Chapter 7

Assessing inherent risk,

other specific business
risks and materiality
Copyright 2012 McGraw-Hill Australia Pty Ltd
PPTs t/a Auditing and Assurance Services in Australia 5e by Grant Gay and Roger Simnett
Slides prepared by Roger Simnett

7-1

Learning objectives
7.1 Explain the factors that influence the
assessment of inherent risk.
7.2 Explain the auditors consideration of the risk
of fraud.
7.3 Explain the auditors consideration of related
parties.
7.4 Explain the auditors consideration the
appropriateness of the going concern basis.
7.5 Explain the concept of materiality.
7-2

LO 7.1: Inherent risk

As discussed in chapter 5 and outlined in

ASA/ISA 200:

Risk of material misstatement may exist at both the

financial report level and at the assertion level

Risk of material misstatement at the assertion level has
two components: inherent risk and control risk.

ASA 315/ISA 315 requires the auditor to

identify and assess risk of material

misstatement at both the financial report
and assertion levels.
Inherent risk is covered in chapter 7,
control risk in chapter 8.
7-3

Defining and assessing inherent risk

Inherent risk (IR):
Susceptibility of account balance or class of transactions to

material misstatement given inherent and environmental

characteristics, but without regard to internal control.

An assessment of IR and control risk (CR)

can be combined or separate. Irrespective

of this, an auditor is required to:
Assess IR at financial report level for audit plan.
Assessment must then be related to assertions

at account balance or class of transactions level

when developing audit program.
7-4

Business risk (BR) and IR

An entitys business strategy and associated

risks will affect an auditors assessment of

IR at the financial report level.
Where possible, an auditor traces BRs to

areas of a financial report which are likely to

be misstated.

7-5

Factors affecting IR at financial report level

Integrity of management.
Management experience, knowledge and

changes during the period.

Unusual pressure on management.
Nature of entitys business.
Factors affecting the industry.
7-6

Inherent risk & information technology

(IT)

As IT risks can be pervasive to the entity,

factors affecting overall IR associated with

IT include:
Significant changes in IT
Insufficient IT skills and resources
Lack of entity support and focus
High dependence on IT
Reliance on external IT
Reliability and complexity of IT.
7-7

Inherent risk at assertion level

IR is greater for some assertions and related classes

of transactions, account balances and disclosures

than for others.
Auditor will normally focus on:
Accounts likely to require adjustment
Complexity of underlying transactions
Judgment involved in determining account balances
Susceptibility of assets to loss or misappropriation
Occurrence of unusual and complex transactions,

particularly at or near year-end

Transactions not subject to ordinary processing .
7-8

Effect of inherent risk on account balance

assertion

7-9

Risk of fraud
Auditors responsibility for identifying and

reporting fraud introduced in chapter 4.

At the planning stage, an auditor should

consider the risk that misstatements due to

fraud or error will not be detected, and consider
risk of fraud when deciding which risks are
significant.
It is easier to miss material misstatements

resulting from fraud because fraud involves

acts designed to conceal it.
7-10

Fraud
Fraud is defined in ASA 240.11 (ISA 240.11) as:
An intentional act by one or more individuals among

management, those charged with governance,

employees, or third parties, involving the use of
deception to obtain an unjust or illegal advantage.

Therefore, there can be two types of

misstatement that are relevant to the auditor:

Misstatement resulting from fraudulent financial

reporting
Misstatement resulting from misappropriation of
assets.
7-11

Fraudulent financial reporting

Fraudulent financial reporting may involve:

Manipulation, falsification or alteration of

records or documents
Suppression or omission of the effects of

transactions from records or documents

Recording of transactions without substance
Intentional misapplication of accounting

policies.
7-12

Misappropriation of assets

Misappropriation of assets may

involve:
Embezzling receipts
Stealing assets
Causing an entity to pay for goods not

received
Using an entitys assets for personal
use.
7-13

Audit procedures for fraud at planning stage

In planning and conducting the audit, the auditor

must exercise reasonable care and skill and

maintain an attitude of professional skepticism.
An auditor will use his or her experience, knowledge
and training to determine whether fraud could occur.
An auditor needs a thorough understanding
of a clients business in order to identify
opportunities for the perpetration of fraud.
ASA 240 (ISA 240) requires the auditor to
specifically consider the risks of material
misstatement in the financial report owing to fraud.
7-14

Increased attention to fraud

The most recently revised ASA 240/ISA 240 requires

auditors to pay greater attention to fraud.

Auditors:
need specifically to consider risks of material misstatement in

financial report due to fraud

must discuss an entitys susceptibility to fraud
with other members of the audit team
must make more extensive inquiries of management
with respect to fraud.

Auditors are now specifically required to consider the

risk of fraud in revenue recognition and the possibility of

management override of controls.
7-15

Red flag indicators of fraud

An auditor commonly uses a checklist to identify

increased risks of fraud. Where risk is high, it is called a

'red flag'.
These are listed in Table 7.1 on page 296 of the textbook

and are grouped under:

management
unusual pressures within an entity
market pressures
unusual transactions
unsatisfactory records
IT environment.
7-16

Fraud in practice
A 2010 KPMG survey of fraud in Australia and

New Zealand identified the following main factors

allowing fraud to occur:
poor internal controls
override of controls
collusion between employees and third parties
collusion between employees and management.

The survey found the majority of frauds, excluding

financial services entities, were perpetrated internally.

Greed and lifestyle were common motivators. Fraud
red flags or warning signs were often overlooked or
ignored in 38 percent of major frauds.
7-17

Earnings management
Earnings management occurs when judgment in financial

reporting and in structuring transactions is used to alter

financial reports to influence the perceptions of
stakeholders.

Earnings management involves those responsible for

preparing the financial report such as the

Chief Financial Officer (CFO) and Chief Executive Officer
(CEO).

Incentives to manage earnings can be either behavioural or

market-based.

7-18

Broad categories of earnings management

Earnings management by clients may fall

into the following categories:

Intentional violations of accounting

standards and other reporting requirements

that are individually immaterial
Inappropriate revenue recognition
Big bath charges under the guise of
restructuring
Improper accruals and estimation of
liabilities in good times.
7-19

Illegal acts

ASA/ISA 250 provides guidance on an

auditors consideration of illegal acts

(noncompliance with laws and
regulations) An auditor:
Must understand the legal and regulatory

framework applicable to the entity and industry.

Normally does not include procedures
specifically designed to detect illegal acts.
Must recognise circumstances requiring special
attention (e.g. a debenture deed covenant requiring
a specific current ratio be maintained) and consider
these in preparation of audit programs.
7-20

Consideration of related parties

AASB 124 (IAS 24) sees related parties as:
Entities with one entity able to control the operating,

financing or investing decisions of another; or if several

entities are subject to control from the same entity; or if
the party is a joint venture in which the entity is a
venturer.

Related parties include key management

personnel (including directors), their close family

members and entities controlled by them as well
as superannuation funds run for the benefit of
employees or related parties of the entity.
7-21

Assessing risks associated with related parties

ASA/ISA 550 requires auditors to specifically assess the risk

that related parties and related-party transactions will not be

identified, or appropriately disclosed and/or measured.
An auditor must identify all related parties when planning the
audit because:
The existence of related parties or related-party transactions

can affect the financial information

The reliability of audit evidence is a function of the source of
that evidence
The initiation of a related-party transaction might be motivated
by other than ordinary business conditions, such as fraud.

7-22

Examples of related parties fraud

Examples of possible frauds involving

related parties:
Creating fictitious terms of transactions with related

parties
Fraudulently transferring assets at amounts
significantly above or below market value
Engaging in complex transactions with related
parties, such as special purpose entities, that are
structured to misrepresent the financial position or
performance of the entity.
7-23

Procedures for identifying related parties

1. Review the previous periods working papers for

known related parties.

2. Make inquiries of management concerning the names

of all related parties.

3. Review the entitys procedures for identifying related

parties.
4. Inquire about managements and directors affiliations

with other entities.

5. Review minutes of meetings.
6. Inquire of other auditors involved in the audit.
7-24

Existence of unidentified related parties

Examples of transactions that may indicate the

existence of unidentified related parties include:

Transactions that are overly complex (for example,

transactions involving multiple parties within a consolidated

group)
Transactions that have abnormal terms of trade, such as
unusual prices, interest rates, repayment terms or
guarantees
Transactions that lack an apparent logical business reason to
justify their occurrence
Transactions that have been processed in an unusual matter .

7-25

Appropriateness of the going concern basis

Going concern assumption:
Entity is viewed as continuing in business for the
foreseeable future without any intention or necessity to
liquidate or otherwise cease its operations (ASA
570.2/ISA 570.2).

ASA 570.10/ISA 570.10 requires auditors to assess

going concern at planning stage, as imminent

business failure might have an effect on
appropriateness of presentation of financial report
or might motivate management misrepresentations.
7-26

Appropriateness of going concern basis

(cont.)

Early identification helps focus audit effort

on appropriate assertions in the financial

report and permits early communication
with management.

An auditor focuses primarily on

anticipated events during the relevant

period, approximately 12 months from the
date of the current audit report to the
expected date of the next audit report.
7-27

Indications of going concern issues

Financial indicators:
High gearing or fixed-term or reliance on short-term loans
Withdrawal of financial creditors, inability to pay creditors

or denial of trade credit by suppliers

Negative operating cash flows or adverse key financial
ratios
Lack of sustainable operating profits
Dividend arrears
Difficulty in complying with loan agreement terms
Inability to obtain necessary financing.

See Table 7.2 on page 303 of the text.

7-28

Examples of indications of going concern

problems (cont.)

Operating indicators include:

Management intention to cease operations
Loss of key management personnel
Loss of major market, licence or franchise
Prolonged industrial action
Shortages of important supplies
Emergence of highly successful competitors .

See Table 7.2 on p.303 of the text

7-29

Examples of indications of going concern

problems (cont.)

Other indications:
Non-compliance with capital or statutory

requirements
Legal proceedings against the entity
Adverse changes in legislation or government
policy
Uninsured or underinsured disasters.

See Table 7.2 on p.303 of the text.

7-30

Mitigating factors
Auditor should consider mitigating factors.

These include:

Asset factorssale of assets, or delayed

replacement
Debt factorsunused lines of credit, ability
to renew or extend existing loans
Cost factorsability to reduce costs
Equity factorsadditional contributions
from owners, subsidiaries or associates.

See Table 7.3 on p.304 of the text.

7-31

Materiality
Auditor must make preliminary assessment of materiality

when planning the audit.

Materiality defined: information, individually or in

aggregate, that if misstated or omitted from a financial

report may adversely affect decisions about the allocation
of scarce resources made by financial report users
(ASA/ISA 320.2).
Auditor uses materiality to:
evaluate the presentation of financial data
determine the nature, timing and extent of audit procedures

(sometimes called planning materiality).

7-32

Performance materiality
ASA/ISA 320.11 requires the auditor to set performance

materiality for the purposes of assessing further audit

procedures.

ASA/ISA 320.9 defines performance materiality as:

The amount or amounts set by the auditor at less than

materiality for the financial report as a whole to reduce to
an appropriately low level the probability that the
aggregate of uncorrected and undetected misstatements
exceeds materiality for the financial report as a whole.
Usually ranges from 60% (for high risk) to 85% (for low

risk) of the figure established for materiality for the financial

report as a whole.
7-33

Materiality level
As noted by ASA/ISA 320.6, the auditor will consider

the nature of the item when determining the materiality

level.
Materiality is a concept of relative significance.
It depends on the amount of the item of interest and some

relevant basis of comparison.

To estimate an amount for planning materiality, the

auditor selects a base and a suitable percentage to

apply to that base.
This requires professional judgment, and not all auditors

do it the same way.

7-34

Choice of base

The choice of a base depends on value

judgment on relevance, stability and

predictability.
Net profit may be the most relevant base for a

company with publicly traded securities. However,

because net profit can fluctuate significantly from year
to year it lacks stability, and it is not relevant to
entities such as non-profit organisations.
Size-related bases such as total assets or total
revenue may be preferred because of their relative
stability.
7-35

Rules of thumb for planning materiality

(Table 7.4)

7-36

Financial information used as base

Can be taken from:

Financial report to be audited

(if available)
Annualised interim financial
information
Previous periods financial reports.

7-37

Qualitative factors in materiality

An auditor should consider qualitative

factors as well as quantitative assessment.
Qualitative factors includethe:
Significance of the item to the particular entity
Pervasiveness of the misstatement (e.g. The

misstatement might affect the presentation of

numerous items in the financial report)
Effect of the misstatement on the financial report as

a whole.
7-38

Materiality level for account balances,

classes of transactions or disclosures
An auditor needs to allocate planning materiality

to account balances and classes of transactions

for audit testing.
ASA 320.10 (ISA 320.10) requires that the auditor

consider materiality at both the financial report

level and in relation to individual account
balances, classes of transactions and
disclosures.

However it does not mandate the specific steps that an

auditor should take in allocating planning materiality.

7-39

Relationship between materiality & audit risk

There is an inverse relationship

between audit risk and materiality.

An auditor sets a lower materiality

threshold for accounts that have a

higher audit risk. This means the
auditor will need to collect more
evidence for these riskier accounts.
7-40

Accounting materiality
Materiality is a matter of relative significance.
Any quantitative guideline for determining

materiality must necessarily be arbitrary.

However, AASB 1031 states that in the absence of

evidence or convincing argument to the contrary:

An amount that is equal to or greater than 10% of an

appropriate base amount is presumed to be material.

An amount that is equal to or less than 5 per cent of
an appropriate base amount may be presumed not to
be material.
Determining whether an amount between 5 per cent
and 10 per cent is material is a matter of judgement.
7-41

Accounting materiality (cont.)

In determining whether an amount or aggregate of an item

is material, the item should be compared with one of the

following base amounts:
Statement of financial position itemsequity or the

appropriate asset or liability class total.

Income statement items(1) profit or loss for the current

financial year; or (2) average profit or loss for a number of years

if net profit varies greatly from year to year.

Cash flow items(1) net cash provided or used in the

operating, investing or financing activities as appropriate for the

current financial year; or (2) average net cash flows provided by
or used in the operating, investing or financing activities, as
appropriate for a number of years.

Evaluation of material misstatements identified during the audit is covered

in ASA/ISA 450, discussed in chapter 12.

7-42

Summary
Inherent risk is a major component of audit risk.
Inherent risk is the risk of errors occurring due to the

characteristics of the entity and the environment in

which it operates.

Special risk areas that need to be considered are fraud,

including earnings management; related party

transactions; and the appropriateness of the going
concern basis for preparing the financial report.

Materiality is a matter of judgment and is considered at

both the overall level and the account balance, class of

transactions and events, and disclosure levels, at both
the planning and the completion stages of the audit.
7-43