stability or profitability is threatened by

economic, industry, or entity operating conditions.
Excessive pressure exists for management
to meet debt requirements.
Personal net worth is materially threatened.
2. Opportunities
There are significant accounting estimates

that are difficult to verify.
There is ineffective oversight over
financial reporting.
High turnover or ineffective accounting internal
audit, or information technology staff exists.
3. Attitudes/Rationalization
Inappropriate or inefficient communication

and support of the entitys values is evident.
A history of violations of laws is known.
Management has a practice of making overly
aggressive or unrealistic forecasts.
Steps involved in Considering the
Risk of Fraud
1. Staff discussion
2. Obtain information needed to identify risks
3. Identify risks
4. Assess identified risks
5. Respond to results of assessment
6. Evaluate audit evidence
7. Communicate about fraud
8. Document consideration of fraud
Step 1Staff Discussion of the
Risk of Fraud
Brainstorm
Consider how and where financial statements

might be susceptible to fraud
Exercise professional skepticism
Step 2Obtain information
needed to identify risk of fraud
Inquiries of management, the audit committee,

internal auditors and others
Consider results of analytical procedures
Consider fraud risk factors
Consider other information
Step 3Identify Risks that may
Result in Fraud and Consider
Type of risk
Significance of risk (magnitude)
Likelihood of Risk
Pervasiveness of risk
Step 4Assess the identified risks after
considering programs and controls
Consider understanding of internal control
Evaluate whether programs and controls

address the identified risks
Assess risks taking into account this evaluation
Step 5Respond to Results of the
Assessment
As risk increases
Overall responses
More experienced staff
More attention to accounting policies
Less predictable procedures
Specific responses
Consider need to increase evidence by altering the
nature, timing and extent of audit procedures
Step 5Respond to Results of the
Assessment (concluded)
On all audits, the auditor should consider the

possibility of management override of controls and
examine:
Adjusting journal entries
Accounting estimates
Unusual significant transactions
Step 6Evaluate Audit Evidence
Assess risk of fraud throughout the audit

Evaluate analytical procedures performed as
substantive tests and at overall review stage
Evaluate risk of fraud near completion of
fieldwork
Respond to misstatements
Step 7Communicate about
Fraud
Communicate
All fraud to an appropriate level of management
All management fraud to audit committee
All material fraud to management and audit
committee
Determine if reportable conditions related to
internal control have been identified;
communicate them to the audit committee
Document Consideration of Fraud
Document steps 1 -7
Staff discussion
Information used to identify risk of fraud
Fraud risks identified
Assessed risks after considering programs and controls
Results of assessment of fraud risk
Evaluation of audit evidence
Communications requirements
If improper revenue recognition was not considered a
risk, why it wasnt
Relationship of Risk Factors,
Risk, and Evidence
Acceptable audit risk
D D I
Factors Planned Planned
Inherent I I
Influencing detection audit
risk
Risks risk evidence
I D
Control risk
D = Direct relationship; I = Inverse relationship
Changing the Audit in
Response to Risk
The engagement may require

more experienced staff.
The engagement will be reviewed

more carefully than usual.
Audit Risk for Segments
Both control risk and inherent risk

are typically set for each cycle,
each account, and often even
each audit objective, not for
the overall audit.
Relating Risk of Fraud to
Risk Model Components
The risk of fraud can be assessed

for the entire audit or by cycle,
account, and objective.
Specific response could include

revising assessments of acceptable
audit risk, inherent risk, and control risk.
Tolerable Misstatement, Risks,
and Balance-related Objectives
It is common to assess inherent and control

risk for each balance-related audit objective.
It is not common to allocate
materiality to objectives.
Measurement Limitations
One major limitation in the application

of the audit risk model is the difficulty
of measuring the components of the model.
Relationships of Risk
to Evidence
Acceptable Planned Amount of

Audit Inherent Control Detection Evidence
Situation Risk Risk Risk Risk Required
1 High Low Low High Low
2 Low Low Low Medium Medium
3 Low High High Low High
4 Medium Medium Medium Medium Medium
5 High Low Medium Medium Medium
Tests of Details of Balances
Evidence Planning Worksheet
Auditors develop various types of worksheets to

aid in relating the considerations affecting audit
evidence to the appropriate evidence to accumulate.
Revising Risks
and Evidence
The audit risk model is primarily a

planning model and is therefore of
limited use in evaluating results.
Great care must be used in revising
the risk factors when the actual results
are not as favorable as planned.
End of Chapter 9

Ak206 092173 629 14

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Ak206 092173 629 14

Transféré par

Droits d'auteur :

Formats disponibles

Materiality and Risk

The auditors responsibility is to

Step Estimate total

Step Estimate the Evaluating

This is necessary because evidence is

Net misstatement of the sample

Tolerable Direct Sampling

Mathematical analysis of the F/S

Auditors accept some level of risk

Nature of the clients business

Auditors gain an understanding of the

PDR = AAR (IR CR)

PDR = Planned detection risk

Auditors decide engagement risk and use

The degree of which external users

The auditors evaluation of

Factors Methods to Assess Risk

Factors Methods to Assess Risk

An audit requires due professional care, which in turn

Fraudulent financial reporting (cooking the

The engagement should be conducted recognizing

An auditor should not be satisfied with less than

Financial stability or profitability is threatened by

There are significant accounting estimates

Inappropriate or inefficient communication

Consider how and where financial statements

Exercise professional skepticism

Inquiries of management, the audit committee,

Consider results of analytical procedures

Consider fraud risk factors

Consider other information

Significance of risk (magnitude)

Consider understanding of internal control

Evaluate whether programs and controls

Assess risks taking into account this evaluation

On all audits, the auditor should consider the

Adjusting journal entries

Unusual significant transactions

Assess risk of fraud throughout the audit

The engagement may require

The engagement will be reviewed

Both control risk and inherent risk

The risk of fraud can be assessed

Specific response could include

It is common to assess inherent and control

One major limitation in the application

Acceptable Planned Amount of

Auditors develop various types of worksheets to

The audit risk model is primarily a

Vous aimerez peut-être aussi