Comptronix Corporation

Case 2 – Comptronix Corporation

Question 1

Professional auditing standards present the audit risk model, which is used to determine the nature, timing, and extent of audit procedures. Describe the components of the model and discuss how changes in each component affect the auditor’s need for evidence.

The Audit Risk Model (ARM) is defined as:

[pic]

Inherent Risk (IR)

Inherent Risk is the auditor’s measure of assessing whether material misstatements exist in the financial statement before considering of internal controls. Ignoring internal controls, if the auditor assesses that the likelihood of material errors is high, the auditor will assume that the Inherent Risk is high. As the Control Risk constitutes a separate component of the Audit Risk Model, it is ignored here.

Control Risk (CR)

Control Risk is the auditor’s measure of assessing the likelihood that the client’s internal control system is unable to prevent or detect material misstatements exceeding a tolerable level. In assessing the level of the Control Risk, the auditor will assess the effectiveness of the firm’s internal control system during his audit, e.g. through questionnaires. The lower the effectiveness of internal controls the greater the frequency of error.

Detection Risk (DR)

Detection Risk is the auditor’s measure of assessing the likelihood that the auditor won’t detect material misstatements. Auditors will carry out more audit work to increase the detection rate if Internal Risk and Control Risk are too high in order to meet the Audit Risk target.

When applying the Audit Risk Model, the auditor has to determine a target level of Audit Risk that is in accordance with providing reasonable assurance. The Internal Risk and Control Risk can be pooled together as Occurrence Risk (OR), i.e. the risk of the existence of misstatements before the actual audit. The Detection Risk on the other hand is the risk of the existence of misstatements during the...