CHAPTER 4

THE CORE OF THE AUDIT

4.1 RISK ASSESSMENTS

Covering: ISA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing, ISA 315 Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment.

Why do I need to read this section?

Understanding the audit risk model, that all audits involve a risk assessment and that assessments depend on auditor judgement, is critical to understanding auditing. An audit involves more assessments and judgements than is generally appreciated. An audit opinion is just that, an opinion not a certification, and opinions sometimes differ. Students who realise that there is no one correct answer to a question on risk assessment or audit testing make better progress than those always looking for the ‘right’ answer which they think must exist and which the examiner is looking for. There are very few auditing and assurance papers that do not cover risk assessment in some form.

What is important in this section?

• Understanding the risk model and how risk, controls, testing control effectiveness and substantive procedures fit together.
• Being able to give good examples of different types of risk, appreciating what auditors need to understand about a business, and how they will gain that understanding.
• Internal controls: what they are, the need to assess their design and implementation, how to test them and deal with deviations.