100%(3)3 out of 3 people found this document helpful
This preview shows page 5 - 6 out of 8 pages.
by applying the procedures. Detection risk can arise for the following two reasons, each ofwhich the auditor has to address separately:1.Sampling risk:the risk that the sample is not representative of the population. This isthe risk that the auditor’s conclusion based on the sample used would be different hadthe entire population been subjected to the same audit procedure. Sampling risk can bereduced by increasing the sample size, but cannot be eliminated unless the entirepopulation is tested.2.Non-sampling risk:the risk of arriving at incorrect audit conclusions by failing to applyappropriate or effective audit procedures. This risk exists even if the auditor applies theaudit procedures to the entire population. Non-sampling risk can be controlled throughthe use of quality-control procedures and by adhering to the auditing standards.Assessment of audit riskAudit risk can be sometimes thought of as a formula: AR = CR x IR x DR. Risk analysis andaudit planning can be thought of as:Keep audit risk constant.Adjust DR to take account of IR and CR.When IR or CR is higher, DR must be lower.In every audit, risk needs to be assessed. The relative level of risk influences the auditevidence required. Before issuing an opinion the auditor needs to consider whether theachieved level of audit risk is satisfactory based on the level set during the planning phase. Ifthe achieved audit risk is greater than the planned audit risk, the auditor needs to considerwhether to reassess the required audit risk or to lower the detection risk by gathering furtheraudit evidence. If the achieved audit risk is equal to or less than the planned audit risk level,then the auditor can issue an unmodified auditor’s opinion.Business riskDefined as ‘the risk that an entity’s business objectives will not be attained as a result of theexternal and internal factors, pressures, and forces brought to bear on the entity, and,ultimately, the risk associated with the entity’s survival and profitability. The auditor musthave extensive knowledge about the nature of the client’s business and industry in order todetermine whether financial report assertions are valid. The auditor must understand thebusiness risks faced by the client in addition to understanding the risks that affect thetraditional processing and recording of transactions. Types of audit testsTests of control:tests of control are performed to obtain evidence about either;1. The effectiveness of the design of the policies or procedures in internal control.2.Theoperatingeffectivenessofthosepoliciesorprocedures.These tests may produce evidence to support a lower assessed level of control risk. Substantive tests:are performed to obtain evidence about the validity and the propriety ofthe accounting treatment of transactions and balances or, conversely, of errors orirregularities therein. These tests reduce detection risk. There are two general subcategoriesof substantive tests: analytical procedures and tests of details.