[cpa423]

I’m struggling with understanding the effects of audit risk on its individual components.

How do you know how a scenario effects inherent risk, control risk, and detection risk (increase/decrease/no change)?

I understand the inverse relationship between control and detection risk, but when you have to assess all three components what do you do? Are only two components affected or can all three be affected as well?

AUD - January 2017

BEC - Passed

FAR - Passed

REG - Passed

[Substantive Testing]

The thing is, you assess for all 3 risks, but inherent and control risk are already predetermined even before you walked into the audit due to the fact that they are based on the client's business and structure, absolutely nothing to do with the auditor. It is more like figuring out their risk rather than assessing I would say. But for detection risk, it is all based on the auditors judgement and can be changed through the audit. Once you assess all 3 to either low, medium or high risk, there is a equation to lead to risk of material misstatement (RMM). For example: Inherent High x Control Low x Detection Low = RMM Low.
A question might ask you “How do you keep RMM low if you realized Inherent is High” well since you cant adjust control risk, you have to play around with Detection risk and gauge it to low.

AUD - 75
BEC - 75
FAR - 81
REG - 78

 

CPA ex-auditor

 

[Author]

Replies