- This topic has 7 replies, 3 voices, and was last updated 10 years ago by
.
- Posts
Hello,
I am confused with the test of controls and Audit risk … if you could help me out i would be thankfull.
The confusion is after knowning what the clients systems of controls are what is the work of auditor .
More over what do we have to do in AUDIT RISK….??Audit risk is the risk that the auditor gives the wrong opinion.
It depends on inherent risk, control risk and detection risk. If the auditor feels that the audit risk is high then they can lower the detection risk by doing more audit work.
The client’s system of internal control determines the control risk. If the internal control is poor, audit risk will be higher because the client’s system will not be likely to prevent or detect problems. In such a case more audit risk will have to be done.
Audit Risk & Test of Controls are different things
Test of Control :
An audit procedure designed to evaluate the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at the assertion level.In simple words, these test the system to ensure that controls are operating as they should. These tests do not care about monetary value.
Example: Purchase System:
Consider the audit reviews of a company’s purchases system and internal controls, (To confirm that recorded purchases represents goods & services received)
Control: An appropriate control would be that purchase orders are raised for each purchase and are authorised by appropriate senior personnel.
Test of Control: Examine a sample of purchase orders to ensure that they have been appropriately authorised, and a ‘yes’ answer is good, confirming that the internal control requiring authorisation of purchase orders is working, or alternatively a ‘no’ answer indicated that the internal control does not appear to be working. Hence requiring further audit investigation.Audit Risk: The risk that auditor expresses an inappropriate audit opinion when the financial statements are materially misstated. Audit risk is function of material misstatement & detection risk. There are three sub components
Inherent Risk (IR): This is the risk of material misstatement coming into existence due to the internal and external factors related to the clients.
Control Risk (CR): This is the risk that material misstatement being unprevented by the system.
Detection Risk (DR): This is the risk of the same material misstatement being undetected by the auditor.That sums it
Audit Risk: Audit risk is the combined risk of a material misstatement first occuring (IR) then getting by the system unprevented (CR) and then getting past the auditor undetected (DR) and into the financial statements. In other words, its the risk that the audit opinion is wrong.
Thanks alot 🙂 its Helpfull.
But in Audit risk what additonal Audit work should the auditor perform …
For example: In Test of COntrols the auditor after knowning the controls checks where they are functioning approprately as wrttien above for purchases the Auditor will check Authorisation etc.
But what about audit Risk ????? how do we write in exam like do we have to consider the financial statement in a scenario based Question.. ??? when dealing with AUDIT RISK questions in Scenario how should one do ???If the Auditor believes that the controls are strong and proved to be strong with test of controls then the auditor will go for controls approach.
Controls Approach: This involves doing first test of controls followed by reduced substantive procedures.
However, if the auditor believes that controls are weak or they are proved weak with test of controls auditors will adopt substantive approach.
Substantive Approach:
This approach goes directly for the numbers which are substantiated by pure substantive procedures.By Additional work it means that auditor will not rely on controls and now have increase the volume of testing by increasing sample sizes
and for audit risk here is the link from ACCA, it will be helpful for you.
Even if controls are very strong, they are never relied upon exclusively as they do not guarantee that the FS are free of material miss-statement (error, collusion etc), so some substantive work is always done. However, if controls are strong the substantive work can be much less than if the controls are weak.
- You must be logged in to reply to this topic.