Assessing the Risk of Material Misstatement Chapter 9 Assessing the Risk of Material Misstatement

Phil Under which auditing approach(es) are auditors required to obtain an understanding of the internal controls?

Deidre Which Auditing Standard requires auditors to obtain an understanding of the internal controls?

planning phase we are always required to obtain an understanding of the Internal Control to identify & assess the RoMM risks of material misstatement, whether due to fraud or error, at the financial statement and relevant assertion levels through understanding the entity and its environment, including the entity's internal control, thereby to provide a basis for designing and implementing responses to the assessed RoMM.

Monica Under which audit approach(es) are auditors required to obtain sufficient appropriate audit evidence?

Bryn Which Auditing Standard requires auditors to obtain sufficient appropriate evidence?

AU 500 Audit Evidence .04 The objective of the auditor is to design and perform audit procedures that enable the auditor to obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to base the auditor's opinion.

PJ How do we obtain audit evidence?

Dannia What is the definition of audit risk?

Audit risk. The risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.

What is the definition of Materiality? Sean What is the definition of Materiality?

Performance Materiality tolerable error tolerable misstatement The allocation of the preliminary judgment about materiality to segments (account balances or classes of transactions)

Collin Name 2 Significant Classes of Transactions ? Describe a Transaction Cycle?

Class of Transactions Accounts receivable xxx.xx Sales xxx.xx Revenue & Collection Cycle Cash xxx.xx

Audit Risk Model

What are the elements of the “Audit Risk Model”? Torri What are the elements of the “Audit Risk Model”?

Risk of Material Misstatement Materiality and Risk Page 269 (237) the Audit Risk Model AAR = IR * CR * PDR Risk of Material Misstatement RoMM = combines IR * CR

Audit Risk Model

Paloma Which Component(s) of Audit Risk are auditors able to reduce? Which Component(s) of Audit Risk are auditors unable to reduce?

environmental client auditor

Obtain engagement Understand the client AU 315 Analytical procedures Understand the internal controls Risk assessment Testing AU 500 Tests of controls (transactions) Substantive tests of transactions Substantive Analytical procedures Substantive tests of details of balances Reporting AU 700

The mathematical relationship Aidan Describe the relationship between Control Risk and the planned level of Detection Risk? The mathematical relationship

Hanna What type of audit procedures will we perform to obtain appropriate evidence that controls are effective?

Abby What type of audit procedures will we perform to reduce Detection Risk to a low level?

What is the definition of Control Risk Alice What is the definition of Control Risk

Control risk. The risk that a misstatement that could occur in an assertion about a class of transaction, account balance, or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity's internal control.

Cory What is the definition of Planned Detection Risk

Planned Detection risk Planned Detection risk. The risk that the audit evidence for a segment will fail to detect misstatements exceeding tolerable misstatement.

Detection risk. The risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements.

Patrick If we assess CR = Low, what does that tell us about the level of PDR …. ? If we assess CR = High, what does that tell us about the level of PDR …. ?

Devin If we assess CR = Max, what does that imply about the effectiveness of the Internal Controls?

Sirinad If we assess CR = Low, what does that imply about the effectiveness of the Internal Controls?

Max D If we assess Control Risk as Low, our audit procedures would need to generate evidence that demonstrates ?????

Carolyn If PDR = High, what does that imply about Control Risk …. ? If PDR = Low, what does that imply about Control Risk …. ?

preliminary Control Risk assessment significant classes of Transactions occur complete accuracy classify cutoff Credit sales Low Max Cash receipts Payroll Cash Disburse Purchasing

when we assess Control Risk less than Max Credit Sales Transactions Control activity Test of Control Proc Results Of ToC Occur Low Complete Low Accuracy Low Classification Low Cutoff Max Max

High Risk Areas and Transactions

1. Related Party Transactions 2. Non Routine Transactions 3. Judgement -Actg Estimates 4. Complex Transactions

1. Related Party Transactions high risk

Related Party Transactions high risk - page 228 & 276 (196 & 244) any party with which the audit client deals, where one of the parties can influence the management or operating policies of the other. Related parties can structure transactions to conceal problems in the financial statements

2. Non Routine Transactions high risk

3. Judgement -Actg Estimates

Auditing accounting estimates high risk p. 268 (245) (judgment required) Keep track of differences

Auditing accounting estimates With estimates, there often is no right answer Keep track of differences between the estimate and what auditor finds reasonable Evaluate differences taken together

4. Complex Transactions high risk page 220 (188) - ENRON

Marisela What is the definition of Professional Skepticism ?

An attitude that includes a questioning mind, being alert to conditions that may indicate possible misstatement due to fraud or error, and a critical assessment of audit evidence.

Effectiveness of Internal Controls and Audit Approaches

for private companies non-SEC companies not covered by Sarbanes-Oxley

Adam After evaluating the design of the controls you do not believe the client’s controls would prevent, or detect and correct misstatements even if properly implemented You believe the controls are INeffective How will you preliminarily assess CR ?

David After evaluating the design of the controls you do not believe the client’s controls would prevent, or detect and correct misstatements even if properly implemented You believe the controls are INeffective You preliminarily assess CR = High Which audit approach will you take?

Alyssa You believe it would cost less to perform $ubstantive Test$ < Tests of Contols which audit approach will you take ?

Karly Which types of audit tests will you perform Tests of Controls evaluate design of controls Tests of Controls test operating effectiveness none some extensive Substantive Tests analytical procedures test of details of account balances none limited extensive

Kelsey After evaluating the design of the controls you do not believe the client’s controls would prevent, or detect and correct misstatements even if properly implemented You believe the controls are INeffective How will you preliminarily assess CR ?

Max M After evaluating the design of the controls you do not believe the client’s controls would prevent, or detect and correct misstatements even if properly implemented You believe the controls are INeffective You preliminarily assess CR = High Which audit approach will you take?

Lauren You believe it would cost less to perform Tests of Contols < $ubstantive Test$ which audit approach will you take ?

Tessie Which types of audit tests will you perform Tests of Controls evaluate design of controls Tests of Controls test operating effectiveness none some extensive Substantive Tests analytical procedures test of details of account balances none limited extensive

Mason After evaluating the design of the controls you believe the client’s controls would prevent, or detect and correct misstatements if properly implemented You believe they would be Effective if implemented How will you preliminarily assess CR ?

Lety After evaluating the design of the controls you believe the client’s controls would prevent, or detect and correct misstatements if properly implemented You believe they would be Effective if implemented You preliminarily assess CR = Low Which audit approach will you take?

Sallyanne You believe it would cost less to perform Tests of Contols than $ubstantive Test$ which audit approach will you take ?

Neda Which types of audit tests will you perform Tests of Controls evaluate design of controls Tests of Controls test operating effectiveness none some extensive Substantive Tests analytical procedures test of details of account balances none limited extensive

After evaluating the design of the controls you believe the client’s controls would prevent, or detect and correct misstatements if properly implemented You believe they would be Effective if implemented

Courtney You believe it would cost less to perform $ubstantive Test$ than Tests of Contols which audit approach will you take ?

Garland Which types of audit tests will you perform Tests of Controls evaluate design of controls Tests of Controls test operating effectiveness none some extensive Substantive Tests analytical procedures test of details of account balances none limited extensive

for private companies non-SEC companies not covered by Sarbanes-Oxley

Must do extensive Subst Tests preliminarily assess Subst Tests Less costly than ToC controls effective (CR =Low) extensive limit subst tests => analytical procedures ineffective (CR = MAX) Must do extensive Subst Tests

Understand internal controls Document understanding Evaluate the design of the controls Preliminarily assess control risk Document prelim CR assessment If CR < Low & $ToC < $Sub$t Tests Design and perform ToC Document results of ToC and CR assessment Design and perform limited Subst Tests Document results of Subst Tests If CR = Max or $Sub$t < $ToC Design and perform extensive Subst Tests

for public companies SEC companies covered by Sarbanes-Oxley

Dana After evaluating the design of the controls you believe the client’s controls would prevent, or detect and correct misstatements if properly implemented You believe they would be Effective if implemented How will you preliminarily assess CR

Parker After evaluating the design of the controls you believe the client’s controls would prevent, or detect and correct misstatements if properly implemented You believe they would be Effective if implemented You preliminarily assess CR = Low Which audit approach will you take?

Cameron You believe it would cost less to perform Tests of Contols than $ubstantive Test$ which audit approach will you take ?

Christopher Which types of procedures will you perform evaluate design effectiveness Tests of Controls test operating effectiveness none some extensive Substantive Tests analytical procedures test of details of account balances none limited extensive

Joey After evaluating the design of the controls you do not believe the client’s controls would prevent, or detect and correct misstatements even if properly implemented You believe the controls are INeffective How will you preliminarily assess CR ?

Ben After evaluating the design of the controls you do not believe the client’s controls would prevent, or detect and correct misstatements even if properly implemented You believe the controls are INeffective You preliminarily assess CR = High Which audit approach will you take?

Jared You believe it would cost less to perform $ubstantive Test$ < Tests of Contols which audit approach will you take ?

Jillian Which types of audit tests will you perform Tests of Controls evaluate design of controls Tests of Controls test operating effectiveness none some extensive Substantive Tests analytical procedures test of details of account balances none limited extensive

analytical procedures preliminarily assess Subst Tests Less costly than ToC controls effective (CR < Low) can limit subst tests analytical procedures ineffective (CR = MAX) must do some ToC Extensive Subst Tests Tests of Details

Understand internal control structure Document understanding Evaluate the Design Effectiveness of ICS Design and perform ToC to assess CR Document results of ToC and CR assessment If CR > Low Design and perform extensive Subst Tests Document results of Subst Tests

Evaluation of Sample Results Critical Value = μ + Zβ* Sx/√n 2,295.47 + 1.04 *1,390.09 / √ 44 = 2,513.42 We are unable to conclude that Accounts Receivable is not materially overstated because the sample mean of $2,425.56 is less than the $2,513.42 critical value.