从四个方面去考虑审计风险:
1. 风险评估程序
ISA 315 givesan overview of the procedures that the auditor should follow in order to obtainan understanding sufficient to assess audit risks, and these risks must then beconsidered when designing the audit plan. ISA 315 goes on to require that theauditor shall perform risk assessment procedures to provide a basis for theidentification and assessment of risks of material misstatement at thefinancial statement and assertion levels. ISA 315 goes on to identify thefollowing three risk assessment procedures:
Making inquiries of management and others within theentity
Auditors must have discussions with the client’s management about its objectivesand expectations, and its plans for achieving those goals.
Analytical procedures
Analytical procedures performed as risk assessment procedures should help theauditor in identifying unusual transactions or positions. They may identifyaspects of the entity of which the auditor was unaware, and may assist inassessing the risks of material misstatement in order to provide a basis fordesigning and implementing responses to the assessed risks.
Observation and inspection
Observation and inspection may also provide information about the entity andits environment. Examples of such audit procedures can potentially cover a verybroad area, including observation or inspection of the entity’s operations,documents, and reports prepared by management, and also of the entity’spremises and plant facilities.
ISA 315 requires that risk assessmentprocedures should, at a minimum, comprise a combination of the above threeprocedures, and the standard also requires that the engagement partner andother key engagement team members should discuss the susceptibility of theentity’s financial statements to material misstatement. Key risks can beidentified at any stage of the audit process, and ISA 315 requires that theengagement partner should also determine which matters are to be communicatedto those engagement team members not involved in the discussion.
2. 理解一个实体
ISA 315 gives detailed guidance about the understanding required of the entityand its environment by auditors, including the entity’s internal controlsystems. Understanding of the entity and its environment is important for theauditor in order to help identify the risks of material misstatement, toprovide a basis for designing and implementing responses to assessed risk (seereference below to ISA 330, The Auditor’s Responses to AssessedRisks), and to ensurethat sufficient appropriate audit evidence is collected. Given that the focusof this article is audit risk, however, students should ensure that they alsomake themselves familiar with the concept of internal control, and thecomponents of internal control systems.
3. 定义和评估重要风险
和可能导致重大误报的风险
In exercising judgement as to which risks are significant risks, the auditor isrequired to consider the following:
· Whether the risk is a risk of fraud.
· Whether the risk is related to recent significanteconomic, accounting or other developments, and therefore requires specificattention.
·The complexity of transactions.
·Whether the risk involves significant transactions withrelated parties.
·The degree of subjectivity in the measurement offinancial information related to the risk, especially those measurementsinvolving a wide range of measurement uncertainty.
·Whether the risk involves significant transactions thatare outside the normal course of business for the entity, or that otherwiseappear to be unusual.
4. ISA 330 和风险的反馈
The requirements of ISA 330, The Auditor’s Responses to AssessedRisks, will be coveredin a future article, but essentially ISA 330 gives guidance about the natureand extent of the testing required, based on the risk assessment findings.
2016 ACCA学习资料大礼包(内含ACCA历年真题、考官文章、考官报告、备考宝典等实用学习资料),关注微信公众号:ACCA考友论坛(ID:ACCA-CHN)即可领取: