Question

Demonstrate how the auditor assesses the risk of material misstatement. Contrast between Operation Audit, Compliance Audit, Financial Statement Audit. Provide examples from a publicly-traded company.

Answer 1

Solution:-

1. Demonstrate how the auditor assesses the risk of material misstatement:-

Having obtained and documented an understanding of the entity including its internal control, the auditor is now in a position to identify and assess the risks of material misstatement, which should be done at the financial statement level, and at the assertion level for classes of transactions, account balances and disclosures. The point of the risk assessment is to provide a basis for designing and performing further audit procedures.

Risk assessment procedures should include inquiries of management and other relevant individuals, analytical procedures, observation and enquiry. (ISA 315.6)

An important part of assessing the risk of material misstatement is that the risks identified should be prioritised. This is because ISA 315 determines that risks which are identified as being significant risks require special audit consideration. It is a matter of judgment as to whether a risk constitutes a significant risk, and matters such as the complexity of the transaction, whether there is a risk of fraud, the involvement of related parties, and whether the transaction is outside the normal course of business should be considered. (ISA 315.28)

It is further required that where a significant risk is identified, the relevant controls, including control activities should be understood. (ISA 330, The Auditor's Responses to Identified Risks then deals with the action that should be taken in obtaining evidence in relation to significant risks. If the auditor plans to rely on controls over a significant risk, the controls must be tested in the current period, and substantive procedures should be performed in response to significant risks at the assertion level.)

2. Contrast between Operation Audit, Compliance Audit, Financial Statement Audit:-

Financial statement audits, operational audits, and compliance audits are similar in that each type of audit involves accumulating and evaluating evidence about information to ascertain and report on the degree of correspondence between the information and established criteria and/or procedures, rules, or regulations. The differences between each type of audit are the information being examined and the criteria used to evaluate the information.

A financial statement audit is conducted to determine whether financial statements are stated in accordance with specified criteria, normally the U.S. or international standards. Auditors not only focus on accounting transactions, but also focus on an integrated approach in which both the risk of misstatements and the operating controls are considered. The auditor must have a thorough understanding of the entity and its environment.

An operational audit evaluates the efficiency and effectiveness of any part of an organization's operating procedures and methods. At completion of an operational audit, management normally expects recommendations for improving operations. In operational auditing, the reviews are not limited to accounting. It is more difficult to objectively evaluate whether the efficiency and effectiveness of operations meets established criteria than it is for compliance and financial statement audits. Also, establishing criteria for evaluating the information in an operational audit is extremely subjective. Thus, operational auditing is more like management consulting than what is usually considered auditing.

A compliance audit is conducted to determine whether the auditee is following specific procedures, rules, or regulations set by some higher authority. Results of compliance audits are typically reported to management, like in the operational audits, rather than to outside users as is done with financial statement audits.

An example of a financial statement audit would be the annual audit of IBM Corporation, in which the external auditors examine IBM's financial statements to determine the degree of correspondence between those financial statements and generally accepted accounting principles. An example of an operational audit would be an internal auditor's evaluation of whether the company's computerized payroll-processing system is operating efficiently and effectively. An example of a compliance audit would be an IRS auditor's examination of an entity's federal tax return to determine the degree of compliance with the Internal Revenue Code.

Please Rate