Audit risk

From Wikipedia, the free encyclopedia

Audit risk is a term that is commonly applied in relation to the audit of the financial statements of an entity. (See financial audit). The primary objective of such an audit is to provide an opinion as to whether or not the financial statements present fairly the financial position and results of the entity. Audit risk is the risk of the auditor providing an inappropriate opinion on the financial statements. In other words, it is the risk of the auditor stating the financial statements present fairly the financial position of the entity, when in fact they do not. (Although significantly a lesser risk, audit risk also encompasses the risk of the auditor stating the financial statements do not present fairly the financial position of the entity, when in fact they do.)

Contents 1 Components of audit risk 1.1 Inherent risk 1.2 Control risk 1.3 Acceptable audit risk 2 Mathematics of audit risk 3 References 4 External links

[edit] Components of audit risk

[edit] Inherent risk

Inherent risk is the measure of auditor's assessment that there may not be material misstatements in the financial statement before considering the effectiveness of internal controls. If the auditor concludes that there is a high likelihood of misstatement, ignoring internal controls, the auditor would conclude that the inherent risk is high. Internal controls are ignored in setting inherent risk because they are considered separately in the audit risk model as control risk. It is often an area of professional judgement on the part of an auditor. Examples of accounts with low inherent risk are fixed assets, easy to observe, or securities traded in the stock market whose market price is easily observable.

[edit] Control risk

Control risk is a measure of the auditor's assessment of the likelihood that misstatements exceeding a tolerable level will not be prevented or detected by the client's internal control system. This assessment includes an assessment of whether a client's internal controls are effective for preventing or detecting misstatements and the auditor's intention to make that assessment at a level below the maximum (100 pecent) as part of the audit plan.

[edit] Acceptable audit risk

Acceptable audit risk is a measure of how willing the auditor is to accept that the financial statements may be materially misstated after the audit is completed and an unqualified (or clean) opinion was issued. If the auditor decides to lower audit risk, that means that the auditor wants to be more certain that the financial statements are not materially misstated

The product of inherent risk and control risk is referred to as the Risk of Material Misstatement. It is allowable to make a combined assessment of inherent and control risk, called Risk of Material Misstatement.

[edit] Mathematics of audit risk

Audit standards proposed probability theory to be applied on audit risk concept. Practitioners also attached probability to audit risk concept. But audit standards did not adopted probability theory as the unique formalism of audit risk.

In fact, audit risk is an intersection of three sets. Modeling audit risk issued different models depending on mathematical theories used :

• Probability theory measures audit risk if these three components (inherent risk, control risk...) of audit risk concept are considered as events. Audit risk become a set of events. it become a product of three probabilities.

• Belief-function theory can measure audit risk if these three components are considered as evidence. Audit risk become a combination (with dempster-shafer rule) of mass of evidence.

• Finally, fuzzy logic measures audit risk concept if these three components are considered as

[edit] References

• Srivastava R.P. & Shafer G.R. (1992) " Belief function Formula for audit risk " Review : Accounting Review, Vol. 67 n° 2, pp. 249-283, for evidence theory applied on audit risk.
• Lesage (1999)" Evaluation du risque d'audit : proposition d'un modele linguistique " Review : Comptabilite, Controle, Audit, Tome 5, Vol. 2, September 1999, pp.107-126, for fuzzy audit risk.
• Fendri-Kharrat et al. (2005)"Logique floue appliquee a l'inference du risque inherent en audit financier ", Review : RNTI : Revue des Nouvelles Technologies de l'Information, n° RNTI-E-5, (extraction des connaissances : etats et perspectives), November 2005, pp.37-49, Cepadues editions, for fuzzy inherent audit risk.

[edit] External links

• A technical explanation of this term can be found in International Standards on Auditing (ISAs) issued by the International Auditing and Assurance Standards Board (IAASB) of the International Federation of Accountants