RISK ASSESSMENT
Answers to Review Questions
4-1 Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated. Engagement risk is the risk that the auditor is exposed to financial loss or damage to his or her professional reputation from litigation, adverse publicity, or other events arising in connection with financial statements audited and reported on. In simple terms, audit risk is the risk that an auditor will issue an unqualified opinion on materially misstated financial statements, while engagement risk relates to the auditor's exposure to financial loss and damage to his or her professional reputation.
4-2 Inherent risk and control risk differ from detection risk in that inherent risk and control risk exist independent of the audit; that is, the levels of inherent risk and control risk are functions of the client and its environment. The auditor has little control over these risks. The auditor can control detection risk through the scope (nature, timing, and extent) of the audit procedures performed. Thus, detection risk has an inverse relationship with inherent risk and control risk.
4-3 Standard setters developed the audit risk model as a planning and evaluation tool. Therefore, the model is only as good as the judgments and assessments used as inputs. Following are some limitations. First, since the auditor assesses inherent risk and control risk, such assessments may be higher or lower than the actual inherent risk and control risk that exist for the client. Second, the audit risk model does not consider the possibility of judgment or nonsampling risk (auditor error in assessing risk, choosing audit procedures, and evaluating results).
4-4 Sampling risk refers to the fact that, in many instances, the auditor does not examine 100 percent of the class of transactions or account balance. Since only a subset of the population is examined, it is possible that the sample drawn is not representative of the population and a wrong conclusion may be made on the fairness of the account balance. Professional judgment errors (nonsampling risk) occur because an auditor may use an inappropriate audit procedure, fail to detect a misstatement when applying an appropriate audit procedure, or misinterpret an audit result.
4-5 In understanding the entity and its environment, the auditor gathers knowledge about: (1) the nature of the entity; (2) industry, regulatory, and other external factors; (3) objectives strategies, and business risks; (4) entity performance measures; and (5) internal control.
4-6 Some examples of conditions and events that may indicate the existence of business risks are:
Significant changes in the entity such as large acquisitions, reorganizations, or other unusual events.
Significant changes in the industry in which the entity operates.
Significant new products or services or significant new lines of business.
New locations.
Significant changes in the IT environment.
Operations in areas with unstable economies.
High degree of complex regulation.
4-7 A company that operates in the coal mining industry faces numerous business risks. The following are selected business risks disclosed by Arch Coal, Inc. – the second largest coal producer in the United States.
General Risks:
Coal prices are subject to change and a substantial or extended decline in prices could materially and adversely affect our profitability and the value of our coal reserves.
Our coal mining operations are subject to operating risks that are beyond our control, which could result in materially increased operating expenses and decreased production levels and could materially and adversely affect our profitability.
Competition within the coal industry could put downward pressure on coal prices and, as a result, materially and adversely affect our revenues and profitability.
Decreases in demand for electricity resulting