A General Article about Risk.

(We at PATC do not conduct Audits on Annual Financial Statements as governed by IRBA however, we regularly advise, guide and make recommendations and or take on forensic work…)

Risks & Materiality
– Materiality is a fundamental concept in auditing. It means that misstatement, including omissions, are considered to be material if they, individually or in aggregate, could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements.
The main elements of materiality:-
• an omission or misstatement
• the auditor’s perception of the influence of such omission or misstatement on the economic decisions of users/shareholders.
• based on the information in the financial statements

– The concept of materiality is applied by the auditor in the following:-
a. planning the audit
b. performing the audit
c. evaluating the effect of identified misstatements on the audit and of uncorrected misstatements on the financial statements
d. forming and expressing an opinion in the auditor’s report

Reasons why it is important that the auditor shall determine materiality when planning an audit:-
• to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling him to express an opinion on whether the financial statements are prepared in all material respects, in accordance with an applicable financial reporting framework; and to report on the financial statements, and communicate as required by the ISAs, in accordance with the auditor’s findings.

Materiality and audit risk are considered throughout the audit, in particular, when:-
• Identifying and assessing the risks of material misstatement
• determining the nature, timing and extent of further audit procedures
• evaluating the effect of uncorrected misstatements, if any, on the financial statements and in forming an opinion in the auditor’s report
21 January 2017

Audit Risk

– It is the risk that the auditor may express an inappropriate audit opinion when the financial statements have been materially misstated. In other words the risk that the auditor will give an unmodified opinion when in fact a modified opinion should have been given.
– Because the auditor only gives reasonable assurance in the auditor’s report, there is always a risk that a material misstatement could be present in the financial statements. Therefore, the auditor must plan and perform the audit in such a way that audit risk is kept to an acceptably low level.
• Inherent Risk

– Is a component of the risk of material misstatement.
Examples:
1. Management may have a motive to misstate the financial statements in order to achieve budgets or inflate profit or to influence the share price on the stock exchange.
2. Valuation of intangible assets can be wrongly estimated.

• Control Risk

– is a function of the efficiency of the client’s system of internal controls. If the system of internal controls is functioning poorly, there is a major risk of the occurrence of fraud and error, which could cause the financial statements to be materially misstated.
Examples of control risks include the followings:-
a. the potential for management to override controls
b. inadequate segregation of duties
c. mistakes or errors made by personnel
d. carelessness in performing duties
e. the fact that internal control procedures may become inadequate because of changes in conditions

• Detection Risk

– is the risk that the procedures performed by the auditor will not detect a material misstatement that exists in the financial statements. Detection risk is determined by the effectiveness of the audit procedures and how well the auditor applies them. 21 January 2017
Examples of Detection risks:-
a. The audit team experiences time pressure or tight audit deadlines.
b. The audit team member lacks competence and application.
c. There is no consultation with senior staff when selecting and applying an audit procedure and interpreting the results of the test.

Conclusion
– Inherent and control risks are independent of the audit, whereas detection risk is directly related to the efficiency of the auditor’s procedures.
The interaction between the components of audit risk can be expressed mathematically as follows:
– Audit risk is a function of the risks of material misstatement (RMM) and detection risk (DR).
Audit risk = RMM X DR
(RMM = IR x CR)
There is an adverse relationship between detection risk and the combined level of inherent and control risk. When inherent and control risk are high , for example, the acceptable level of detection risk must be low in order to reduce the audit risk to an acceptably low level (additional audit procedures must be conducted).
However, if the inherent and control risks are low, the auditor could accept a higher detection risk and still reduce the audit risk to an acceptably low level. Because the client’s internal controls, accounting and internal control systems are so efficient that they should prevent/identify and timorously correct any material errors/omissions, the auditor can accept a higher detection risk.