1 / 87

Presentation Objectives

The Risk Assessment Standards A High Level Overview by Chuck Landes, CPA AICPA VP Professional Standards. Presentation Objectives. Discuss the background and the reasons why the SASs were issued. Discuss how the SASs affect existing practice. Provide an overview of the SASs.

mahala
Download Presentation

Presentation Objectives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Risk Assessment Standards A High Level Overviewby Chuck Landes, CPAAICPA VP Professional Standards

  2. Presentation Objectives • Discuss the background and the reasons why the SASs were issued. • Discuss how the SASs affect existing practice. • Provide an overview of the SASs.

  3. Risk Assessment Standards • The risk assessment standards consist of: • SAS No. 104, Amendment to Statement on Auditing Standards No. 1 • SAS No. 105, Amendment to Statement on Auditing Standards No. 95, Generally Accepted Auditing Standards • SAS No. 106, Audit Evidence • SAS No. 107, Audit Risk and Materiality in Conducting an Audit (Audit Risk and Materiality) • SAS, No. 108, Planning and Supervision • SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement (Assessing Risks) • SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained (Performing Procedures) • SAS No. 111, Amendment to Statement on Auditing Standards No. 39, Audit Sampling

  4. Risk Assessment Standards • Why issued? The ASB believes that the SASs represent a significant strengthening of auditing standards which in turn will improve the quality of audits conducted under these standards • Much of SAS 99 theory originated in our deliberations over risk assessment standards

  5. Background The objectives of the SASs are to improve audit effectiveness by requiring: • A more in-depth understanding of the entity and its environment, including its internal control. • More rigorous assessment of the risks of material misstatement (whether caused by error or fraud) of the financial statements. • A linkage between the assessed risks and the nature, timing, and extent of audit procedures performed in response to those risks.

  6. Risk Assessment Standards • Enhances the auditor’s application of the audit risk model in practice by requiring: • More in-depth understanding of the entity and its environment, including its internal control to better understand where risks of misstatements are higher • May require greater understanding of internal control design and implementation of controls • Ability to default to maximum control risk assessment removed • Improved linkage between the assessed risks and the nature, timing, and extent of audit procedures performed

  7. Risk Assessment Standards • Enhances the auditor’s application of the audit risk model: AR = [CR x IR] x DR [CR x IR] = RMM AR = Audit Risk CR = Control Risk IR = Inherent Risk DR =Detection Risk RMM = risk of material misstatement

  8. Risk Assessment Standards • Internal Control Framework is unchanged

  9. Risk Assessment Standards New requirement – auditors should obtain a sufficient understanding of internal control over financial reporting to: • Assess strength of design of controls • Determine whether controls were placed in operation

  10. Risk Assessment Standards • The auditor should assess the risks of material misstatement at the financial statement level and at the relevant assertion level on all audits based on the understanding obtained

  11. Risk Assessment Standards • New Assertion Framework

  12. Risk Assessment Standards • Identifying risks through considering • The entity and its environment, including its internal control • Classes of transactions, account balances, and disclosures • Relating the identified risks to what could go wrong at the relevant assertion level • Significant risks1 1SAS 109, Assessing Risks, paragraphs 102-121

  13. Risk Assessment Standards

  14. Risk Assessment Standards • Testing of controls is encouraged • The requirement to link assessed risks and the audit procedures responsive to those risks is improved • Risk assessment is a continuous process, not a series of discrete stages

  15. Risk Assessment Standards • Perform further audit procedures that are clearly linked to risks at the relevant assertion level by: • Performing tests of the operating effectiveness of controls • Performing substantive procedures • Evaluating the adequacy of presentation and disclosure1 1SAS 110, Performing Procedures SAS, paragraphs 23-68 • Evaluate whether sufficient competent audit evidence has been obtained2 2SAS 110, Performing Procedures, paragraphs 70-76

  16. Risk Assessment Standards • Greater emphasis is placed on testing of disclosures • Guidance on evaluating audit findings is clarified and expanded • Documentation requirements are significantly expanded

  17. Significant Changes to Existing Practices • Identifying and assessing the risks of material misstatements at both the financial statement level and the relevant assertion level by performing risk assessment procedures. • Designing and performing tailored further audit procedures responsive to assessed risks at the relevant assertion level • Linkage of audit procedures to the risk of material misstatement.

  18. Overview of SASs SAS No. 104, Amendment to SAS No. 1 • SAS No. 104 expands the definition of “reasonable assurance” as a “high level of assurance”

  19. Overview of SASs SAS No. 105, Amendment to SAS 95, Generally Accepted Auditing Standards • “Internal control” is replaced by “the entity and its environment, including its internal control” • “Further audit procedures” replaces “tests to be performed” • “Audit evidence” replaces “evidential matter” • Reflects new usage of terms required by SAS No. 102.

  20. Overview of SASs SAS No. 106, Audit Evidence (Amends SAS 31) “The auditor must obtain sufficient audit evidence by performing audit procedures to afford a reasonable basis for an opinion regarding the financial statements under audit.”

  21. Overview of SASs SAS No. 106, Audit Evidence • Audit evidence is all the information used by the auditor in arriving at the conclusions on which the audit opinion is based and includes: • Entity’s accounting records, • Confirmations, • Minutes, • Industry reports, • Audit procedures such as inquiries, observations, inspections, etc.

  22. Overview of SASs SAS No. 106, Audit Evidence • Audit Procedures • Risk Assessment Procedures • Inquiries • Analytical procedures • Inspection and observation • Further Audit Procedures • Test of controls • Substantive procedures • Test of details • Substantive analytical procedures

  23. Overview of SASs SAS No. 106, Audit Evidence • The use of assertions in obtaining audit evidence – these are management’s implicit or explicit assertions regarding the recognition, measurement, presentation and disclosure of information in the financial statements and related disclosures.

  24. Overview of SASs SAS No. 106, Audit Evidence (continued) • Categories of Assertions • Classes of transactions • Account balances • Presentation and disclosure

  25. Overview of SASs SAS No. 107, Audit Risk and Materiality (Amends SAS 47) “The auditors should perform the audit to reduce audit risk to a low level that is (in his or her judgment) appropriate for expressing an opinion on the financial statements.”

  26. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • The auditor should consider audit risk at both: • Overall financial statement level • Assertion level

  27. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • Financial statement level risks include, for example: • Fraud • Incompetent management • Related party transactions

  28. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • At the account balance, class of transactions, or disclosure level, audit risk consists of: • Combined risk assessment, which consists of: • Inherent risk • Control risk • Detection risk

  29. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • The auditor should assess the risk of material misstatement at the relevant assertion level as a basis for further audit procedures. • The auditor should have an appropriate basis for this assessment.

  30. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • The determination of materiality is a matter of professional judgment.

  31. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • The auditor determines materiality to: • Perform risk assessment procedures, • Identify and assess the risks of material misstatement, • Design and perform further audit procedures, • Evaluate whether the financial statements taken as a whole are presented fairly.

  32. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • An auditor uses benchmarks to determine materiality. Examples are: • Total revenues • Profit before taxes • Total assets • Net assets

  33. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • Tolerable Misstatement (or error)—is the maximum error in a population (e.g., the class of transactions or account balance) that the auditor is willing to accept. • Tolerable misstatement is used to design substantive procedures.

  34. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) Example of the use of tolerable misstatement in designing substantive procedures:

  35. Overview of SASs Example of the use of tolerable misstatement (continued):

  36. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • The auditor should reassess the materiality determined during the planning process. Failure to do so may result in inadequate audit procedures.

  37. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • The auditor must accumulate: • Known misstatements - these are specific misstatements arising from the incorrect selection or misapplication of accounting principles or misstatements of facts identified during the audit. • Likely misstatements – these are misstatements that include: • Audit differences involving auditing estimates and • Projected misstatements based on extrapolation of audit evidence.

  38. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) Auditor’s responses to identified misstatements

  39. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • Evaluating audit findings – the auditor must consider the effect (individually and in the aggregate) of misstatements (known and likely) identified by the auditor that are not corrected by management.

  40. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • Iron Curtain vs. Rollover • The SEC has undertaken a project to study this issue and its findings are expected soon. • Guidance in SAS No. 107 is neutral until accounting is settled.

  41. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • Qualitative considerations. Examples are: • Potential effect on trends • Changes bottom line • Potential effect on loan covenants • Increases management’s compensation • Likelihood that misstatement may become material in future periods

  42. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • Other considerations: • Management’s bias • Undetected misstatements

  43. Overview of SASs SAS No. 107, Audit Risk and Materiality (continued) • Documentation • Levels of materiality and tolerable misstatements, including changes thereto, and the basis used. • Uncorrected misstatements (known and likely) • Conclusion on uncorrected misstatements • Misstatements identified by auditor and corrected by management Uncorrected misstatements should be documented in a manner that: • identifies known and likely, including misstatements identified in prior periods • aggregates effect of misstatements • demonstrates qualitative considerations.

  44. Overview of SASs SAS No. 108, Planning and Supervision (Amends SAS 1 and SAS 22) “The auditor must adequately plan the work and must properly supervise any assistants.”

  45. Overview of SASs SAS No. 108, Planning and Supervision (continued) • SAS No. 108 discusses: • Appointment of the independent auditor, • Establishing a written understanding with the client, • Preliminary engagement activities, • The overall audit strategy, • The audit plan, • Determining the extent of involvement of specialists, • Additional considerations in initial audit engagements.

  46. Overview of SASs SAS No. 109, Assessing Risks “The auditor must obtain a sufficient understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures.”

  47. Risk Assessment Overview NewProcess Inquiries Analytical Procedures Brainstorming Fraud Risk Factors Other Risk Assessment Respond

  48. Overview of SASs SAS No. 109, Assessing Risks (continued) • Risk assessment procedures and sources of information about the entity and its internal control are: • Inquiries • Analytical procedures • Observation and inspection • Discussion among audit team

  49. Overview of SASs SAS No. 109, Assessing Risks (continued) • Inquiries of management may be directed toward: • External parties – for example, legal counsel, bankers, valuation experts, etc. • Internal – for example those charged with governance, internal audit, employees other than accounting personnel, in-house counsel, etc.

  50. Overview of SASs SAS No. 109, Assessing Risks (continued) • Analytical Procedures • Use guidance of SAS 56, Analytical Procedures • Helpful In identifying unusual transactions or events • Assist in determining amounts, ratios, trends in the financial statements

More Related