Audit Risk and Materiality: A Guide for Auditors
Section 312: Audit Risk and Materiality
Introduction
01. This section provides guidance on the considerations that the auditor should give to risk and materiality when planning and conducting a review of financial statements in accordance with generally accepted auditing standards. Audit risk and the recognition of the relative importance of some matters affecting the application of generally accepted auditing standards, especially standards relating to the execution of the work and reports, are implicit in the auditor’s standard report.
02. The existence of audit risk is recognized and is implicit in the auditor’s standard report. The report states that the auditor has obtained “reasonable assurance” about whether the financial statements are free of material misstatement. Audit risk is the risk that the auditor, unknowingly and inadvertently, may fail to detect a material misstatement. In addition to audit risk, the auditor is also exposed to the risk of adverse publicity or other events arising in connection with financial statements examined by him.
03. The concept of materiality recognizes that some matters, either individually or as a whole, are important for the purpose of fair presentation of financial statements in conformity with generally accepted accounting principles, while others are not. The phrase “present fairly, in all material respects, in accordance with generally accepted accounting principles” indicates that the auditor believes the financial statements, taken together, are not significantly misstated.
04. The financial statements are significantly misstated when they contain errors or irregularities whose effect, individually or in its entirety, is important enough to make such statements not presented reasonably, in all material respects, in accordance with generally accepted accounting principles. Errors and irregularities are the result of the misapplication of these principles, deviations from the facts, or the omission of required information.
05. Upon reaching a conclusion on whether the effect of errors, individual or cumulative, is important, the auditor ordinarily should consider the nature and amount in relation to the items shown in the financial statements under examination. For example, an amount that is material to the financial statements of an entity may not be significant in the financial statements of another entity of a different size or feature. Moreover, what is significant in the financial statements of a particular entity might change from one period to another.
06. Considering the relative importance is a matter of professional judgment and is influenced by how the auditor perceives the needs of a reasonable person relying on the financial statements. For purposes of this section, the relative importance is defined as the magnitude of an omission or error in the accounting information that, in the light of present circumstances, makes it likely that the judgment of a reasonable person relying on the information could change or be influenced by the omission or error.
07. As a result of the interaction of quantitative and qualitative judgments about relative importance, relatively small amounts of errors detected by the auditor may have a significant effect on the financial statements. For example, the illegal payment of an amount, which in itself is insignificant, could be significant if there is a reasonable possibility that it may become a significant contingent liability or a significant decline in revenues.
Audit Planning
08. The auditor must consider audit risk and the relative importance:
a) When planning the audit and designing procedures for it, and
b) When assessing whether the financial statements taken as a whole are presented fairly in all material respects.
In the first circumstance, the auditor should consider audit risk and materiality for achieving sufficient and competent supporting evidence. In the second circumstance, the auditor should consider audit risk and materiality to properly evaluate the financial statements.
Considerations at the Financial Statements Level
09. The auditor should plan the audit so that the risk is limited to a low level, which is appropriate for expressing an opinion on the financial statements. Audit risk can be assessed in quantitative or non-quantitative terms.
10. Section 311 “Planning and Supervision” requires the auditor, in the audit plan, to consider, among other things, his preliminary judgment on the levels of materiality for purposes of the audit. This judgment may or may not be quantified.
11. In accordance with this Section, the nature, timing, and extent of planning, and therefore the considerations of audit risk and materiality, vary with the size and complexity of the entity, the auditor’s experience, and knowledge of the entity’s business.
12. In planning the audit, the auditor should use his judgment to maintain an appropriately low level of audit risk. The auditor should also establish his preliminary judgment on materiality levels in such a way that they will provide sufficient evidence to obtain reasonable assurance about whether the financial statements are free of material misstatement. Normally, the auditor considers materiality for planning purposes, depending on the smallest level of accumulated errors that could be considered significant in any of the financial statements.
13. The auditor plans the overall audit to obtain reasonable assurance of detecting errors that he thinks might be large enough, individually or cumulatively, to affect the financial statements. An auditor typically works within economic limits; his opinion, to be economically useful, must be achieved within a reasonable time and cost.
14. In some situations, the auditor considers materiality for planning purposes before the financial statements to be audited are prepared. In other situations, planning is done after the financial statements to be audited have been prepared, but the auditor may be aware that they require a significant modification.
15. Assuming theoretically that the auditor’s judgment of relative importance in the planning stage was based on the same information available to him in the evaluation stage, materiality for planning purposes and evaluation would be the same. However, it is usually not feasible for the auditor, in the audit plan, to anticipate every situation that may ultimately influence judgments about materiality in evaluating the audit findings at the end of the audit.
16. In planning the audit procedures, the auditor should also consider the nature, cause (if it is known), and amount of errors that have come to his attention from prior period financial statements.
Considerations at the Individual Account Balance or Transaction Type Level
17. The auditor recognizes that there is an inverse relationship between the considerations of audit risk and materiality. For example, the risk that an account balance or class of transactions, in particular, may be misstated in an extremely large amount might be very low, but the risk that it may be misstated in an extremely low amount, could be very high. This would require the auditor to conduct one or more of the following: (a) select a more effective audit procedure, (b) conduct the audit procedures at a date closer to the balance sheet date, or (c) increase the scope of a particular audit procedure.
18. In determining the nature, timing, and extent of audit procedures applied to a specific account balance or class of transactions, the auditor should design procedures to obtain reasonable assurance about discovering the errors he believes could be material. For purposes of this section, the phrase “account balance or class” extends also to any component of an account balance or class of transactions or any statement in the respective financial statements.
19. The auditor needs to consider audit risk at the individual account balance or transaction type, and that such consideration will directly help determine the extent of audit procedures. The auditor should seek to restrict audit risk at the individual account balance or class of transactions, so as to allow the completion of his review and express an opinion on the financial statements.
20. At the account balance or class of transactions, audit risk consists of (a) the risk (consisting of inherent risk and control risk) that the account balance or class and related assertions contain an error, which could be significant in the financial statements when it is added to the error of other account balances or transaction types, and (b) the risk (detection risk) that the auditor will not detect this error. The discussion that follows describes audit risk in terms of three types of risks. The manner in which the auditor considers and combines these types of risks involves professional judgment and depends on his audit approach.
(i) Inherent risk is the susceptibility of an assertion about the financial statements to contain a material misstatement assuming there are no related policies and procedures in the internal control system.
(ii) Control risk is the risk that a material misstatement that could exist in an assertion about the financial statements will not be prevented or detected on a timely basis by the policies or procedures of the internal control system.
(iii) Detection risk is the risk that the auditor will not detect a material misstatement in the financial statements assertion. Detection risk is a function of the effectiveness of an audit procedure and its application by the auditor.
21. Inherent risk and control risk differ from detection risk in that they exist independently of the audit of financial statements, while detection risk is related to the auditor’s procedures and can be changed at his discretion. The lower the inherent and control risk the auditor believes exists, the greater the detection risk that he can accept. Conversely, the larger the inherent risk and control risk that the auditor believes exists, the less the detection risk he can accept.
22. When the auditor assesses the inherent risk of an assertion related to an account balance or class, he evaluates numerous factors involving professional judgments. When appropriate, he considers not only factors related to the assertion referred to, but also other factors that influence the financial statements.
23. The auditor also uses his professional judgment to assess control risk of an assertion related to an account balance or class. The assessment of control risk by the auditor is based on the sufficiency of the evidence obtained to support the effectiveness of policies or procedures of the internal control system in preventing and detecting errors in the statements of the financial statements.
24. The auditor may make separate or combined assessments of inherent and control risk. If he considers the inherent risk and control risk, separately or in combination, are less than the maximum, he must have an appropriate basis for confidence in his assessments. This basis can be achieved, for example, through the use of questionnaires, checklists, instructions, or other similar materials and, in the case of control risk, through his study and evaluation of the internal control system and performing tests of controls.
25. The detection risk that the auditor can accept in the design of audit procedures is based on the level at which he tries to restrict audit risk that is related to the account balance or class and his assessment of inherent and control risk.
26. The audit of financial statements is a cumulative and dynamic process. As the auditor performs planned audit procedures, the evidence obtained can lead to modifying the nature, timing, and extent of other planned procedures. The auditor may reach, as a result of performing auditing procedures or from other sources during the examination, information that differs significantly from that on which he based his audit plan.
Evaluation of Audit Findings
27. In assessing whether the financial statements are presented fairly in all material respects, the auditor should add the errors that the entity has not corrected, so that he can consider whether, in relation to individual amounts, subtotals, or totals of the financial statements, these errors significantly distort the financial statements taken as a whole.
28. The sum of errors should include the best estimate that the auditor can make of the total error in the account balances or types of transactions that he has examined (hereafter called the probable error), not just the amount of errors specifically identified (hereafter called known errors).
29. The risk of a significant distortion in the financial statements is generally greater when account balances or types of transactions include accounting estimates rather than actual essential information, given the subjectivity inherent in estimating future events. Estimates such as those relating to inventory obsolescence, bad debts, and contingent liabilities are subject not only to the impossibility of predicting future events, but also to errors that can arise from inadequate information or inappropriate use or misapplication of appropriate information.
30. In earlier periods, the probable errors may not have been corrected by the entity, which means that the financial statements for those periods are significantly misstated. However, those errors could also affect the current period financial statements.
31. If the auditor concludes that the total probable error makes the financial statements significantly misstated, the auditor would require management to correct them. If significant errors are not eliminated, the auditor should issue a qualified or adverse opinion on the financial statements. Significant errors can be eliminated by, for example, the application of appropriate accounting principles, adjustments to the figures, or the addition of appropriate disclosure of matters that are inadequately shown in the financial statements.
32. If the auditor concludes that the total probable error does not cause the financial statements to be significantly misstated, he should recognize that the financial statements might be, however, expressed significantly distorted because of other errors discovered. As the total probable errors increase, the risk that the financial statements may be significantly misstated increases. Auditors typically reduce this risk of incorrect presentation by planning the audit and restricting the scope of risk.