CC BY
9
УДК 33
Kopanitsa E. V.
Student of 2 course Faculty of Economics Scientific Director: Sergina S.A. Omsk State University of F. M. Dostoevsky
Russia, Omsk
RISK IN AUDIT
Abstract: the article discusses the nature of audit risk, its types and models of audit risk, risk assessment methods and risk management techniques in auditing.
Key words: audit risk, control risk, detection risk, model risk assessment, risk management.
Копаница Е.В. студент 2 курса факультет «Экономический» Сергина С.А. научный руководитель Университет: ОмГУ им. Достоевского
Россия, г. Омск
РИСКИ В АУДИТЕ
Аннотация: В статье рассматривается сущность аудиторского риска, его типы и модель аудиторского риска, методы оценки риска и методы управления рисками в аудите.
Ключевые слова: Аудиторский риск, риск котроля, риск необнаружения, модель риска,управление рисками.
Introduction
Today the problem of financial control of economic entities in our country is very actual.It is connected with the development of economic relations.One of the functions of audit is the control of financial and economic activities of economic entities.
The audit companies that are commercial organizations face a variety of risks while carrying out their activities because the auditor can never be sure that the financial statements do not contain errors, and his opinion is completely objective. The most significant risk is the risk of low-quality of audit services. It can lead to loss of customers and the cancellation of the license to perform audit activities.
The auditor may face with reasonable claims to the quality of his work and the reliability of the findings (in one case the claim will come from the users of audit; in another case, the claim will come from the audited entity).
So, it is important to qualify all the audit risks in order to reduce them.
I find this topic very relevant for our country because the audit is carried out in all enterprises and the auditor is always responsible for his actions, which can bring many consequences.
The aim of my work is to determine the role of risk in the field of audit and the impact of audit risk on the activity.
The tasks of this work are:
1. Give a general description of the concept of "risk", the components of audit risk and risk model in audit
2. Give the risk assessment
3. Consider the risk management methods and methods dealing with risk
Risk in audit
The objective of the auditor is to conduct the audit of financial statements in a manner that reduces audit risk to an appropriately low level.
Audit Risk is the risk that the auditor may express an unqualified audit opinion when the financial statements are materially misstated or when there exist material weaknesses in the system of internal controls.
To form an appropriate basis for expressing an opinion on the financial statements, the auditor must plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement due to error or fraud [1].
Types of Audit Risk
Audit risk is the risk of error while performing an audit, and it traditionally is broken into three components.
Inherent risk is one of the major types of audit risk. Inherent risk is common in the financial services sector. Reasons include complexity and dynamism in regulating financial institutions, large networks of related companies and the development of derivative products and other instruments.
The second type is control risk. Control risk is realized when a financial misstatement results from lack of proper accounting controls in the firm. This is most likely to surface in the form of fraud or lazy accounting practices.
Risk control is the method by which firms evaluate potential losses and take action to reduce or eliminate such threats. It is a technique that utilizes findings from risk assessments, which involve identifying potential risk factors in a firm's operations that may impact the well-being of the firm.
It's also possible that auditors simply fail to detect an otherwise easy-to-notice error in the financial accounts. This is known as detection risk. Normally, detection risk is countered by increasing the number of sampled transactions during testing.
Detection risk is the chance that an auditor will not find material misstatements relating to an assertion in an entity's financial statements through substantive tests and analysis. Detection risk is the risk that the auditor will conclude that no material errors are present when in fact there are.This is known as detection risk. Normally, detection risk is countered by increasing the number of sampled transactions during testing .Detection risk is one of the three elements that comprise audit risk, the other two being inherent risk and control risk [2].
1.1 Risk Model in Audit
1.2 The audit risk model provides an approach to assess risks for the account balance or class of transactions to determine the nature, timing and extent of audit procedures. The risk based assessment identifies high-risk areas which would require more audit focus and effort as compared to low-risk areas [3].
Audit Risk = Inherent Risk x Control Risk x Detection Risk
Audit risk may be considered as the product of the various risks which may be encountered in the performance of the audit. In order to keep the overall audit risk of engagements below acceptable limit, the auditor must assess the level of risk pertaining to each component of audit risk.
Once these three factors are taken into account, the audit risk model may then be figured out, and the overall risk of the auditing session may then be managed [4].
Risk assessment in audit
A company's senior management is responsible for its financial statements. Under generally accepted auditing standards, auditors are required to obtain reasonable assurances that these statements are free of material misstatements caused by error or fraud. The GAAS audit risk model allows auditors to take various circumstances into account in selecting an audit approach, including the client's business and industry, the systems employed to process transactions, the quality of the personnel involved and the internal controls and risk assessment processes. An auditor should try to limit audit risk, which is the product of inherent risk, control risk and detection risk [5].
Auditors are required to assess inherent risk and control risk on three levels: maximum or high risk, moderate or medium risk and low risk. If the inherent and control risks are high, the detection risk must be low in order to have a low overall audit risk. Therefore, the auditor has to carry out more detection procedures to be reasonably assured that the financial statements are free of material misstatements.
The Performance Audit Manual requires the auditor to perform risk assessment during the preliminary study in order to:
■ to focus the audit on high-risk areas.
■ reveal areas of potential weakness in an organisation,
■ identify risks and analyse those which are the most significant and
■ critical to the achievement of good performance,and other
The auditor should now be aware of all the risks relating to the audit area. The risks identified should be closely examined in order to decide on the ones that are key (significant and relevant).
Risks can be grouped by affinity i.e. by category, by subject, by theme. Risks can also be sorted by different categories: objective, type, impacted area, root-cause, process, activity, etc. or any other criteria selected by the auditor and which is relevant for the audit [5].
The risk assessment determines the nature, timing and extent of audit procedures to respond to identified risk appropriately - the general rule of thumb being the greater the level of risk, the more persuasive the audit evidence required to reduce its potential to an acceptable level. [6].
The general risk management
In its purest form, risk management is the identification, classification and prioritization of risks. This is generally done in tandem with efforts to monitor, control and mitigate the risks. Risks themselves can be from factors internal to the project, such as the adoption of a new technology, team members that are new to the project manager, or resource constraints and internal dependencies. Additionally, risks can also be external, such as the health of the financial markets, competitive pressures, legal liabilities or even accidents. The sheer number and type of risks that may (or may not) factor in to a given project gives a good idea of how complex and problematic risk assessment can become.
Principles of Risk Management
There are specific core principles in regards to risk management. When looking to perform an actual risk assessment, the following target areas should be part of the overall risk management procedure (as defined by the International Standards Organization; ISO):
■ The process should create value
■ It should be an integral part of the organizational process
■ It should factor into the overall decision making process
■ It must explicitly address uncertainty
And other
Risk Management Process
There is a specific procedure that one should follow when it comes to performing a risk assessment. The overall process can be itemized as follows:
Identification - Perform a brainstorming session where all conceivable risks are itemized
Planning - Once defined, plan for contingencies as part of the overall project plan; implement controls as needed
Derive Safeguards - Place specific 'fallbacks' into the overall project plan as contingencies for risks if they arise
Monitor - Continuously monitor the project to determine if any defined (or un-expected) risks manifest themselves
Dealing with Risk
Once the risks are identified and the specific risk process has been instantiated, what should the project manager do with the defined risks? There are actually certain techniques to be aware of pertaining to risk. Being aware of what the risks are will dictate how effective each of the individual risk management options might be.
■ Avoid the Risk - This may seem obvious, but it is an actual technique. There are instances where a perceived risk can be avoided entirely if certain steps are taken.
■ Reduce the Risk - While some risks cannot be avoided, they can be reduced. This may be accomplished by fine tuning aspects of the overall project plan or making adjustments to specific areas of scope. Whatever the case, reducing a risk reduces the impact it will have on your project.
■ Share the Risk - If a certain risk cannot be avoided or reduced, steps can be taken to share the risk in some way. Perhaps a joint venture with a third-party will reduce the downside risk for the organization as a whole. This could reduce the sunk cost and potential losses of the project if sharing of risk results in it being spread out over several different individuals or groups.
■ Retain the Risk -Once all options are exhausted, the team members, sponsor and project manager may just decide to retain the risk and accept the downside potential as is. This decision is usually made by first determining the upside potential of the project. If it is deemed that the project's expected upside far outweighs the sunk cost and downside, than the risk itself may be worth it. [7].
Conclusion
The relevance of the work lies in the fact that risk identification is one of the most important stages of check which affects the kind of conclusion and welfare of both firms. The verification with the low risk assessment allows you to make a favorable prognosis for functioning of the company in the future that will attract new investors. Correct risk identification allows to implement the activity of auditors effectively without such consequences as negative feedback and revocation of license in extreme cases.
The aim of this work was to review the concepts of audit risk, its types and influence on activity. For the achievement of this purpose I have solved the following tasks: I gave a general description of risk of audit; I studied components and models of risk in audit; I assessed risk in audit.
One of the most important elements in the organization and planning of the audit object is to assess the risks of the audit, which determines the orientation of the work in a reasonable amount of sample surveys to the definition of "risk areas".The auditor may reduce the level of risk but audit risk can never be reduced to zero, so the task of the auditor is to minimize the likelihood of errors. The systematic approach is the best method of reducing audit risk. This approach involves the standardization of all important moments of monitoring, testing, record keeping and reporting.
Использованные источники:
1. Source: Auditing Standard No. 8 (2010, December 15)
2. Source: Investopedia (2015,April 16) «What are some examples of inherent risk»
3. Source: (2014, April 15) «Audit Risk Model»
4. «Audit Risk ModelInherent Risk, Control Risk & Detection Risk»
5. Source: Basu Chirantan «Types of Audit Risks»
6. Source: Fraser Susan (2011,December 22) «The risk-based audit approach»
7. Source: (2011,May 29) « Risk Management - Principles and Definitions»
