Audit and risk assessment

Audit and risk assessment

1) A revised or final acceptable level of detection risk is determined for each assertion after (1) assessing inherent risk, (2) performing analytical procedures in audit planning, (3) assessing the risk of fraud for an assertion, and (4) making a final assessment of control risk for relevant controls. A risk matrix or the audit risk model can be used to solve for the revised acceptable level of detection risk associated with analytical procedures and tests of details based on the actual assessed levels of inherent and control risk and the auditor’s specification of audit risk.

2) In some cases where substantive analytical procedures are effective, they may also add to the efficiency of the audit. For example, for public utilities and cable companies, relatively small amounts of revenue are billed to and collected from many thousands of customers each month. Tests of details of these high-volume, low-value revenue transactions would be very tedious and costly. On the other hand, revenues in such cases can often be estimated with a fair degree of precision using independent variables such as number of subscribers, billing rates for various types of services, temperature data (for electric and gas utilities), and so on. Alternatively, total sales commissions expense could normally be estimated from total sales revenues rather than examining the details of entries to sales commissions.

You may also like...