MODULE NO-2

RISK ASSESSMENT ANDINTERNAL

CONTROL

Introduction

Audit risk is the risk that an auditor may issue an incorrect or misleading audit opinion
on a set of financial statements. Audit risk is the probability that the company’s financial
statements contain an error that is material to the company even though the same has been
verified and audited by the company’s auditor without any qualification concerning it.

Meaning of Audit Risk

Audit risk is the risk that auditors face, when they issue an incorrect opinion on the
financial statements, leading to the possibility that the statements are materially misstated. In
other words it is the overall risk that the auditor is willing to accept for issuing an audit
opinion.

Audit risk (also referred to as residual risk) as per International Standards on Auditing
(ISA) 200 refers to the risk that the auditor expresses an inappropriate opinion when the
financial statements are materiality misstated.

Audit risk is the risk that an auditor will not detect errors or fraud while examining the
financial statements of a client.

Definition of Audit Risk

Audit risk is defined as the risk of financial statements not being truly representative
of an actual financial position of the organization or a deliberate attempt to conceal the facts
even though audit opinion confirms that statements are free from any material misstatement.
This risk can have a bearing on shareholders, creditors, and prospective investors.

Components or Types of Audit Risk

1. Inherent risk (IR) is the risk involved in the nature of business or transaction. The
inherent risk could not be prevented due to uncontrollable factors, and it is also not found
in the Audit.

1
It is the susceptibility of an assertion in the financial transactions tomaterial
misstatements even in the absence of controls.

Example: transactions involving exchange of cash may have higher

inherent risk than transactions involving settlement by cheques.

2. Control risk (CR) is the risk that a misstatement may not be prevented or
detected and corrected due to weakness in the entity's internal
control mechanism. Control Risk is the risk of error or misstatement in
financial statements due to the failure of internal controls.

It is the risk that internal controls will fail to prevent or detect material
misstatements in the financial statements.

Example: control risk assessment may be higher in an entity

where separation of duties is not well defined

3. Detection risk (DR) is the risk of failure on the auditor’s part to detect any
errors or misstatements in financial statements, thereby giving an incorrect
opinion about the firm’s financial statements.

Example: Failure by Auditors to identify the company’s continuous

misreporting of financial statements.
Audit risk can be calculated as:
Audit risk (AR) = Inherent risk (IR) x Control risk (CR) x Detection
risk (DR)

Assessment of Risk

Risk assessment is the identification and analysis of relevant risks to the

achievement of an organization's objectives, for the purpose of determining how
those risks should be managed.
Risk assessment is the identification and evaluation of several aspects of an
entity whereby risks are identified and evaluated for use in guiding the audit
procedures that will be necessary in order to substantiate the amounts reported in
the financial statements.

2
Assessment process or process of Assessment

I. Understanding the entity and environment

a) Gain an understanding of the clients business, industry and operations.
b) Consider external factors that could impact the financial statements.

II. Identify Risks

a) Identify potential risks that could lead to material misstatements.

III. Assessing inherent risk

a) Evaluate the inherent risk for various accounts and assertions.
b) Assess factors such as complexity, subjectivity and susceptibility to fraud.

IV. Assessing control risk

a) Evaluate the effectiveness of internal controls.
b) Consider the design and operation of controls.

V. Determining detection risk

a) Determine the level of detection risk needed to achieve the desired result level
of audit.
b) Adjust detection risk based on the assessed inherent risk and control risk.

Internal Control

Meaning of Internal Control

Internal Control means “The whole system of controls, financial or

otherwise, established by the management in order to carry on the business of the
company in an orderly manner safeguard its assets & secure as far as possible the
accuracy & reliability of its record”.

3
 Internal control is a broad term with a wide coverage. It covers the control of
whole management system. Internal control involves a number of checks and
controls exercised in a business to ensure its efficient and economic working.

Definition of Internal Control

According to The American Institute of Certified Public Accountants,

“Internal control comprises of the plan of organization and all the coordinated
methods and measures adopted within a business to safeguard its assets, check the
accuracy and reliability of its accounting data to promote operational efficiency
and to encourage adherence to prescribed managerial policies.”

Objectives of Internal Control

1. To evaluate the efficiency of performance in the various activities of the
business.
2. To ensure orderly, efficient & economic conduct of the business.
3. To see that access to & use of assets are made only with proper authorization.
4. To safe guard the assets of the organization by preventing frauds, waste &
inefficiency.
5. To ensure that there is periodical verification & comparison of assets in
existence with those of accounting records & appropriate action is taken, when
there is any difference between the two.
6. To ensure that transactions are recorded in the proper books of accounts
regularly, correctly & systematically according to policies & procedures & the
accounts are accurate & reliable.

Internal Check

Meaning of Internal Check

It is the arrangement of the accounting duties under which the work of one
person comes under the scrutiny (ana1ysis) of another person, so that it is not
possible to commit fraud without collusion between two or more persons.

4
 Internal check is the valuable part of the internal control. It is an
arrangement of the duties of members of staff in such a manner that the work
performed one person is automatically and independently checked by the other.

Definition of Internal Check

According to F.R.M.De Paula, “Internal check means practically a

continuous internal audit Carried on by the staff itself, by means of which the work
of each individual is independently checked by other members of the staff.”

According to L.R Dicksee” Internal check is an arrangement of the

accounting routine that errors & frauds are automatically prevented or discovered
by the very operation of the book keeping itself’.

Objectives of Internal Check

1. To prevent the commission of any error or fraud by a clerk
2. To prevent the misappropriation of cash or goods by any clerk.
3. To throw responsibility on a particular clerk, when the fraud or mistake is
detected.
4. To detect a fraud or an error quickly & easily.
5. To have an accurate record of all business transactions.

Advantages of Internal Check

1. Proper Division of Work.

2. Efficiency and Economy.
3. Early Detection of Error and frauds.
4. Minimization of Error and Frauds.
5. Moral Influence on Staff.
6. Early Preparation of Final Account.
7. Increased Profitability.
8. Convince to Auditor.

5
Disadvantages of Internal Check
1. Decreased in Quality of Work.
2. Costly for the Small Business.
3. Create Confusion.
4. Chance of Collusions.

Fundamental Principles of Internal Check

1. The system of internal check should be simple, easily workable and effective.
2. The internal check system should not be too expensive. It should be economical
for the concern.
3. The authority, duties and responsibilities of the staff should be clearly defined
that is there should be proper division of responsibility or work among the
members of the staff.
4. The division of work among the staff members should be based on their
qualifications, area of specialisation, experience and capabilities.
5. There should be no over-lapping or duplication of work at any level.
6. The duties among the staff of the business should be changed from time to time
so that no staff should be engaged in a particular job for a long time.
7. Every member of the staff should be encouraged to go on leave at least once in
a year .This will help in detecting the concealed errors and fraud.
8. Works relating to purchases, purchase returns, sales, sales returns, allowances,
discounts, bad debts etc should be performed by responsible officials under
strict control.
9. There should be effective control over all purchases, receipts and issue of
goods.
10. The receipts and payments of cash should be entrusted to different persons.
11.All remittances received should be deposited into the bank either on the same or
on the next day.
12. The cashier should have no access to the ledgers.
13. All payments should be made by crossed cheque as far as possible.
14. The cash and the bank balances should be verified frequently by a responsible
official.
15. Safeguards should be prescribed for the safe custody of unused cheque books,
securities, confidential files etc.

6
16. The work of correspondence with the debtors and the creditors should be under
the charge of a responsible person.
17. The debtors and creditors of the business should be requested to send
statements of accounts the certain intervals to a responsible official.
18. All incoming letters, mails should be opened by a responsible official who
should enter all the letters, money orders, postal orders, cheques etc received in
a proper register.
19. The filing of vouchers should be done systematically either number wise or date
wise.
20. The system of internal check should be reviewed from time to time to ascertain
the loopholes and to introduce improvements.

Internal check as regards to payment of wages

To minimize the fraudulent manipulations of wage records, cash & the other
risks, the following internal check system can be adopted.

I. Maintenance of wage records

1. Time recording clock should be maintained for recording the time of workers
entering & leaving the place of work
2. If the workers are paid on the basis of piece wages system, proper books for
recording the actual work done by workers should be maintained.
3. If workers are allowed to work overtime, overtime slip must be issued to such
workers by the properly authorized official.
4. If any worker wants to go out of the factory, he should take written permission
from the authorized person.
5. If casual workers are also employed in the organization, a list of such workers
must be prepared by the foreman of each department. The list so prepared must be
certified by the officer, who is authorized to appoint casual workers.

7
II. Preparation of Wage Sheets:

The work of preparation of wage sheets should be done by a separate

department. This work should be done at least by four clerks, so that irregularities
may be minimized. For example two clerks should examine the time records, piece
wage records, overtime records etc. the third clerk should prepare individual
employee statements i.e. address of the worker, work done & rate of wages. The
fourth clerk should check the calculations & deduct the rent, provident fund,
income tax & installment of loans etc., from the gross wages to arrive at the net
amount to be paid to the workers. All these clerks should initial the wage sheets
before they are signed by the works manager.

III. Payment of wages

1. The cashier should withdraw the net amount as shown in the wage sheets.
2. The payment of wages must be made by a person, who is in no way concerned
with the preparation of wages sheets.
3. Each worker, who is to receive the wages should be present at the time of
disbursement.
4. The foreman of each department should be present at the time of payment to
identify the workers of his section.
5. The signatures of the workers must be obtained, when they receive the amount
of wages.
6. Special arrangement should be made to pay to the absentee workers.
7. A list of unpaid workers should be prepared by the cashier & foreman of each
department.
8. The officer employing casual workers should be connected with the payment of
wages
9. As far as possible casual workers should be paid wages on a day different from
the payment day of regular workers.
10. A surprise visit of a senior official, while the wages are disbursed will be an
effective measure of control.

8
Internal Check as regards to cash sales

For efficient working of sales department, its activities can be arranged in

the following manner:

I. Sales over the counter

1. For each counter, a separate salesman should be appointed to look after counter.
2. Each salesman should be given a separate sales memo book. Such books should
be of different colours for different counters.
3. The salesman when he sells the goods to the customers, he should prepare three
copies of cash memo. One copy should be retained for preparing sales summary &
the remaining two copies should be handed over to the customer & instruct the
customers to make payment at the cash counter.
4. The cashier, after having received the price of the goods from the customer,
should give one copy duly stamped as cash paid to the customer & other copy must
be retained by him.
5. At the end of the day, the cashier should prepare statement showing total cash
received & salesman should prepare sales summary to know the total sales. Then
both these statements should be sent to the officer in charge for verification.

II. Postal Sales:

1. A separate register should be maintained for recording sales made by (VPP)

value payable by post.
2. The goods returned should also be recorded in the value payable by post
register.
3. The total receipts on this account should be entered in the value payable by post
register.
4. Any advance received should be entered in the value payable by post register.

9
III. Sales by Travelling Agents

1. The travelling agents should be allowed to issue rough receipts to the customers
for cash received on the sale f the articles. Final receipts should be issued only by
the head office.
2. Agents should remit the entire proceeds to the head office or they should deposit
the cash daily in a bank.
3. Agents should not be allowed to deduct their commission out of sale proceeds
collected by them.
4. The agent should be asked to submit statements of sales & such statements
should be check in detail.
5. Head office should maintain a list of debtors & other customers. Reminders
should be sent to those customers who have not cleared their debts.

Internal Check as regards to cash Purchases

1. Requisition: The procedure for issuing purchase requisitions should be

specified. The head of the department, who is in the need of goods, should fill
in a requisition slip duly signed and then should send it to the purchases
department. The details about the quantity, quality and the time by which the
goods must be supplied be clearly mentioned in the requisition slip

2. Enquiry: Purchase department makes an enquiry about the terms and

conditions of purchases from different suppliers. For this purpose tender are
generally invited. But, who shall open and accept the tenders, should be clearly
specified. At a rule, the lowest tender should be accepted and accordingly a
decision be taken.

3. Purchase Order: The Purchase Department places orders which should be

recorded in the Purchase Order book. Four copies of purchase order should be
prepared. One copy will be sent to the vendor, second to the store department,
third copy to the Accounts department and fourth one will be retained by the

10
 purchase department itself. A responsible officer should review the purchase
order, before signing by the authorized person or director.

4. Receipt of Goods: On receipt of goods, the purchase department should be

properly inspecting them, and there after an entry in the goods inward (Receipt)
book, the same should be sent to the stores. Concerned department should be
informed about the receipt of the goods.

5. Making the Payments: The Purchase Department should thoroughly check the
invoices and send the same to accounting department for payment. The
accounting department should compare the invoice with the purchase order and
Incoming Inspection Report and should also verify the calculation. The
Accounts Department should enter the invoice in the Purchase Book. Only
responsible official should draw cheque for the payment of invoice. At the time
of signing, a signing authority must verify that correct payment is made. If
some portion of the goods is returned to the supplier, a proper entry must be
made in the Purchase Return Book. A Credit Note to that effect must be
obtained from the supplier and accounts section must adjust the payment
accordingly.

A good system of internal check with regard to purchase will prevent the following
types of irregularities, errors and frauds.
a) Fictitious Payment: Fictitious Purchase may be recorded in the purchase book
and the payments withdrawn may be misappropriated.
b) Double Payment: Some invoices may be recorded twice and double payment
made may be misappropriated.
c) Artificial inflation in profits: Goods purchased may not be entered in the period
so as to inflate profits.
d) Artificial reduction in profits: Goods not received in one period may be entered
as purchases so as to show profits less than the actual.

11