ASSESSING

THE RISK OF
MATERIAL
MISSTATEMENT
CHAPTER 9

Copyright © 2017 Pearson Education, Ltd. 9-1

 CHAPTER 9 LEARNING OBJECTIVES
9-1 Define risk in auditing.
9-2 Distinguish the different types of risk assessment procedures.
9-3 Understand important auditor considerations related to the risk of material
misstatement due to fraud.
9-4 Describe the auditor’s responsibility to identify significant risks.
9-5 Describe the audit risk model and its components.
9-6 Assess acceptable audit risk.
9-7 Consider the impact of several factors on the assessment of inherent risk.
9-8 Discuss the relationship of risk to audit evidence.
9-9 Discuss how materiality and risk are related and integrated into the audit
process.

Copyright © 2017 Pearson Education, Ltd. 9-2

 OBJECTIVE 9-1
Define risk in auditing.

*AUDIT RISK is the risk that the auditor expresses an

inappropriate audit opinion when the financial statements are
materially misstated

**RISK OF MATERIAL MISSTATEMENTS- risiko bahwa laporan

keuangan mengandung salah saji material yang sebabkan oleh
fraud atau error sebelum dilaksanakan audit (prior to audit)

Copyright © 2017 Pearson Education, Ltd. 9-3

 DEFINE RISK IN AUDITING
Auditors ACCEPT some level of risk or uncertainty in performing
audits
1. Risk of Material Misstatement at THE OVERALL FINANCIAL
STATEMENT LEVEL: Refers to the risks that relate pervasively
to the financial statements as a whole and potentially affect a
number of different transactions and accounts.
2. Risk of Material Misstatement at THE ASSERTION LEVEL:
a. Inherent risk—Susceptibility of an assertion to material
misstatement (timbulnya salah saji material ini dari sebuah asersi
tertentu)
b. Control risk—Risk that internal controls will not prevent or
detect material misstatement.

Copyright © 2017 Pearson Education, Ltd. 9-4

 OBJECTIVE 9-2
Distinguish the different types
of risk assessment procedures.

Copyright © 2017 Pearson Education, Ltd. 9-5

 RISK ASSESSMENT PROCEDURES

Risk assessment procedures/prosedur penilaian risiko

meliputi:
1. Inquiries of management and others within the entity
2. Analytical procedures
3. Observation and inspection
4. Discussion among engagement team members
5. Other risk assessment procedures

The role of risk assessment procedures is detailed in Figure 9-1.

Copyright © 2017 Pearson Education, Ltd. 9-6

Copyright © 2017 Pearson Education, Ltd. 9-7
 OBJECTIVE 9-3
Understand important auditor
considerations related to the risk of
material misstatement due to fraud.

Copyright © 2017 Pearson Education, Ltd. 9-8

 CONSIDERING FRAUD RISK

Risk assessment procedures include assessing the risk

of material misstatement DUE TO FRAUD OR ERROR.

The auditor’s consideration of fraud risk is made at both the

a. Financial statement level and
b. Assertion level for classes of transactions, account balances,
and presentation and disclosures.
Because several high-profile cases of financial statement fraud
involve misstatements in revenue recognition, auditing standards
require the auditor to presume that risks of fraud exist in revenue
recognition.

Copyright © 2017 Pearson Education, Ltd. 9-9

 OBJECTIVE 9-4
Describe the auditor’s responsibility
to identify significant risks.

Copyright © 2017 Pearson Education, Ltd. 9-10

 IDENTIFICATION OF SIGNIFICANT RISKS

Auditor must determine whether any of the risks identified are a

significant risk.
A SIGNIFICANT RISK* is any risk that the auditor deems to require
special attention:
1. Non-routine transactions, including related-party transactions,
often represent significant risk
2. Account balances or transactions that require estimates for
which significant measurement uncertainty exists also may
require more attention
All fraud risks are normally considered to be significant risks.

Copyright © 2017 Pearson Education, Ltd. 9-11

 *SIGNIFICANT RISK

• Significant risks generally relate to judgemental matters

and significant non-routine transactions.
• Risks of material misstatement may be greater for
significant judgemental matters requiring accounting
estimates or revenue recognition and for assumptions
about the effects of future events (e.g. fair value) than for
ordinary transactions.
IN DETERMINING WHAT A SIGNIFICANT RISK IS THE AUDITOR
CONSIDERS A NUMBER OF MATTERS, INCLUDING THE FOLLOWING:

Whether the risk is a risk of fraud.

The likelihood of the occurrence of the risk.
Whether the risk is related to recent significant economic, accounting or
other developments and, therefore, requires specific attention.
The complexity of transactions that may give rise to the risk.
Whether the risk involves significant transactions with related parties.
The degree of subjectivity in the measurement of financial information
related to the risk.
Whether the risk involves significant transactions that are outside the
normal course of business for the entity, or that otherwise appear to be
unusual given the auditor’s understanding of the entity and its environment.
 OBJECTIVE 9-5
Describe the audit risk model and
its components

Copyright © 2017 Pearson Education, Ltd. 9-14

 AUDIT RISK MODEL
The risk of material misstatement at the ASSERTION LEVEL consists
of two components: inherent risk and control risk.
Auditors consider these risks by applying the AUDIT RISK MODEL

The relationship between the audit risk model and the understanding of
the client’s business and industry is shown in Figure 9-2.
An illustration of risks and evidence is shown in Table 9-1.

Copyright © 2017 Pearson Education, Ltd. 9-15

 COMPONENTS OF AUDIT RISK MODEL….
- PLANNED DETECTION RISK (PDR)
Detection risk is the risk that an auditor’s substantive
procedures will not detect a misstatement that exists in an account
balance or class of transactions that could be material, individually
or when aggregated with misstatements in other balances or classes
(…will fail to detect misstatements exceeding performance
materiality)

Audit Risk = F(IR, CR, DR)

Planned detection risk is dependent on the other three factors in the model and will change only if the
auditor changes one of the other factors.
INHERENT RISK

Inherent risk is the susceptibility of an account

balance or class of transactions to misstatements
that could be material, individually or when
aggregated with misstatements in other balances
or classes, assuming that there were no related
internal controls.
CONTROL RISK (CR)

Control risk is the risk that a misstatement that could

occur in an account balance or class of transactions and
that could be material – individually or when aggregated
with misstatements in other balances or classes – will
not be prevented or detected and corrected on a timely
basis by accounting and internal control systems.
 ACCEPTABLE AUDIT RISK (AAR)

• ACCEPTABLE AUDIT RISK: How willing the auditor

is to accept that the financial statements may be
materially misstated AFTER the audit is complete
and an unmodified opinion has been issued.

Copyright © 2017 Pearson Education, Ltd. 19

Copyright © 2017 Pearson Education, Ltd. 9-20
 CLIENT BUSINESS RISK? (FIG 9-2)

Business risks result from significant conditions, events,

circumstances or actions that could adversely affect the
entity’s ability to achieve its objectives and execute its
strategies.
• Operations in regions that are economically unstable.
• Operations exposed to volatile markets.
• High degree of complex regulation.
• Going concern and liquidity issues including loss of significant
customers.
• Constraints on the availability of capital and credit.
• Changes in the industry in which the entity operates.
BUSINESS RISK? (FIG. 9-2)
Copyright © 2017 Pearson Education, Ltd. 9-25
 OBJECTIVE 9-6
Assess acceptable audit risk.

Copyright © 2017 Pearson Education, Ltd. 9-26

 ASSESSING ACCEPTABLE AUDIT RISK

Auditors must decide appropriate acceptable audit

risk
• Auditors must first decide engagement risk and use it to
modify acceptable audit risk.
• Engagement risk (dari sisi auditor) is the risk that the
auditor (or firm) will suffer harm after the audit is finished,
even though the report was correct
• Engagement risk is closely related to client business risk
(dari sisi klien) because the risk that the auditor will be sued
is often related to business failure after the audit is
finished.

Copyright © 2017 Pearson Education, Ltd. 9-27

 ASSESSING ACCEPTABLE AUDIT RISK (CONT.)
Factors Affecting Acceptable Audit Risk:
1. The degree to which external users rely on the statements based
on these factors:
• Client size
• Distribution of ownership
• Nature and amount of liabilities
2. The likelihood that a client will have financial difficulties after
the audit based on these factors:
• Liquidity position
• Profits (losses) in previous years
• Method of financing growth
• Nature of the client’s operations
• Competence of management
3. The auditor’s evaluation of management’s integrity

Copyright © 2017 Pearson Education, Ltd. 9-28

 ASSESSING ACCEPTABLE AUDIT RISK (CONT.)
Making the Acceptable Audit Risk Decision

Copyright © 2017 Pearson Education, Ltd. 9-29

 OBJECTIVE 9-7
Consider the impact of several
factors on the assessment of
inherent risk.

Copyright © 2017 Pearson Education, Ltd. 9-30

 ASSESSING INHERENT RISK

Assessing inherent risk is an attempt by the auditor to predict

where misstatements are most and least likely in the financial
statement segments.
This affects the amount of audit evidence that the auditor needs to
accumulate.
The auditor must ASSESS THE FACTORS that make up the risk and
modify procedures for audit evidence to take them into
consideration.
This consideration takes place during the planning phase and is
updated throughout the audit process.

Copyright © 2017 Pearson Education, Ltd. 9-31

 ASSESSING INHERENT RISK (CONT.)

Factors to Consider when Assessing Inherent Risk:

• Nature of the client’s business
• Results of previous audits
• Initial versus repeat engagement
• Related parties
• Complex or non-routine transactions
• Judgment required to correctly record account balances and transactions
• Makeup of the population
• Factors related to fraudulent financial reporting
• Factors related to misappropriation of assets

Copyright © 2017 Pearson Education, Ltd. 9-32

 OBJECTIVE 9-8
Discuss the relationship of risk to
audit evidence.

Copyright © 2017 Pearson Education, Ltd. 9-33

 RELATIONSHIP OF RISKS TO EVIDENCE AND
FACTORS INFLUENCING RISKS

Figure 9-3 summarizes the relationship of risk factors and

audit evidence.
In addition to modifying audit evidence, the auditor can also
make the following changes to respond to risks:
1. The engagement may require more experienced staff.
2. The engagement will be reviewed more carefully than usual.

Copyright © 2017 Pearson Education, Ltd. 9-34

Copyright © 2017 Pearson Education, Ltd. 9-35
Illustration 6.12 Interrelationship of the Components of Audit Risk
Relationship between Inherent, Control and Detection Risk
 RELATIONSHIP OF RISKS TO EVIDENCE AND
FACTORS INFLUENCING RISKS (CONT.)
Audit Risk for Segments—The risk of material misstatement, control
risk, and inherent risk are assessed for each audit objective in each
segment of the audit.

Relating Performance Materiality and Risks to Balance-Related

Audit Objectives—Although it is common to assess inherent and control
risks for each balance-related audit objective, it is not common to allocate
materiality to those objectives.

Measurement Limitations—One major limitation in the application of

the audit risk model is the difficulty of measuring the components of the
model. It is a highly subjective process, so most auditors use broad
categories such as low, medium, and high. This is illustrated in Table 9-3.

Copyright © 2017 Pearson Education, Ltd. 9-38

Copyright © 2017 Pearson Education, Ltd. 9-39
 RELATIONSHIP OF RISKS TO EVIDENCE AND
FACTORS INFLUENCING RISKS (CONT.)

Tests of Details of Balances Evidence-Planning

Worksheet—Auditors develop various types of decision aids to
help link judgments affecting audit evidence with appropriate
evidence to accumulate.
• One such worksheet is illustrated in Figure 9-4.

Revising Risks and Evidence—The audit risk model is primarily

a planning model and is of limited use in evaluating results.
• If audit evidence suggests that the risk is higher than originally
thought, the auditor must revise the original assessment and
consider the effect of the revision on evidence requirements.

Copyright © 2017 Pearson Education, Ltd. 9-40

Copyright © 2017 Pearson Education, Ltd. 9-41
 OBJECTIVE 9-9
Discuss how materiality and risk
are related and integrated into the
audit process.

Copyright © 2017 Pearson Education, Ltd. 9-42

 RELATIONSHIP OF RISK AND MATERIALITY
TO AUDIT EVIDENCE

THE CONCEPTS OF MATERIALITY AND RISK IN

AUDITING ARE CLOSELY RELATED AND INSEPARABLE.
1. Risk is a measure of uncertainty
2. Materiality is a measure of magnitude
The relationships among performance materiality and
the four risks to planned audit evidence are shown in
Figure 9-5.

Copyright © 2017 Pearson Education, Ltd. 9-43

Copyright © 2017 Pearson Education, Ltd. 9-44