Significant inherent risks arise in most audits, but determining those risks is a matter of the auditor’s professional judgment and excludes the auditor’s consideration of internal controls. In identifying significant inherent risks the auditor considers matters such as: Whether the risk is a risk of fraud. Whether the risk is related to recent economic, accounting, or other developments that require special attention. The complexity of the transactions that may give rise to the risk.
124 Whether the risk involves significant transactions with related parties. The degree of subjectivity in the measurement of financial information related to the risk. Whether the risk involves significant non-routine or unusual transactions. Whether the risk involves judgmental matters. Significant business risks are often significant inherent risks.
125 Phase III: Respond To Assessed Risks When the auditor identifies risks that may result in a material misstatement in the financial statements, he or she must develop appropriate responses to such risks to ensure that audit risk is maintained at an appropriately low level. In planning the audit, it is important to develop a clear link between the assessed risks of material misstatement and the auditor’s planned response to obtain reasonable assurance that the financial statements are free of material misstatements.
126 The auditor usually responds to assessed risks with a variation of four major responses. Common responses to assessed risks include decisions about the: Staffing and supervision of the audit Nature of audit tests − Risk assessment procedures − Test of control − Substantive tests • Initial procedures • Substantive analytic procedures • Tests of details of transactions • Tests of details of balances • Tests of details of accounting estimates • Tests of details of disclosures Timing of audit tests Extent of audit tests Respond to Significant Inherent Risks
127 Phase IV: Perform Further Audit Procedures In general, the auditor’s responsibility is to assess the risk of material misstatement, to develop an audit plan to respond to the risk of material misstatement and obtain reasonable assurance, and to execute that audit plan with due professional care. In Phase IV, the auditor performs further audit procedures to execute that plan. Further audit procedures include performing: Further risk assessment procedures. Tests of controls. Substantive tests.
128 Further Risk Assessment Procedures The audit is a cumulative and iterative process. In the process of performing tests of controls, the auditor may obtain evidence that contradicts preliminary risk assessments or prior understandings of the system of internal controls. These conditions might cause the auditor to perform additional risk assessment procedures to more fully understand the underlying risks within an entity.
129 Tests of Controls The auditor performs tests of control to obtain evidence about the effective operations of internal controls relevant to an assertion. When planning the audit, the auditor usually
- Fall '16