Why is risk assessment important in planning an audit?

Skip to content

  • Services
    • Assurance
      • Audit & Assurance
      • Employee Benefit Plan Audits
      • Risk Assurance Services
      • Internal Audit and SOX Compliance Services
      • System and Organization Control Reporting [SOC]
      • GDPR – General Data Protection Regulation
      • WebTrust for Certified Authorities [CA]
      • ISO/IEC 27018
      • HIPAA Attestation
    • Tax
      • Business Tax Services
      • Research and Development Tax Credit
      • International Tax
      • State and Local Tax
      • Personal Tax Services
      • Estate & Trust
    • Consulting
      • Lease Accounting Consulting & Advisory
      • Outsourced Accounting Services
      • Cloud Technology Solutions
      • Family Office Services
    • Sustainability
      • Sensiba Center for Sustainability
      • Our Process
      • Impakt IQ ESG Assessment Tool
      • B Corp Certification Consulting
      • Beginning Your Sustainability Journey? Start Here.
    • Software
      • Sage Intacct
      • BlackLine
      • Limelight
      • Wherefour
  • Industries
    • Agribusiness
    • Construction
    • Manufacturing & Distribution
      • Actions Sports
      • Food & Beverage
      • Wine & Craft Brew
    • Real Estate
    • Technology
    • Venture Capital
  • Resources
    • Insights Blog
    • The COVID-19 Information Center
    • Rebooting Capitalism Podcast
    • Events
    • Newsletter Sign-Up
    • Worksheets
    • Remote Support
  • Why SSF
    • Why SSF
    • Certified B Corp
    • Diversity, Equity, and Inclusion
    • Leadership
    • Affiliations
    • Newsroom
    • Peer Review Report
  • Careers
    • Work With SSF
    • Campus Recruiting
    • Experienced Professionals
    • Your Development
    • Current Opportunities
  • Client Center
    • Client Portal
    • W9
    • Pay Online
    • ACH Banking Info
    • Remote Support
  • Contact Us

  • Services
    • Assurance
      • Audit & Assurance
      • Employee Benefit Plan Audits
      • Risk Assurance Services
      • Internal Audit and SOX Compliance Services
      • System and Organization Control Reporting [SOC]
      • GDPR – General Data Protection Regulation
      • WebTrust for Certified Authorities [CA]
      • ISO/IEC 27018
      • HIPAA Attestation
    • Tax
      • Business Tax Services
      • Research and Development Tax Credit
      • International Tax
      • State and Local Tax
      • Personal Tax Services
      • Estate & Trust
    • Consulting
      • Lease Accounting Consulting & Advisory
      • Outsourced Accounting Services
      • Cloud Technology Solutions
      • Family Office Services
    • Sustainability
      • Sensiba Center for Sustainability
      • Our Process
      • Impakt IQ ESG Assessment Tool
      • B Corp Certification Consulting
      • Beginning Your Sustainability Journey? Start Here.
    • Software
      • Sage Intacct
      • BlackLine
      • Limelight
      • Wherefour
  • Industries
    • Agribusiness
    • Construction
    • Manufacturing & Distribution
      • Actions Sports
      • Food & Beverage
      • Wine & Craft Brew
    • Real Estate
    • Technology
    • Venture Capital
  • Resources
    • Insights Blog
    • The COVID-19 Information Center
    • Rebooting Capitalism Podcast
    • Events
    • Newsletter Sign-Up
    • Worksheets
    • Remote Support
  • Why SSF
    • Why SSF
    • Certified B Corp
    • Diversity, Equity, and Inclusion
    • Leadership
    • Affiliations
    • Newsroom
    • Peer Review Report
  • Careers
    • Work With SSF
    • Campus Recruiting
    • Experienced Professionals
    • Your Development
    • Current Opportunities
  • Client Center
    • Client Portal
    • W9
    • Pay Online
    • ACH Banking Info
    • Remote Support
  • Contact Us

  • View Larger Image

Risk Assessment: A Critical Part of the Audit Process

Audit season is right around the corner for calendar-year entities. Here’s what your auditor is doing behind the scenes during the risk assessment process — and how you can help facilitate the planning process.

What is audit risk?

Every audit starts with assessing “audit risk.” This refers to the likelihood that the auditor will issue an adverse opinion when the financial statements are actually in accordance with U.S. Generally Accepted Accounting Principles [GAAP] or [more likely] an unqualified opinion when the opinion should be either modified or adverse.

Auditors can’t test every single transaction, recalculate every estimate or examine every external document. Instead, they tailor their audit procedures and assign audit personnel to keep audit risk as low as possible.

The role of an auditor

The auditor’s role is to attest to your company’s financial statements. Specifically, your audit firm assures that your financial statements are “fairly presented in all material respects, compliant with GAAP and free from material misstatement.”

Unqualified [or clean] audit opinions require detailed substantive procedures, such as confirming accounts receivable balances with customers and conducting test counts of inventory in the company’s warehouse. Generally, the more rigorous the auditor’s substantive procedures, the lower the likelihood of the audit team failing to detect a material misstatement.

Inherent risk vs. control risk

Auditors evaluate two types of risk:

  1. Inherent risk. This is the risk that material departures could occur in the financial statements. Examples of inherent-risk factors include complexity, volume of transactions, competence of the accounting personnel, company size and use of estimates.
  2. Control risk. This is the risk that the entity’s internal controls won’t prevent or correct material misstatements in the financial statements.

Separate risk assessments are done at the financial statement level and then for each major account — such as cash, receivables, inventory, fixed assets, other assets, payables, accrued expenses, long-term debt, equity, and revenue and expenses. A high-risk account [say, inventory] might warrant more extensive audit procedures and be assigned to more experienced audit team members than one with lower risk [say, equity].

How auditors assess risk

New risk assessments must be done each year, even if the company has had the same auditor for many years. That’s because internal and external factors may change over time. For example, new government or accounting regulations may be implemented, and company personnel or accounting software may change, causing the company’s risk assessment to change. As a result, audit procedures may vary from year to year or from one audit firm to the next.

The risk assessment process starts with an auditing checklist and, for existing audit clients, last year’s work papers. But auditors must dig deeper to determine current risk levels. In addition to researching public sources of information, including your company’s website, your auditor may call you with a list of open-ended questions [inquiries] and request a walk-through to evaluate whether your internal controls are operating as designed. Timely responses can help auditors plan their procedures to minimize audit risk.

Your role during the audit process

Audit fieldwork is only as effective as the risk assessment. Evidence obtained from further audit procedures may be ineffective if it’s not properly linked to the assessed risks. So, it’s important for you to help the audit team understand the risks your business is currently facing and the challenges you’ve experienced reporting financial performance, especially as companies implement updated accounting rules in the coming years.

Contact us to get help with your risk assessment process.

By Thomson Reuters|2022-07-25T12:02:16-04:00December 18th, 2019|Categories: Audit, Blog|Comments Off on Risk Assessment: A Critical Part of the Audit Process

Share This Story, Choose Your Platform!

Related Posts

What is the importance of risk assessment?

Risk assessments are very important as they form an integral part of an occupational health and safety management plan. They help to: Create awareness of hazards and risk. Identify who may be at risk [e.g., employees, cleaners, visitors, contractors, the public, etc.].

What is the main benefit of risk

A risk-based approach to audits enables the internal auditors to identify risks correctly and allows management to put the right internal controls in place for the best performance. This provides you with a better understanding of the risks and enables your organization to better manage them.

What is the purpose of a risk assessment in internal audit?

During the risk assessment process, Internal Auditing identifies and assesses both the likelihood and potential impact of various risks to the organization. Internal controls are then identified and evaluated to determine how adequate they are in reducing risk to ensure that residual risk is at manageable levels.

Why risk

Through risk-based auditing, the internal audit activity helps executive management and the board understand whether the organization's risk management processes are sufficient and how to better achieve organizational objectives through good governance, risk management, and control.

Chủ Đề