Before You Go On Solutions

Chapter 4
Audit Planning II

1.1 What are the three components of audit risk? The three components of audit risk are
seen in the audit risk model, AR (Audit Risk) = Inherent Risk (IR) * Control Risk (CR) * Detection
Risk (DR). Inherent risk (IR) is the possibility that a material misstatement could occur before
consideration of the internal controls. This is the risk that errors can simply happen. Control risk
is the risk that the controls implemented by the client do not prevent or detect a misstatement
before the financial statements are prepared. Inherent risk and control risk are the client’s risks
and exist separately from the financial statement audit. The auditor has no influence on either.
In response to the assessed inherent and control risk combined (the risk of material
misstatement), the auditor determines the amount of substantive work required to reduce the
risk of material misstatement to an acceptable level. This is detection risk, the risk that auditors’
procedures will not be effective in detecting a material misstatement should there be one. It is
impossible to reduce detection risk to zero. Detection risk is the only element of the audit risk
model the auditor can influence by doing more or less substantive audit work.

1.2 What is the relationship between audit risk and detection risk? The acceptable audit
risk for the financial statements overall is set by the auditor at the beginning of the audit. The
auditor will determine the detection risk required in response to the assessed audit risk and the
client’s inherent and control risk combined. (The auditor first sets audit risk, then assesses
inherent and control risk, and then determines the appropriate level of detection risk.) The
auditor will plan and perform their audit to hold audit risk to an acceptably low level.

1.3 What are four factors that affect inherent risk? The inherent risk assessment is based on
knowledge of the business, since many of the factors that contribute to business risks may
affect inherent risk. Knowledge of the competitive environment, the current economic
environment, the risk of technological obsolescence, and the level of government regulation
assist in the inherent risk assessment. It is also important to consider such factors as the type of
products and services offered by the entity, the size and complexity of the organization, the
experience and knowledge level of employees, the pressures on management to meet earnings
targets, the extent of errors found in previous audits, and the accounting policies selected. CAS
315 identifies the following inherent risk factors:

1. Complexity: Events and transactions that are higher in complexity make processing
errors and human errors more likely, increasing inherent risk.
2. Subjectivity: Events and transactions that require judgements are more susceptible to
bias, increasing inherent risk.
3. Uncertainty: Events and transactions where the outcome is uncertain require estimation,
increasing inherent risk.
4. Change: The more changes that impact the entity, the greater the risk the entity does not
respond appropriately, increasing inherent risk.
5. Susceptibility of accounts or transactions to management bias or fraud: The greater the
pressure on management to produce specific results, the greater the risk of
management bias or fraud.

© 2021 John Wiley and Sons, Auditing, 4e

2.1 What is qualitative materiality? Information is considered material if it affects a user’s
decision-making process. This may be due to factors other than the magnitude of
misstatements. While the auditor calculates a quantitative materiality, misstatements under this
determined dollar threshold may be material due to their nature. Items that should be
considered significant due to their nature include a change in an accounting method, related
party transactions, a change in operations that affects the level of risk faced, the danger of
breaching a debt covenant, and a misstatement due to fraud.

2.2 What is quantitative materiality? Information is considered quantitatively material if it

exceeds an auditor’s preliminary materiality assessment. An auditor uses their professional
judgement to arrive at an appropriate materiality figure (number) for each client. In doing so,
they are mindful of the primary users of the financial statements.

2.3 What is the most appropriate materiality base for a for-profit entity? Why? For-profit
entities usually consider net income important, especially if the entity is publicly listed. Net
income before tax is likely to be important as it drives dividends and return-on-investment
decisions. Therefore, the most appropriate base would be net income before tax. Typically, 5
percent of profit before tax from continuing operations is used to determine materiality when
profit is the appropriate base, but an acceptable range is from 3 to 7 percent.

3.1 What is the purpose of developing an overall audit strategy? An audit strategy sets the
scope, timing, and direction of the audit and provides the basis for developing a detailed audit
plan. The audit strategy chosen depends on the auditor’s preliminary inherent and control risk
assessment (that is, the auditor’s overall assessment of the risk of material misstatement).

3.2 What is a substantive audit strategy and when might an auditor adopt this approach?
When assessing control risk as high, an auditor will adopt a substantive audit strategy. When
this audit strategy is adopted, an auditor will gain the minimum necessary knowledge of the
client’s system of internal controls as required by the auditing standards (CAS 315), but will
generally not conduct tests of those controls. If a client’s system of internal controls is non-
existent, very poor, or unlikely to be effective in mitigating an identified inherent risk, there is
generally no point in testing the internal controls because the auditor will not be planning to rely
on them. Instead, an auditor will increase their level of reliance on detailed substantive
procedures, which involves intensive testing of yearend account balances and transactions from
throughout the year.

3.3 To whom will an auditor report uncovered deficiencies in a client’s system of internal
controls? If the auditor tests the controls and believes them to be ineffective (that is, the
controls do not work), the auditor reports any significant deficiencies to those charged with
governance and identifies other weaknesses to management. The auditor also makes
recommendations for improving the controls.

4.1 What is a KPI? How can it be used by an auditor? Key performance indicators (KPSs)
are measurements, agreed to beforehand, that can be quantified and that reflect the success
factors of an organization. Part of the process used when gaining an understanding of a client
involves learning how the client measures its own performance. The KPIs used by a client to
monitor and assess its own performance and the performance of its senior staff provide an
auditor with insight into the accounts that their client focuses on when compiling its financial
statements and indicate which accounts are potentially at risk of material misstatement. It is
very important for an auditor to understand which KPIs a client is most concerned about
throughout the year so that the audit can be planned around relevant accounts.

© 2021 John Wiley and Sons, Auditing, 4e

4.2 Explain how internal performance reports may be used. It is common for companies to
use profitability measures and performance reports to assess their performance and the
performance of their senior staff. Companies will track their revenue and expenses over time
and assess any variability. They will compare their revenue and expenses with close
competitors and assess their ability to compete, as well as provide valuable insights to
management as to whether results are matching expectations based on known factors such as
seasonality or economic downturns. This also provides the auditor with valuable insights into the
expectations of management and which accounts may be most relevant.

4.3 What is a debt covenant? Companies enter into debt covenants with lenders when taking
on significant loans. That is, they promise to maintain specified profitability, liquidity, or other
financial ratios, or to seek the lender’s permission before taking on new borrowings or acquiring
other companies. These covenants are written into the borrowing contracts and restrict a
company’s activities. If a company breaches a debt covenant, it will need to renegotiate or repay
the loan.

5.1 Why are liquidity ratios calculated? Liquidity ratios are calculated in order to determine a
company’s ability to meet its short-term debt obligations. If a company is unable to pay its debts
when they fall due, the company may lose key employees, suppliers may refuse to supply
goods, and lenders may recall funds borrowed. An auditor is concerned with the client’s liquidity
situation and will alert the client to any potential going concern issues.

5.2 Define the gross profit ratio and explain what it indicates. The gross profit ratio or gross
profit margin indicates whether a seller of goods has a sufficient markup on goods sold to pay
for other expenses. A markup is the difference between the selling price and cost of goods sold.
A decline in this ratio indicates that a client may be paying more for its inventory or charging
less to its customers. If the gross profit margin continues to decline, the client may face making
an overall loss if it is not able to cover its operating expenses.

5.3 What is a trend analysis and why might an auditor use this form of analysis? A trend
analysis, also called a horizontal analysis, involves a comparison of account balances over time.
It is conducted by selecting a base year and then restating all accounts in subsequent years as
a percentage of that base. Trend analysis allows the auditor to gain an appreciation of how
various accounts have changed over time. When conducting a trend analysis, it is important for
an auditor to consider significant changes in economy-wide factors, such as a recession, which
may affect their interpretation of the trend.

© 2021 John Wiley and Sons, Auditing, 4e