Risk, plays a large part in the world of Auditing. Audit risk, represents a risk to an auditor or an audit firm, as the risk of paying damages to a client may arise out of negligent work when trying to show a true and fair view of a set of company accounts.
All audit work involves some level of risk; this may be because a set of company accounts have been misstated due to error or fraud, or the auditor failed to detect the errors or fraud. In addition, these problems may have occurred due to inadequate sample sizes when determining the level of risk or the auditor’s failure to use proper auditing policies.
To evaluate the level of risk related to specific areas of the audit, three components can help. The first is Inherent risk where environmental factors, (background knowledge of the client and where past audits indicate no difficulties) are considered against whether or not they would lead to a material error, before considering the ‘function of internal controls’.
Next is Control risks were the ‘system of internal controls’ is assessed against the possibility of preventing material error, or detecting it in time using internal controls. Last is Detection risk where the auditor’s procedures may fail to detect a material error not picked up by the internal controls.
This report explains why the risk-based approach has become popular with external auditors and how it has been linked to materiality and sampling levels.
Findings Risk-Based Approach
The role of an external audit, no matter what type of organization it is, is to show a true and fair view of the company accounts and to abide by the auditing standards. Recently the risk-based approach has become as valued as auditing standards and adopted by most.
The reason for it becoming so popular is that this audit approach helps the auditor to evaluate the level of risk to a particular area of the audit, i.e. specific accounts and transactions. Consequently, auditors can ‘…avoid both over auditing and under auditing and can distribute work more evenly throughout the year.’ Grobstein and others (1985 p29).
Besides, focusing on the level of risk the risk-based method helps to evaluate and build value into the financial reporting process and the clients’ company. In order to do this, the auditor must have an up-to-date insight into the client’s business and activities.
This knowledge is gained through the way the client operates their business, management and internal and external environments. The knowledge gathered can help to design the audit program that includes ‘…the most effective and efficient combination of tests responsive to each client’s unique circumstances.’ Grobstein and others (1985 p29). For this reason, the risk-based approach is then superior to traditional auditing methods.
Although the new system of auditing has become more popular over the years there are obvious advantages and disadvantages that need to be considered. For example, the aims of this risk-based approach are to assess and identify the high-risk areas, while at the same time, the auditor is minimizing the risk of negligence.
Therefore, this can speed the audit up and help to allocate specialists to specific areas of the audit. However, this process can cause more time to be spent on the audit and raise costs, not making economic sense. Unfortunately, another problem faced by auditors when adopting the risk-based approach is when identifying high-risk areas, auditors must decide what evidence should be required and in how much detail.
Materiality An auditor’s duty is to give a fair and truthful view of a client’s set of company accounts, but auditors cannot guarantee that the company accounts are entirely free of errors and irregularities. Therefore, in their audit planning auditors must identify and assess the risk that they have not discovered, or will not discover material items. If an item is discovered, auditors must consider the context and presentation of the item and then decide whether it affects the true and fair view of the company accounts. The Statements of Auditing Standards, SAS 220 states that ‘Auditors should consider materiality and its relationship with audit risk when conducting an audit’.
Millichamp (2002 p300) suggests, in order to avoid materiality, it should be taken into account at the planning stage of an audit and re-evaluated if the outcomes of tests, enquiries or examinations differ from expectations. Millichamp (2002 p300-1) also suggests that materiality is fundamental to accounting and is a matter of professional judgement with both quality and quantity dimensions.
Auditing materiality is also known as tolerable error. Tolerable error is considered the maximum error in a population (sample size) that auditors are prepared to accept and still conclude that the audit objectives have been achieved. The level of tolerable error is normally determined at the planning stages. Throughout the audit, tests are then carried out on these levels; they ‘…provide evidence that the actual errors in the population are less than the tolerable error’. Millichamp (2002).
Sampling The objective of any sampling method is to draw conclusions from a large set of data. The objective of audit sampling is to establish with reasonable confidence that a number of factors are free from material misstatement. This means drawing conclusions from an entire set of data that may be a set of account balances (population) and then testing a representative sample of items (sampling units).
Nonetheless, it is not required of auditors to check all transactions and balances of a business, but they must be practical and be aware of materiality. It would take too long to complete a check; because by the time they had reached the public they would be history. In some cases, a 100%, a check is still necessary, for example, in high-risk areas.
There are two methods of sampling the first is judgement sampling; the auditor selects an appropriate sample based on what the auditor judges as desirable. Next is the more popular and objective of the two, statistical sampling. This method of sampling is more commonly used as a scientifically and mathematically appropriate sample is selected.
In order for the auditor to reach a conclusion based on the sample, he or she must select a sample that is ‘…representative of the underlying population’. Sherer & Turley (1998). Various methods can be used to select a representative sample, but all have a basic need to select a random sample.
When deciding on the appropriate sample sizes for any given population there are several factors to consider. Confidence levels must be taken into consideration when looking at the ‘…extent to which the auditor is justified in believing that the sample drawn at random reflects (with a stipulated range) the attributes of the population from which it was taken’. Woolf (1988).
Therefore, from the sample results and a given level of confidence, we can reasonably be assured that the error rate lies within certain boundaries, in addition this means that the auditor can never be 100% certain and confidence levels are seen to be complementary to risk. Furthermore, because an auditor cannot be 100% certain, there must be a measure for the potential error rate in the population. Determining the precision area depends on the auditor’s own assessment of the situation, we can see that confidence levels and precision are strongly interconnected.
Conclusion The audit risk approach has grown significantly in recent years. This is a result of auditing firms making their audit work more cost-effective, whilst still maintaining audit quality. Compared to the older substantive testing and system-based auditing, risk-based auditing takes account of substantive test risks and includes, inherent risk, control risk, detection risk and sampling risk as well as other risk tests not mentioned in this report (i.e. analytical control risk). This system of assessing risk and focusing the audit on the high-risk areas minimizes the auditor’s risk against paying damages to a client through negligent work.
Assessing the risk of material misstatement at the financial statement level as well as at the planning stage, adds to and clarifies the direction on performing a combined assessment of inherent, and control risk, leaving the ability for the auditor to assess other risk factors in an audit. This approach to auditing has also changed the view of substantive procedures performed by auditors.
For example, the use of statistical sampling has significantly reduced, but remains an important part of auditor’s substantive procedures ‘…and one they wish to ensure is efficient and effective’. Sherer & Turley (1998) Sherer & Turley (1998 p251) suggest that in order to improve the risk-based approach, ways must be identified ‘…in which auditors’ judgement of inherent risk and control risk can become more accurate and consistent’.
Grobstein M, Loeb S, Neary R, (1985) Auditing: A Risk Analysis Approach, Richard D. Irwin, Inc Millichamp A (2002) Auditing, 8th Edition, Continuum Sherer M, Turley S, (1998) Current Issues in Auditing, 3rd Edition, Paul Chapman Venables J.S.R, Impey K.M, (1991) Internal Audit, 3rd Edition, Butterworth & Co Woolf E (1988) Auditing Today, 4th Edition, Prentice Hall
Cite this page
This content was submitted by our community members and reviewed by Essayscollector Team. All content on this page is verified and owned by Essayscollector Team. All comments and user reviews are moderated by Essayscollector Team. In the case of any content-related problem, you can reach us through the report button.