Auditing in a Changing Environment:. Risk Assessment & Response. Presenter: Everton Ferguson, Senior Manager, Advisory Services – Ernst & Young. Content. Risk Assessment and Response Risk Assessment Fraud Risk Response Relying on the work of others. Risk Assessment.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Risk Assessment and Response
Relying on the work of others
As required by ISA 315, the auditor should obtain an understanding of the entity and its
environment, including its internal control, sufficient to identify and assess the risks
of material misstatement of the financial statements whether due to fraud or error.
The auditor’s understanding of the entity and its environment consists of
an understanding of the following aspects:
The term “error” refers to an unintentional misstatement in financial statements, including
the omission of an amount or a disclosure, such as the following:
recognition, classification, presentation or disclosure.
The term “fraud” refers to an intentional act by one or more individuals among
management, those charged with governance, employees, or third parties, involving the
use of deception to obtain an unjust or illegal advantage. Although fraud is a broad legal
concept, for the purposes of this ISA, the auditor is concerned with fraud that causes a
material misstatement in the financial statements.
In accordance with ISA 240, in planning and performing the audit to reduce audit risk to
an acceptably low level, the auditor should consider the risks of material misstatements
in the financial statements due to fraud.
As part of this work the auditor performs the following procedures to obtain information
that is used to identify the risks of material misstatement due to fraud:
create pressure to commit fraud;
create an incentive to commit fraud; and
Consideration of Fraud Risk Factors
Although a fraud risk may be greatest when all three fraud conditions are observed or evident, we cannot assume that the inability to observe one or two of these conditions means there is no fraud risk.
Risk Factors Relating to Misstatements Arising from Fraudulent Financial Reporting
industry, or entity operating conditions as indicated by significant declines in customer
demand and increasing business failures in either the industry or overall economy.
to engage in fraudulent financial reporting due to assets, liabilities, revenues, or
expenses based on significant estimates that involve subjective judgments or
uncertainties that are difficult to corroborate.
analysts, creditors, and other third parties to achieve overly aggressive or unrealistic
management or employees with access to cash or other assets susceptible to theft to
misappropriate those assets.
of assets to misappropriation. For example, large amount of cash, assets that are
easily convertible or small items of fixed assets.
related to misappropriations of assets. Or behavior indicating displeasure or
dissatisfaction with the entity or its treatment of employees.
Examples of Circumstances that Indicate the Possibility of Fraud:
assessment procedures and by considering the classes of transactions, account
balances and disclosures in the financial statements;
that the risk might give rise to multiple misstatements and the likelihood of the risk
professional skepticism and a response involving more general considerations apart
from the specific procedures otherwise planned.
extent of audit procedures to be performed.
address the risks of material misstatement due to fraud involving management override
of controls, given the unpredictable ways in which such override could occur. For
extent of audit procedures.
As required by ISA 330, the auditor, based on the audit procedures performed and the
audit evidence obtained, evaluates whether the assessments of the risks of material
misstatement at the assertion level remain appropriate.
to prevent and detect fraud;
statements may be materially misstated as a result of fraud;
fraud, affecting the entity’s financial statements communicated by employees, former
employees, analysts, regulators or others.
in the context of the specific assignment.
evidence, that the work of the other auditor is adequate for the principal auditor’s
purposes, in the context of the specific assignment.
to identify and assess the risks of material misstatement of the financial
statements and to design and perform further audit procedures.
internal auditing is relevant to the external auditor’s risk assessment.
external auditor should evaluate and perform audit procedures on that work to confirm
its adequacy for the external auditor’s purposes.
professional body; and
ISA 620 - Using the Work of an Expert , Continued
If the results of the expert’s work do not provide sufficient appropriate audit evidence or if the results are not consistent with other audit evidence, the auditor should resolve the matter. This may involve discussions with the entity and the expert, applying additional audit procedures, including possibly engaging another expert, or modifying the auditor’s report.
Reference to an Expert in the Auditor’s Report :
When issuing an unmodified auditor’s report, the auditor should not refer to the work of an expert. Such a reference might be misunderstood to be a qualification of the auditor’s opinion or a division of responsibility, neither of which is intended.