Materiality and Audit Risk

1
Materiality and Audit Risk

• Chapter 9

2
Materiality

• The definition is the same in the auditing
  context as everywhere else in accounting
• Key references
• Reasonable assurance
• Free of material misstatement

3
Preliminary Judgment

• Must be made to determine what is a material
  misstatement
• Often based on initial financial statements
• Qualitative factors as well
• Fraud
• Changes in trends
• Remember it is all relative
• Must always be subject to revision

4
Allocation of Materiality

• The auditor looks for amounts that are material
  in the aggregate
• More commonly allocated to balance sheet
  accounts, then by extension to income statement
• Tolerable misstatement Material amount for any
  given account
• May be adjusted for fraud and for cost of audit
  procedures
• Sampling formulae depend on tolerable misstatement

5
Estimating Misstatement

• Discovered error is projected onto the total
• Example inventory in sample is overstated by 3,
  then total is assumed to be by 3
• More specific confidence intervals depend on
  statistical parameters
• Total is compared to tolerable amount
• If it exceeds, may increase testing or demand
  adjustment

6
Audit Risk Model

• AR IR x CR x DR
• AR Audit risk
• The risk that the auditor will incorrectly issue
  an unqualified opinion
• IR Inherent risk
• The risk of material misstatements absent any
  internal controls or testing

7
Audit Risk Model

• CR Control risk
• The risk that internal controls will fail to
  prevent or detect material misstatement
• DR Detection risk
• The risk that audit tests will fail to detect
  material mistatement
• Therefore, audit risk is a function of inherent
  risk, unchecked by controls and not detected by
  the auditor

8
Risk Components

• Inherent risk
• Higher in complex transactions
• Higher where items are more naturally prone to
  fraud
• Based in part on prior experience
• Industry and management pressures
• Inherent risk cannot be changed by the auditor
  it just is
• Control risk
• Depends on the design and execution of controls
• Where controls are good, risk is low

9
Risk Components, II

• More Control risk
• Depends on all 5 COSO categories
• Observed by the auditor but cannot be changed
  retroactively
• Detection risk
• A function of the types of tests the auditor does
• Remember nature, timing, and extent
• This is the only risk element that can be
  controlled by the auditor
• AR IR x CR x DR also means
• DR AR / (IR x CR)

10
Is Risk Quantifiable?

• Yes and No
• Often assessed in percentage terms
• Requires judgment because no number is out there
  to be measured
• Detection risk needs to be quantified for
  statistical testing

11
Interrelationship of Risks

• IF IR and CR are high, then
• If IR is high and CR is low
• If IR is low and CR is low
• If IR is low but CR is high

• DR should be low (lots of testing)
• DR can be higher, because controls offset high IR
• DR can be high
• Somewhat indicative of fraud. DR should be very
  low

12
What is Acceptable Audit Risk?

• Risk the auditor is willing to take of being
  wrong
• Generally considered in terms of unqualified
  where there are misstatements, but not in reverse
• Depends on engagement risk
• Financial stability
• Industry factors
• Management integrity
• Degree of reliance on audited statements

13
Keep Things Open

• Materiality judgments are subject to revision
• If original bases were overstated, threshold may
  be too high
• Control risk assessment must be backed up by
  control testing results
• If tests show weaker controls, CR is higher, thus
  DR needs to be lower