The-Accountant-Jul-Aug-2017
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Governance<br />
an understanding of the entity and<br />
its environment in order to assess<br />
the risks of material misstatement of<br />
financial statements. This reinforces<br />
the importance of obtaining a bird’s<br />
eye view of the entity’s business<br />
and significant business risks by the<br />
auditor at the audit planning stage.<br />
<strong>The</strong> complexities of modern day<br />
businesses and accounting practices<br />
have necessitated the consideration of<br />
business risks during the course of the<br />
audit.<br />
Business risks are the factors that<br />
could prevent or hinder a company<br />
from achieving its goals and objectives.<br />
Audit Risk on the other hand, is<br />
the risk that the auditor expresses<br />
an inappropriate audit opinion on<br />
the financial statements. Audit risk<br />
therefore includes any factors that<br />
may cause a material misstatement or<br />
omission in the financial statements.<br />
<strong>The</strong> auditor’s work therefore will be<br />
to detect these misstatements and<br />
omissions.<br />
Whereas business risks relate to the<br />
organization and its stakeholders, audit<br />
risk relates specifically to an auditor.<br />
Although audit risks and business risks<br />
are dissimilar in nature, it is often the<br />
case that identification of significant<br />
business risks lead to the detection of<br />
audit risks.<br />
<strong>The</strong> auditor will try as much<br />
Although audit risks and business risks are<br />
dissimilar in nature, it is often the case that<br />
identification of significant business risks<br />
lead to the detection of audit risks.<br />
as possible to lower the level of audit<br />
risk. This is done by assessing the audit<br />
risk model that is Inherent Risk (IR),<br />
Control Risk (CR) and Detection Risk<br />
(DR) which are all functions of Audit<br />
Risk (AR) giving rise to the audit<br />
risk model equation AR=IR*CR*DR.<br />
Inherent risk is the risk that an account<br />
might be materially misstated due to its<br />
nature for example in a school with a<br />
high population, receivables has a high<br />
inherent risk.<br />
Business risk and inherent risk both<br />
bear on; the audit, the audit risk model,<br />
the nature, timing and extent of work<br />
performed. Inherent risk and business<br />
risk have an inverse relationship to<br />
detection risk and have a direct effect on<br />
the level of work performed. Neither of<br />
risk can be eliminated totally and neither<br />
is controllable by the auditor. Business<br />
risk relates to the financial statements<br />
and affects overall audit risk; inherent<br />
risk applies to an individual audit area.<br />
Inherent risk is explicitly included in the<br />
professional standards and the audit‐risk<br />
model while business risk is not and has<br />
only an indirect bearing on the model.<br />
Management can take steps to affect the<br />
level of inherent risk, but the perceptions<br />
of users of the financial statements bear<br />
on business risk.<br />
According to the glossary accompanying<br />
the IAASB pronouncements on assurance<br />
engagement and related services business<br />
risk has been defined as follows:<br />
A risk resulting from significant<br />
conditions, events, circumstances, actions<br />
or inactions that could adversely affect an<br />
entity’s ability to achieve its objectives and<br />
execute its strategies, or from the setting<br />
of inappropriate objectives and strategies.<br />
<strong>The</strong> risk that business is facing problems<br />
in achieving its business objectives have<br />
important implications on the auditor’s<br />
work. Thus ultimately business risk gets<br />
connected with audit risk which the<br />
auditor wants to set very low.<br />
Business risks facing an organization<br />
can be wide-ranging and diverse. <strong>The</strong><br />
ultimate business risk any organization<br />
faces is the risk that it seizes to be a<br />
going concern (ISA 570). Business risks<br />
therefore comprise any factors that may<br />
contribute towards business failure.<br />
Examples of business risks include;<br />
loss of major customers, increase in<br />
production costs, decline in product<br />
demand, litigations and claims,<br />
technological obsolescence, increase<br />
in market competition, political and<br />
economic instability, inadequate financing,<br />
high financial risk.<br />
Why audit risk arises?<br />
Audit risk arises because of existence of<br />
material misstatements in the financial<br />
statements which audit procedures were<br />
unable to detect hence DR=AR /(IR*CR).<br />
Why material misstatements are in<br />
financial statements?<br />
Material misstatements exist because of<br />
two reasons:<br />
i. <strong>The</strong>re are no controls to stop such<br />
misstatements from entering the financial<br />
statements.<br />
ii. Controls are in place but they are not<br />
effective against misstatements and thus<br />
are unable to prevent such misstatements<br />
to enter the financial statements. And<br />
after they have entered control system<br />
is unable to detect and correct such<br />
misstatements.<br />
Business risks can arise from any<br />
situation for example; government bans<br />
the use of a particular raw material to be<br />
used, as it causes pollution. This example<br />
fulfils the definition of the business risk<br />
given above; as due to this government<br />
ban, a manufacturer might not be able to<br />
achieve their target profit which is one of<br />
the business objectives.<br />
Now let’s understand how this<br />
government policy will raise inherent risk.<br />
Because of this order certain production<br />
machinery and raw materials may be<br />
rendered useless or written off as the<br />
manufacturer cannot use any other raw<br />
material and thus carry no value. Now<br />
this event requires adjustments in the<br />
amounts of asset and this event must be<br />
detected by the internal control system.<br />
JULY - AUGUST <strong>2017</strong> 25