What Is an Audit Risk Assessment?

Risk assessment procedures refer to audit procedures implemented by certified public accountants in order to understand the audited entity and its environment in order to identify and evaluate major misstatement risks (whether misstatements are caused by fraud or mistakes) at the level of financial statements and recognition levels. The certified public accountant should consider the nature, time and scope of the risk assessment procedures to be implemented. ^[1]

Risk assessment procedure

Right!

Definition: For

A certified public accountant may consider asking management and the person in charge of finance the following:

(1) Major issues of concern to management. Such as new competitors, major customers and

Analytical procedures are

The observation and inspection procedures can corroborate the results of queries from management and other relevant personnel, and can provide information about the audited entity and its environment. The CPA should implement the following observation and inspection procedures.

(1) Observe the production and operation activities of the audited unit. For example, observing the production activities and internal control activities being performed by the personnel of the audited unit can increase the CPA's understanding of how the personnel of the audited unit conduct production and operation activities and implement internal control.

(2) Check documents, records and internal control manuals. For example, check the articles of association of the audited unit, contracts and agreements with other units, operating procedures of various business processes, and internal control manuals, etc., to understand the establishment and soundness of the audited unit's organizational structure and internal control system.

(3) Read reports prepared by management and governance. For example, read the annual and interim financial reports of the audited units, the minutes or minutes of shareholders' meetings, board meetings, senior management meetings, management discussions and analysis data, business plans and strategies, and evaluation of important operating links and external factors , The internal management report of the audited unit and other special purpose reports (such as the feasibility analysis report of the new investment project), etc., to understand the major events that occurred in the audited unit from the end of the previous audit to the audit period.

(4) On-site inspection of the production and business premises and equipment of the audited unit. Through on-site visits and on-site inspections of the production and operation sites and equipment of the audited entity, it can help certified accountants understand the nature of the audited entity and its business activities. During the on-site inspection of the audited unit's factory building and office space, the CPA has the opportunity to communicate with the management of the audited unit and employees with different responsibilities, which can enhance the CPA's operations and significant impact on the audited unit Understanding of factors.

(5) Track the processing of transactions in the financial reporting information system (pass-through test). This is an audit procedure often used by certified public accountants to understand the business processes of the audited unit and its related controls. By tracking how one or more transactions are generated, recorded, processed, and reported in the business process, and how related internal controls are performed, the CPA can determine whether the audited unit's transaction process and related controls are previously obtained through other procedures. Understanding and determine whether related controls are implemented.

In addition to using the above procedures to obtain information from within the audited entity, if, based on professional judgment, it is believed that the information obtained from outside the audited entity is helpful in identifying the risk of material misstatement, the CPA should implement other audit procedures to obtain this information. For example, ask external legal consultants, professional appraisers, investment consultants, and financial consultants hired by the audited unit.

Reading external information may also help CPAs understand the audited entity and its environment. External information includes reports issued by securities analysts, banks, and rating agencies on the economic or market environment of the audited unit and its industry, trade and economic journals, regulations or financial publications, and government agencies or Industry reports and statistics released by non-governmental organizations.

The CPA should consider whether the information obtained during the process of undertaking the client or renewing the contract, and the experience gained from providing other services to the audited entity, can help identify the risk of material misstatement. Generally, for a new audit business, the CPA should have a preliminary understanding of the audited entity and its environment during the business undertaking phase to determine whether to undertake the business. For continuous audit business, the overall audit of the previous year's audit should also be made during the annual renewal process, and the understanding of the audited unit and the results of risk assessment should be updated to determine whether to renew the contract. The CPA should also consider whether the experience gained in providing other services to the audited unit (such as the implementation of the interim financial statement review business) can help identify significant misstatement risks.

For the continuous audit business, if it intends to use the information obtained in the previous period, the CPA should determine whether the audited unit and its environment have changed, and whether the change may affect the relevance of the information obtained in the previous period in the current audit. For example, audit evidence about the organizational structure, production and operation activities, and internal control of the audited unit obtained through previous audits, as well as information about whether past misstatements and misstatements have been corrected in a timely manner, can help certified public accountants evaluate the financial statements of the current period. Risk of material misstatement. However, it is worth noting that changes in the audited entity or its environment may cause such information to become irrelevant in this audit. For example, the CPA has learned about the design and implementation of internal control in the previous period, but the audited entity and its environment may change during this period, resulting in corresponding changes in internal control. In this case, the CPA will need to perform enquiries and other appropriate audit procedures (such as walk-through testing) to determine whether the change may affect the relevance of such information in this audit.

It should be noted that the CPA has six aspects (relevant industry conditions, legal environment, regulatory environment and other external factors; the nature of the audited unit; the selection and application of the audited unit's accounting policies; the audited unit's goals, strategies, and possible Relevant business risks that cause significant misstatement risks; measurement and evaluation of the financial performance of the audited unit; internal control of the audited unit. All risk assessment procedures. For example, analysis procedures are often not used in understanding internal controls. However, in the entire process of obtaining an understanding of the audited entity and its environment in accordance with the requirements of this Code, the CPA usually implements all of the above risk assessment procedures.

What Is an Audit Risk Assessment?

Risk assessment procedure

IN OTHER LANGUAGES

RELATED ARTICLES

How can we help?