(a) Describe typical factors auditors evaluate to assess inherent risk.
Inherent risk is the vulnerability of an account class or balance of dealings to misstatement. It could be material, individually or combined with misstatements in other classes or balances. This occurs mostly due to the absence of proper internal controls to check such eventualities. Besides factors connected to the peculiar statement, the auditor needs to take external conditions into account that might help in controlling the Internal Risk. These can include the character of industry and business, the size of account balances, the integrity of management, the existence of connected parties, the lack of adequate working capital to continue process, etc. Taking into account all the relevant factors, the auditor has to apply his professional knowledge and skills in taking appropriate decisions. “IR = Inherent risk (the risk that an assertion is susceptible to a material misstatement, assuming there are no related controls)” (Statements on Auditing Standards (SASs): Risk Assessment Standards par. 3).
Examples of financial records that have low Internal Risk include fixed assets or traded securities as opposed to accounts with high Internal Risk. For instance, those for which estimates have to be used and computations have to be conducted.
(b)With the benefit of hindsight, what inherent risk factors were present during the audits of the 1989 through 1992 Comptronix financial statements?
Fictitious Purchases of Equipment:
An audit comprising of a physical examination of Comptronixs equipment might have revealed that recognized assets do not exist. Considering the age of certain equipment, there is a need to take into account their depreciation. Thus, the actual value of the some equipment may not correspond to their book value. “Fictitious transactions frauds involve important accounts or just assets or revenues in general” (Ketz 407).
Fictitious Accounts Payments for the Equipment:
Besides auditing in a way that would have exposed the absence of certain purchases of equipment, the assessor could have also carried out an examination of check accounts and bank records to see where and by whom the vouchers were cashed. This would have revealed that the checks were not cashed in by an outside party. Thus, the company would have been in a clear position to establish the involvement of someone within the organization in the said manipulation.
Fictitious Sales and Accounts Receivables:
In the same manner as in the case of fictitious accounts for equipment, the assessor could have checked the inventory to confirm the decrease in inventory of goods for sale with the actual sales to the consumers. “The auditor’s objective in examining accounts receivable is to form an opinion regarding management’s representation that an account receivable is presented fairly in conformity with generally accepted accounting principles (“GAAP”)” (Standing Advisory Group Meeting: Audit Confirmations 1).
The former would have shown the lack of sales and the latter would have shown the lack of outside consumers, since no cash was received or remittance made into Comptronix’s bank account. Yet another option could be seen in terms of matching the sales with the invoices and order papers. Here, the auditor would have understood that there are no accounts for the false sales and therefore no sales have occurred.
2.Another Component of the Audit Risk Model is Control Risk:
(a) Describe general characteristics in an internal control structure that increases the auditors assessment of control risk. Include a few examples from Comptronix’s internal control structure that increased control risk for the audits of 1989-1992 year-end financial statements.
Control risk is an auditor’s evaluation of the inside control method of a company. This also contains the attitude and proficiency management that directors have to internally control. When control risk is high the substantive actions that have to be taken to counter the risks also increase accordingly. The internal control of Integrated Framework published 1994 by COSO, breaks effective internal control into five unified systems. These are: Control environment, risk assessment, control activities, information and communication, and monitoring.
The control environment includes the internal control structure and is measured as a base for all other essentials. It includes integrity, competence, ethical values and the management’s philosophy, assignment of authority, operating cycles and the directions given by the board. “Recent standards (e.g. SAS 107) suggest also a simplified audit risk model that combines inherent and control risks into one risk called the risk of material misstatement” (Popova 8). Risk assessment is best explained as the means of analyzing and identifying internal and external risks for attaining the objectives of financial reporting and control. Besides, control actions are developed to address each control objective and to reduce the inherent risks. Information and communication from administration to personnel have to be clearly stated and it should stipulate that all concerned should discharge control responsibilities with the deserving seriousness. The personnel have to recognize their role in the internal control system, so that the company, as a whole, can recognize the methods and actions by which right information is given to the right people.
Finally, monitoring is the method to assess the performance of the internal control system over a period of time. “It is a process of routinely gathering information on all aspects of the project” (Bartle par. 1). At Comptronix, different factors augmented the control risk for the concern. First, the loss of the main consumers is a condition that enhances control risk as management has an inclination to misstate incomes and other financial records to achieve some ulterior motives. Second, the accounting method could be bypassed by the organization with factious manual entries. This boosts control risk granting limitless power to top management for manipulating and changing accounts.
Accounts Receivable and Bad Debts Expense. Accounting Crosswords.com. 2004. Web. 19 Oct. Bartle, Phil. The Nature of Monitoring and Evaluation: Definition and Purpose. Community Empowerment Collective. 1967. Web. 19 Oct. COSO and Control Environment. Monmouth University. 2011. Web. 19 Oct. Fictitious Asset. Business Dictionary.com. n.d. Web. 19 Oct. Haslett, Walter V. Risk Management: Foundations for a Changing Financial World. CFA Institute. John Wiley & Sons, Inc. 2010. Web. 19 Oct. Ketz, J. Edward. Accounting Ethics: Critical Perspectives on Business and Management. Routledge. 2006. Web. 19 Oct. Popova, Velina. Integration of Fraud Risk in the Risk of Material Misstatement and the Effect on Auditors’ Planning Decisions. Department of Accounting and Information Systems. Virginia Polytechnic Institute and State University. 2008. Web. 19 Oct. <. http://aaahq.org/meetings/AUD2009/IntegrationOfFraudRisk.pdf>. Statements on Auditing Standards (SASs): Risk Assessment Standards. AICPA PCPS
Members. 2007. Web. 19 Oct.
Standing Advisory Group Meeting: Audit Confirmations. Public Company Accounting Oversighy Board: (PCAOB). 2004. Web. 19 Oct.