CPA Audit - Audit Risk and Materiality

59 terms by lambertt

Create a new folder

Advertisement Upgrade to remove ads

An indirect-effect illegal act is one that only impacts financial reporting if the crime is discovered and the company is punished.

What is the auditor's responsibility in connection with indirect-effect illegal acts?

The auditor has no responsibility to search for or discover indirect-effect illegal acts because these acts are outside of the normal scope of an audit (and are often small and concealed). However, if an auditor uncovers any evidence that indicates the presence of an indirect-effect illegal act, the auditor must investigate to determine if the company has a contingency that should be recognized or disclosed in the financial statements.

An auditor must maintain a skeptical attitude and not any evidence that would raise the possibility of the existence of an indirect-effect illegal act.

List examples of questionable events that should alert the auditor to a possible indirect-effect illegal act.

Indications of possible company violations of environmental protection laws, insider-trading securities regulations, civil rights laws, and federal employee safety requirements are events that could alert the auditor to likely indirect-effect illegal acts by the client.

Define audit risk and explain why there is a certain level of risk inevitable in every audit.

Audit risk is the possibility that a material misstatement will occur and be reported in an entity's financial statements. Because an auditor can provide only reasonable assurance and not absolute assurance, there is always some risk that a material misstatement will be presented in the entity's financial statements despite both the company's internal control and the independent auditor's audit.

When the auditor has reduced the amount of audit risk to an acceptably low level, the auditor is able to provide reasonable assurance that no material misstatement exist in any of the assertions that are being made by management concerning the financial statements.

What are the three components of audit risk?

Define each of these components.

The three components of audit risk are:
1. Inherent risk, which is the possibility that a material misstatement will occur within the reporting company's accounting information system.
2. Control risk, which is the possibility that a material misstatement that has occurred will not be detected on a timely basis by the company's control system.
3. Detection risk, which is the possibility that a material misstatement that has occurred will not be caught by the independent auditor's testing.

In combination, inherent risk and control risk are known as the risk of material misstatement.

Audit risk has three components: inherent risk, control risk, and detection risk.

Which of these components are company characteristics assessed by the auditor and which of these risks will vary, based on the work performed by the auditor?

Inherent risk is a company characteristic assessed by the independent auditor.

Control risk is a company characteristic assessed by the independent auditor.

Detection risk is based on the testing performed by the auditor. This risk will vary, depending on the nature, extent, and timing of the auditor's substantive testing.

Inherent risk is assessed by the independent auditor early in an audit engagement.

What types of factors would cause the auditor to assess inherent risk at a relatively high level?

The following are some factors that may cause the auditor to set the company's inherent risk at a higher level:
1. A first audit.
2. A continuing audit where misstatements were encountered in previous audits.
3. The presence of numerous estimations, large balances, and/or many transactions, some of which are complex.
4. Outdated and unsupported accounting information system.
5. Understaffed accounting department or accountants with little training or experience.
6. Unexplained variations discovered during analytical procedures between client figures and the auditor's expectations and/or the existence of transactions that appear not to have economic substance.

An independent auditor assesses the inherent risk of a reporting company as quite high.

How does this evaluation impact the assessment of control risk?

The assessment of control risk is independent of the assessment of inherent risk. Therefore, the level of inherent risk perceived to be present should have no impact on the assessed level of control risk.

Inherent risk and control risk are normally assessed very early in the audit planning process as part of understanding the entity and its environment, including its internal control.

Planned detection risk is dependent on the other risk factors and is reduced through the proper amount of substantive testing so that overall audit risk is reduced to a level the auditor views as acceptable.

An auditor had expected that detection risk would have to be reduced to a certain level to achieve the desired level of audit risk. However, both inherent risk and control risk were assessed at levels higher than anticipated.

What is the effect on detection risk?

Because the assessments of inherent risk and control risk were both assessed at levels higher than anticipated, the acceptable level of detection risk must be reduced to a achieve the desired level of audit risk. Detection risk can be reduced to a lower level by:
1. Simply doing more substantive testing than was originally anticipated.
2. Performing testing that will obtain evidence of a better quality. Better quality evidence is gained when the testing:
1. Is carried out closer to or at the end of the reporting
period.
2. Is performed by more experienced auditor.
3. Uses more sophisticated audit techniques, such as
positive confirmations or statistical sampling.

An auditor has assessed both inherent risk and control risk at a high level.

What is the effect of that evalution on detection risk?

There is an inverse relationship between the assessments of inherent risk and control risk and the acceptable level of detection risk the auditor is seeking in order to give reasonable assurance. If inherent risk and control risk are estimated to be high, sufficient testing must be performed to reduce detection risk to a relatively low level to compensate. Conversely, if inherent risk and control risk are assessed as being low, the acceptable level of detection risk can be left at a higher level. In this situation, less substantive testing would be probably appropriate.

Some possible fraud risk factors indicate that there can be incentives or pressures on management and other employees to attempt fraudulent financial reporting.

What are some of the specific fraud risk factors that indicate either the incentive or pressure for fraudulent financial reporting to occur?

Fraud risk factors indicating that there are pressures on management and other employees to attempt fraudulent financial reporting include the following:
1. Company is vulnerable to rapid changes (e.g., in technology).
2. Company is in a highly competitive industry or market.
3. Declining customer demand for product.
4. Significant number of business failures in client's industry.
5. Bankruptcy of the company appears imminent.
6. Ongoing negative cash flows from operations.
7. Significant employee and/or management financial interests in the entity.
8. Company faces extensive compliance with new regulations.
9. Investors have unreasonable expectations for profitability.
10. Company has great need for additional debt or equity financing.
11. Board of director, management, or employee personal financial difficulties.

An auditor is performing testing to reduce detection risk to the planned acceptable level.

What is this type of testing called?

What are the major types of this testing?

Testing performed by the auditor to reduce detection risk to an acceptable level is referred to as substantive testing.

Substantive testing encompasses several types of testing, including substantive tests of transactions, substantive analytical procedures, and tests of details of balances.

Substantive tests of transactions are used to determine whether all six transaction-related audit objectives have been satisfied for each class of transaction. The six transaction-related audit objectives are occurrence, completeness, accuracy, transaction is properly included, transaction is properly classified, and transaction is recorded on correct date. This type of test is a more common approach for income statement balances.

A test of details of balances attempts to support an account general ledger balance, either balance sheet or income statement, by testing the final account total. The emphasis of most tests of details of balances is on the balance sheet.

Some fraud risk factors would indicate that opportunities exist for management and other employees to attempt fraudulent financial reporting.

What are some of these specific fraud risk factors?

Fraud risk factors indicating opportunities for fraudulent financial reporting include the following:
1. Significant related-party transactions.
2. Ability of entity to dominate a certain industry.
3. Significant estimates exist in financial reporting.
4. Significant, unusual, or complex transactions exist, especially at the end of the reporting period.
5. Significant international or foreign operations.
6. Business dominated by one person or a small group of individuals.
7. Ineffective board of directors and/or audit committee.
8. High turnover in accounting, internal auditing, and IT staff.
9. Inadequate internal controls.
10. Overly complex organizational structure.

Some possible fraud risk factors are incentives and/or pressures on management and/or other employees that could lead to misappropriation.

What are some of the specific fraud risk factors that indicate either the incentive or pressure on the part of management and/or other employees to misappropriate assets?

Fraud risk factors indicating incentive/pressures on management and/or other employees that could lead to asset misappropriation include:
1. Personal debts or other personal financial obligations.
2. Knowledge that there will be future employee layoffs.
3. Recent or anticipated changes in compensation plans or benefits.
4. Promotions, compensation, or other rewards that are inconsistent with employee expectations.

Some fraud risk factors indicate that opportunities exist for management and other employees to misappropriate funds from the reporting entity.

What are some of the specific fraud risk factors that indicate opportunities for asset misappropriation?

Fraud risk factors indicating opportunities for asset misappropriation include:
1. Large amounts of cash generally always on hand or cash amounts that are processed irregularly.
2. Inventory items that are small in size and/or of high value.
3. Assets that are easily convertible into cash.
4. Fixed assets that are small and easily marketable.
5. Inadequate segregation of duties.
6. Inadequate recordkeeping with respect to assets.
7. Inadequate safeguards over cash and assets easily convertible into cash.
8. Non-mandatory employee vacations, especially for key employees into cash.
9. Asset reconciliations and transaction documentation are not not timely or provided.

What are two areas in a financial statement audit where the CPA should simply presume that there is a risk of material misstatement due to fraud, even without the presence of any fraud risk factors?

The auditor should presume that there is a risk of material misstatement due to fraud in connection with the following:
1. Recognition of revenue.
2. Management's possible override of internal controls.

The risk of management override of controls exist in almost all audit engagements. In addition to this, a study sponsored by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) has found that more than one-half of financial statement frauds involve revenues and accounts receivable. Cash is also highly susceptible to theft.

In connection with revenue recognition and possible management override of the client company's internal controls, the auditor normally conducts additional testing in these areas, along with specific inquiries of client personnel.

Describe some of the tests and questions by the auditor that might be appropriate.

Because of the risks involved, the auditor should consider doing the following:
1. Inquire about sales transactions near the end of the reporting period.
2. Examine the contents of boxed inventory.
3. Review the accuracy of previous management estimations.
4. Obtain an understanding of the financial reporting process and the physical controls over journal entries.
5. Select and test actual journal entries, especially suspicious entries at year-end.
6. Ask about any inappropriate or unusual activity with journal entries.

The auditor provides reasonable assurance of no material misstatements. This assurance includes discovery of errors, fraud, and direct-effect illegal acts.

Define each of these three items.

An error is an unintentional misstatement of the financial statements.

Fraud is the intentional act that results in a material or immaterial misstatement in the financial statements. There are two types of fraud:
1. Fraudulent financial reporting that is not uncovered allows a company's operating performance or financial condition to appear different than it actually is by manipulation of records, events, or accounting.
2. Misappropriation of assets and the subsequent manipulation of the financial statements to cover this action is another type of fraud.

Direct-effect illegal acts are those illegal acts that have an immediate impact on the entity's financial statements.

Why is an auditor able to render only reasonable assurance, rather than absolute assurance?

Only reasonable assurance is possible as a result of an audit because of the following:
1. Not every transaction during the reporting period is examined.
2. Human error can occur during the audit testing.
3. Both fraud and illegal acts are usually hidden, so their discovery is not always possible.

If auditors were responsible for making absolutely certain that all assertions in the financial statements were correct, evidence requirements and the resulting audit function cost would rise to a level such that audits would not be economically practical.

An auditor should be alert for conditions in the fraud triangle. Whenever a fraud risk factor is uncovered in one of the three areas of the fraud triangle, the auditor should become especially alert for additional evidence of fraud.

What are the three components of the fraud triangle?

The fraud risk triangle is made up of the following:
1. Incentives/pressures - Members of management or other employees of the reporting entity have an incentive to commit fraud, or they are under pressure that gives them motivation to commit fraud.
2. Opportunities - Circumstances exist that provide members of management or other employees with a reasonable chance to commit fraud.
3. Rationalization/attitudes - Those individuals who could be involved in fraud are able to rationalize a fraudulent act as being consistent with their personal code of ethics.

The auditor's concern about the existence of fraud increases when one or more of the components of the fraud triangle is present.

During an audit, the audit team engages in brainstorming.

When is this step performed, and what does this term mean?

At the beginning of the audit, and periodically thereafter, the audit team (or key members of the audit team) should engage in some form of brainstorming. Brainstorming is an open discussion among participants in a small group in an attempt to arrive at a solution or several solutions to a particular matter or concern of common interest to the group of participants.

In this situation, brainstorming focuses on a discussion of the susceptibility of the company's financial statements to material misstatements. The audit team discusses where and how the financial statements might be susceptible to fraud, how management could perpetrate and conceal fraudulent reporting, and how assets could be stolen.

This process is designed to help the auditors become more aware of the risk of material misstatement and where fraud may exist in the financial statements.

An auditor should be watchful for situations that indicate possible existence of one or more fraud risk factor components of the fraud triangle.

What are some of the specific fraud risk factors that indicate that management and/or other employees may have the attitude or ability to commit fraudulent financial reporting?

Fraud risk factors that indicate management and/or other employees may have the attitude to commit fraudulent financial reporting include the following:
1. Management's failure to correct known significant deficiencies in a timely manner.
2. Management's commitment to achieve aggressive or unreasonable financial forecasts.
3. Management's interest in maintaining or increasing the price of the company's stock.
4. A history of entity violations of securities laws.
5. Frequent disputes with the auditor.
6. Formal and informal restrictions on the auditor's scope of audit activities.

An auditor is making an assessment of inherent risk and uncovers fraud risk factors within one or more components of the fraud triangle.

What actions should the auditor take as a result of this discovery?

Several possible actions that help the auditor reduce overall audit risk to an acceptable low level include the following:
1. Closely monitor the adoption of and reasons for new accounting principles.
2. Make substantive testing procedures more unpredictable and in greater quantities.
3. Get more evidence from outside sources.
4. Rely more on physical inspection.
5. Use more computer-assisted audit techniques.
6. Do more testing in close proximity to the end of the reporting period.
7. Assign individuals to the audit team who have specialized skills and experience dealing with fraud, if appropriate.

In assessing inherent risk, the auditor should watch for fraud risk factors, especially within the three conditions that make up the fraud triangle. However, additional procedures should be carried out at this time in connection with the possibility of fraud.

What are some of these additional procedures?

While doing an assessment of inherent risk, the auditor should do the following:
1. Make inquiries of management, the audit committee, and the internal auditors, if any, about the risks of fraud in the company and how they are addressed. The auditor should also ask about whether fraud is known or suspected and the controls that are set up to reduce possible fraud risk.
2. Look carefully at any unusual or unexpected relationships identified when performing analytical procedures.
3. Look closely at accounts where a high degree of management judgement and subjectivity exists.

In assessing inherent risk, the auditor is required to carry out analytical procedures. Certain comparisons of financial information are recommended because they may indicate the possibility of fraud.

What are some of these specific comparisons?

In the assessment of inherent risk, the auditor should look closely at certain financial relationships and comparisons because unusual or unexpected relationships may indicate a heightened chance that fraud exists.
1. Net income to cash flows from operations.
2. Year-to-year changes in inventory, accounts payable, sales, and cost of goods sold.
3. Company profitability as compared to industry averages.
4. Company bad debts as compared to industry averages.
5. Sales volume as compared to production costs (i.e., labor, raw material, and other direct costs).

Does the Public Company Accounting Oversight Board (PCAOB) require an auditor to report on whether a previously reported material weakness in internal control over financial reporting as of a date specified by management continues to exist?

No. An engagement by an auditor to report on whether a previously reported material weakness continues to exist is a voluntary engagement and is not required by the PCAOB.

What is meant by the term risk in auditing?

Auditors accept the fact that some level of risk or uncertainty exists in a set of financial statements as fairly presenting the financial condition of a reporting entity. The effective and experienced auditor recognizes that risk exists and deals with this risk in an appropriate manner.

How does risk assessment for financial reporting related to management?

Risk assessment for financial reporting is management's process for identifying, analyzing, and responding to the risks relevant to the preparation of financial statements in conformity with generally accepted accounting principles (GAAP) in the United States.

What are the risks relevant to financial reporting?

Risks relevant to financial reporting include the external and internal events and circumstances that may occur and adversely affect an entity's ability to initiate, authorize, record, process, and report financial data consistent with management's assertions in the financial statements.

List some of the circumstances under which risks impacting financial statement data can arise or possibly change.

Risks impacting financial statements data can arise or change due to circumstances such as the following:
1. Changes in the entity's operating environment.
2. New personnel.
3. New or revamped accounting information systems.
4. Rapid business growth.
5. New technology.
6. New business models, products or activities.
7. Corporate restructurings.
8. Expanded foreign operations.
9. New accounting pronouncements.
10. More complex and/or complicated business transactions.

Why should the auditor obtain sufficient knowledge of the entity's risk assessment process?

The auditor should obtain sufficient knowledge of the entity's risk assessment process to understand how management considers and deals with the risks relevant to financial reporting. This knowledge will aid the auditor's assessment of the entity's internal control process and the risk that face the auditor in the audit process.

What should the auditor consider when evaluating the design and implementation of the entity's risk assessment process?

In evaluating the design and implementation of the entity's risk assessment process, the auditor should consider how management identifies business risk relevant to financial reporting, estimates the significance of the risks, assesses the likelihood of their occurrence, and decides upon actions to manage them.

Why do auditors perform risk assessment procedures?

Auditors perform risk assessment procedures to properly assess the risks of material misstatement and engagement risks.

What should the auditor use as audit evidence to support the risk assessment that has been made?

The auditor should use the information gathered in performing risk assessment procedures, including the audit evidence obtained in evaluating the design of controls and determining whether or not they have been implemented, as audit evidence to support the risk assessment.

What should the auditor consider when evaluating the design and implementation of the entity's risk assessment process?

To assess the risk of material misstatement, the auditor performs the following:
1. Identifying risks - Risks are identified throughout the process of obtaining an understanding of the entity and its environment.
2. Establishing the significance of each risk - The auditor relates the identified risks to material misstatement possibilities and how the entity addresses them.
3. Assessing the likelihood of that risk occurring - The auditor considers whether the risk is of a magnitude that could result in a material misstatement of the financial statements.
4. Developing specific actions to reduce the risk to an acceptable level - The auditor considers the actions that management has developed and/or taken to reduce identified risks of material misstatement in the financial statements.

How should the auditor use the risk assessment process?

The auditor should use the risk assessment process to determine the nature, timing, and extent of further audit procedures to be performed.

Which controls should the auditor identify when making risk assessments?

In making risk assessments, the auditor should identify the controls that are likely to prevent or detect and correct material misstatements in specific relevant assertions.

Which types of risk assessment procedures should the auditor perform to obtain an understanding of the entity and its environment, including its internal control?

The auditor should perform the following risk assessment procedures to obtain an understanding of the entity and its environment, including its internal control:
1. Inquiries of management and others within the entity.
2. Analytical procedures.
3. Observation and inspection.

The auditor's understanding of the entity and its environment relies on an understanding by the auditor of which aspects of the entity?

The auditor's understanding of the entity and its environment relies on an understanding of the following aspects:
1. The entity's industry, including regulatory and other external factors.
2. The nature of the entity.
3. The objectives, strategies, and the related business risks that may result in a material misstatement of the entity's financial performance.
4. Measurement and review of the entity's financial performance.
5. The entity's internal control, which includes its accounting policies.

What is the authoritative source for the risk assessment standards?

The Auditing Standards Board (ASB) of the AICPA issued eight Statements on Auditing Standards (SAS) that are collectively referred to as the Risk Assessment Standards. The ASB is the authoritative source for these standards.

What is the effective date for the Risk Assessment Standards?

The Risk Assessment Statements, SAS No. 104 through SAS No. 111, are effective for audits of nonissuer financial statements for periods beginning on or after December 15, 2006.

List the three objectives of the Auditing Standards Board (ASB) in developing the Risk Assessment Standards as they relate to auditors and audits.

Three objectives of the ASB in developing the Risk Assessment Standards as they relate to auditors and audits are as follows:
1. Auditors must develop a more in-depth understanding of the entity being audited and its environment, including its internal control.
2. Auditors must conduct a more rigorous assessment of the risks of where and how the client's financial statements could be materially misstated.
3. There should be improved linkage between the auditor's assessed risk and the nature, timing, and extent of audit procedures performed in response to those risks.

What are the areas in which the Risk Assessment Standards establish standards and provide guidance?

The Risk Assessment Standards establish standards and provide guidance concerning the following:
1. The auditor's assessment of the risks of material misstatement, whether caused by fraud or error.
2. The design and performance of tailored audit procedures to address assessed risks.
3. Audit risks and materiality.
4. Planning and supervision of an audit.
5. Audit evidence.
6. Understanding the entity and its environment.
7. Evaluating the audit evidence obtained.

How do the Risk Assessment Standards impact the term due professional care in the performance of work?

The Risk Assessment SAS No. 104 amends SAS No. 1 "Codification of Auditing Standards and Procedures (due professional care in the performance of work)" to expand the definition of the term reasonable assurance.

How do the Risk Assessment Standards impact the scope of the audit work with regard to the second Standards of Field Work of the generally accepted auditing standards (GAAS)?

The Risk Assessment SAS No. 105 revises SAS No. 95, Generally Accepted Auditing Standards, to expand the scope of the second Standards of Field Work from internal control to the entity and its environment, including its internal control.

How do the Risk Assessment Standards impact the planning of the audit work with regard to the first Standards of Field Work of the generally accepted auditing standards (GAAS)?

The Risk Assessment SAS No. 105, an amendment to SAS 95, Generally Accepted Auditing Standards, extends the purpose and function of planning the audit to assessing the risk of material misstatement of the financial statements whether due to error or fraud.

What is the impact of the Risk Assessment Standards on the third Standards of Field Work of the generally accepted auditing standards (GAAS) as it relates to evidential matter?

The Risk Assessment SAS No. 105 does the following:
1. It revised the third Standards of Field Work, eliminating references to specific audit procedures performed in order to obtain evidential matter.
2. It replaces the terminology evidential matter with audit evidence.

How does the Risk Assessment SAS No. 105 revise the first General Standards to clarify the terminology used in Statement of Auditing Standards (SAS) issued by the Auditing Standards Board (ASB) in describing the professional requirements imposed on auditors?

The Risk Assessment SAS No. 105 revises the first General Standards with the use of a must statement:

First of the General Standards:
1. The audit must be performed by a person or persons having adequate technical training and proficiency as an auditor.

How does the Risk Assessment SAS No. 105 revise the Standards of Field Work to clarify the terminology used in Statement of Auditing Standards (SAS) issued by the Auditing Standards Board (ASB) in describing the professional requirements imposed on auditors?

The Risk Assessment SAS No. 105 revises the Standards of Field Work to clarify the terminology used in SAS 95 with the following new language underlined below.

Standards of Field Work:
1. _The auditor must_ adequately plan _the work_ and must _properly supervise any_ assistants.
2. _The auditor must obtain a_ sufficient understanding of _the entity and its environment,_ including its internal control, _to assess the risk of material misstatement of the financial statements whether due to error or fraud_ and to design the nature, timing, and extent of _further audit procedures._
3. The auditor _must obtain sufficient appropriate audit evidence_ by performing _audit procedures_ to afford a reasonable basis for an opinion regarding the financial statements under audit.

Which matters are addressed in Risk Assessment SAS No. 106, Audit Evidence?

Risk Assessment SAS No. 106, Audit Evidence, addresses the following matters:
1. It defines the audit evidence.
2. It defines relevant assertions and discusses their use in assessing risks and designing appropriate further audit procedures.
3. It discusses qualitative aspects the auditor considers in determining the sufficiency and appropriateness of audit evidence.
4. It describes various audit procedures and discusses the purposes for which they may be performed.

In the performance of an audit under guidelines of Risk Assessment SAS No. 107, Audit Risk and Materiality in Conducting an Audit, what matters should be of concern to the auditor?

In performing the audit, the auditor is concerned with matters that either individually or in the aggregate could be material to the financial statements.

What is the purpose of Risk Assessment SAS No. 108, Planning and Supervision?

Risk Assessment SAS No. 108, Planning and Supervision, establishes standards and provides guidance to the independent auditor conducting an audit in accordance with generally accepted auditing standards (GAAS) on the considerations and activities applicable to planning and supervision in the conduct of an audit.

In accordance with Risk Assessment No. 108, Planning and Supervision, how should an auditor plan an audit?

In accordance with Risk Assessment SAS No. 108, Planning and Supervision, the auditor must plan the audit so that is is responsive to the assessment of the risk of material misstatement based on the auditor's understanding of the entity and its environment, including its internal control.

What essential component must be included in the auditor's planning and performing of an audit?

Assuming the existence of an audit plan, obtaining an understanding of the entity and its environment, including its internal control, is an essential part of the auditor's planning and performing an audit in accordance with generally accepted auditing standards.

What is the purpose of SAS No. 109, Understanding the Entity and its Environment and Assessing the Risks of Material Misstatement?

SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, establishes standards and provides guidance for implementing the Second Standard of Field Work, as follows:
1. The auditor must obtain a sufficient understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement of the financial statements whether due to error or fraud, and to design the nature, timing, and extent of further audit procedures.

How does the auditor determine which procedures to perform to obtain an understanding of the entity and its environment, including its internal control?

Risk Assessment SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, details the audit procedures that the auditor should perform in order to obtain the understanding of the entity and its environment, including its internal control.

How does Risk Assessment SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement, aid auditors in their understanding of the entity and its environment, including its internal control?

Risk Assessment SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatements, provides guidance to the auditor in understanding specified aspects of the entity and its environment and the components of internal control for the purposes of identifying and assessing the risks of material misstatement and designing and performing further audit procedures.

SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained, aids the auditor in what way(s)?

SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained, provides guidance to the auditor in determining the overall response to address the assessed risk of material misstatement at the financial statement level and provides guidance for evaluating the audit evidence obtained.

What is the auditor's source for designing and performing further audit procedures in response to assessed risk?

SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained, provides guidance to the auditor in designing and performing further audit procedures, including tests of the operating effectiveness of controls, where relevant or necessary and substantive procedures, whose nature, timing, and extent are in response to the assessed risks of material misstatement at the relevant assertion levels.

How does SAS No. 111, Amendment to Statement on Auditing Standards No. 39, Audit Sampling amend SAS 39?

SAS No. 111 amends SAS No. 39, Audit Sampling, and enhances guidance related to the auditor's judgement concerning tolerable misstatement in a specific audit procedure and the application of sampling to tests of controls.

SAS No. 111 also amends SAS No. 39 to incorporate guidance from SAS No. 99, Consideration of Fraud in a Financial Statement Audit, and SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set