MODULE 5

Audit Risk: auditor gives wrong opinion of FS cuz they are incorrect.
Business Risk: business risk is the chance that something could go wrong and
harm a company's goals, which might also impact audit risk.
Detection Risk: risk that auditor will not detect misstatements.
Inherent Risk: risk how likely statement could be wrong with no controls in it.
Control Risk: even with internal controls, a chance that an error could not be
caught.
Risk based audit process:-
1. Assessing risk
2. Collecting evidence
3. Forming opinion
4. Reporting
Extending Risk-Based Auditing means looking at all the risks a business might face,
not just the ones that directly affect its financial statements right away. The main
reasons for doing this are to make audits more efficient and effective and to
potentially provide extra benefits to the auditing process.

Analytical Procedures involve studying financial and non-financial data to

understand relationships and detect inconsistencies. They are crucial for assessing
risks when learning about a company and its surroundings.
These procedures help lower the chance of errors in audits, especially the risk of
missing problems. Auditors use them at different stages of the audit.
Audit Evidence: all the information, from whatever source, used by the auditor in
arriving at the conclusions on which the audit opinion is based. It is what auditor
opinion is based on; therefore, imp sufficient appropriate evidence is obtained.
Management's assertions about different types of transactions and events during
the audit period:
1. Occurrence: event actually took place
2. Completeness: accounts include every transaction in the year
3. Cut off: transactions in the year end are included.
4. Classification: transactions are recorded in correct accounting captions
5. Accuracy: transactions are recorded appropriately
6. Authorization: transactions have been authorized by appropriate person
Management assertions about end of the period account balances:
1. Existence: that assets, liabilities, and equity actually exist.
2. Completeness: everything that should have been recorded in the account
has been recorded.
3. Valuation and allocation: that a, l&e are included at a proper amount.
4. Rights and obligations: company holds/ controls right to assets, liabilities
are obligations of company.
Management assertions about presentation and disclosure:
1. Completeness: accounts include every transaction
2. Classification and understandability: transactions are recorded in the
right place.
3. Accuracy and valuation: balances are recorded properly.
4. Occurrence and rights and obligations: transactions actually happened.
Concepts of audit evidence:
A. Sources of audit evidence: where to get audit evidence from
B. Sufficiency and appropriateness of audit evidence: collect enough relevant
and reliable evidence.
C. Evaluation of audit evidence: examine evidence that has been collected.
 A. Sources of Audit evidence

B. Sufficiency of audit evidence is a measure of QUANTITY of audit evidence.

1. The higher the risk of misstatement in accounts requires a HIGHER
quantity of audit evidence.
2. The higher the quality of audit evidence collected results in a LOWER
quantity of audit evidence.
C. Appropriateness of audit evidence: measure of how RELEVANT and RELIABLE
the evidence is. Places to take evidence from:
1. From a smart person
2. Effectiveness of internal control
3. Auditor direct knowledge
4. Documentary/ paperwork evidence
5. OG documents
D. Evaluation of Audit Evidence: required understanding of types of evidence
and relative reliability of available evidence. Auditor should be unbiased.
Relationship of audit evidence to audit report
1. The client produces draft financial statements
2. Within which there will be some management assertions
3. The auditor then needs to carry out the audit
4. To provide evidence to back up the financial statements
5. Auditor reaches a conclusion based on the evidence.
6. Audit report which will be filed with the financial statements
Audit procedures are acts performed by auditor to gather evidence; the types of
actions are:
 Risk assessment: assess the level of risk with diff parts of accounts, if
particular area is low risk, then auditors will do less work on this area than
high area.
  Test of controls: auditor sees that company has controls in place to stop
something from happening. Auditor will test that control and if it works then
they move on.
 Substantive procedures: auditors will do work to check a particular balance.
Procedures for obtaining audit evidence.
1. Inspection of records and documents: evidence from external docs more
dependable than internal docs.
2. Inspection of tangible assets: physical examination of tangible asset
3. Observation: process of watching a process.
4. Inquiry: ask clear, concise, and relevant questions; consider how brainy the
person being questioned is; evaluate response; listen.
5. Confirmation: Getting information about a current situation straight from
someone who is not directly involved.
6. Recalculation: determining maths accuracy of docs
7. Re performance: auditors’ independent execution of controls that were
performed as part of internal control system.
8. Analytical procedures: evaluations of financial info made by study of rs
among financial and nonfinancial data.
9. Scanning: review of accounting data to identify significant or unusual items
AUDIT EVIDENCE IS KEY TO AUDIT PROCESS AS IT IS THE BASIS FOR AUDIT OPINION
Ways for selecting items for testing.
i. Selecting all items (100% testing): more likely for tests of details than
controls; used only when small number of high value items; significant risk;
cost effective also.
ii. Select specific items: based on understanding of entity, risks, and
characteristics of population being tested.
Non sampling risk: risk of auditor choosing wrong items to test.
iii. Audit sampling: - choosing only some.
AUDIT RISK IS RISK THAT AUDITOR GIVES AN INAPPROPRIATE AUDIT OPINION
 Detection risk: auditor does not detect errors = sampling risk x non sampling
risk
 Sampling risk: auditor chooses wrong items.
 Non sampling risk: sample chosen had something funny in it.
 Audit risk = inherent risk x control risk x detection risk
Mistakes, like leaving things out, matter if they could reasonably affect how people
make financial decisions based on financial statements.