Audit and Internal Control: How Business Risks Translate to Audit Risk

Verified

Added on 2020/05/28

AI Summary

This report delves into the crucial relationship between business risks and audit risk, providing a comprehensive analysis of how various factors can influence audit assessments. It explores how financial risks, such as inadequate cash flows, can translate into audit risks, potentially leading to misstated financial statements and incorrect audit opinions. The report also examines the impact of expansion risks, information technology risks, cyber security risks, and project risks on the audit process. It highlights how these risks, if not properly managed or disclosed, can affect the auditor's ability to detect material misstatements and render an appropriate opinion. The report discusses the components of audit risk, including inherent risk, control risk, and detection risk, and provides examples of how different business scenarios can affect the audit process. By understanding these connections, auditors can better assess and mitigate risks, ensuring the reliability of financial statements.

Audit and Internal Control 1
AUDIT AND INTERNAL CONTROL
By (Student’s Name)
Professor’s Name
College
Course
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Audit and Internal Control 2
How business risks translated to audit risk for an Auditor
Financial risk: it will translate in audit risk in case the Company’s cash flows are
inadequate to fulfill the financial obligations. This will make shareholders to lose money
which they initially invested in the company. When the auditor realizes that the financial
statement is incorrect because of the cash flow, he/she will give a clear report of the fact
stated (audit risk) ((William, Glover and Prawitt 2016)).
Expansion Risk: This translate into audit risk in a situation where the Manager of
the company has less information and are unable to understand the risk associated with
growing businesses. When the cost of growing increases, profit of the business will
remain constant or falls and this will make financial statement incorrect. Hence, the
auditor will give the audit risk to help him in his final report.
Information technology risk: Companies that relies on IT systems in performing
daily activities faces threat in their system and if not address may make them perform at
a loss. If the threat affects the finance department it may interfere with the actual data
available and hence, the financial statement will be incorrect. Auditor may then use the
audit risk collected to give a report of his/her opinion.
Cyber security RISK: This is a business issue because most of the companies
are more digitized which means they are exposed to many number of threats.
Therefore, they mostly encounter risk of security. Modern technologies are providing
more advance tools which are being used to attack the business. The auditor may
detect these items and translate them into Audit risk (Hayes, Wallage and Gortemaker
2014).

Audit and Internal Control 3
Project Risk: These are uncertain events which when occur cause an effect on
the performance of project objectives. Some of the events can be controlled by the
organization but some may originate from external and therefore cannot be easily
identified by the organization. The auditor will therefore use the available information in
the audit risk to in order to give a clear standing of the organization.
Effects on Audit Assessment of Audit Risk
Audit risk is that risk which the auditor could issue an unqualified report because
of the failure of the auditor to detect substantial/material misstatement because of fraud
or error. In this case, the auditor expresses an inappropriate opinion on financial
statement. In other words, the auditor issues the incorrect opinion on financial
statements. Examples include issuing an unqualified audit report whereby a qualification
is justified reasonably; issuing a qualified audit opinion whereby no qualification is
essential; failing to stress a substantial matter in audit report and provision of an opinion
on financial statement whereby no such opinion could be given reasonably because of a
material limitation of audit performance scope (Hayes, Wallage and Gortemaker 2014).
The audit risk has three elements or components including inherent risk, control risk and
detection risk. This can be caused by various factors including financial risk, expansion
risk, ICT risk, cyber security risk and project risk. The effects of these factors on the
audit risk assessment is detailed below:
Financial Risk
The assessment of audit risk is greatly dependent on financial risk. For example,
in concealment in this type of risk will automatically increase the likelihood of audit risk
as the audit directly fail to get material facts (Allen and Hilton 2017). For instance, where

Audit and Internal Control 4
the credit risks element is not disclosed, the audit may not know the credit of the firm
and hence issue unqualified audit report.
Expansion Risk
As the business expands, much risk are associated with the expansion.
Therefore, where the organization conceals or doses not disclose these risks, the audit
will have no option in assessing them and hence provide an unqualified audit report
which may not necessarily reflect the true picture of the audited firm.
Information Technology Risk
The ICT development puts the audit work in both threats and opportunity. For
example, manager might use advanced technologies to conceal some materials facts in
their financial statements thereby leading to auditor lacking such information that would
otherwise be helpful to present a true picture of the company (Cohen, Krishnamoorthy,
and Wright 2017).
Cyber Security Risk
The cyber security risk greatly influence the audit work. For example, the audit
might not know what these are doing parallel to the period of auditing. Therefore, the
audit will issue a report which lacks the information on the effect of cybercrime. Thus,
the audit report will never be a true reflection of the firm.
Project Risk
Audit work is greatly affected by the project risk. As the business is involved in a
new project, the information about the project might be scanty hence misleading the
audit. In this case, the likelihood of giving audit risk will be higher as compared to

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Audit and Internal Control 5
establish project that has all the risks already identified (William, Glover and Prawitt
2016).

Audit and Internal Control 6
References
Allen, C. and Hilton, D., 2017, November. Local audit of the assessment and
management of patients referred to the low risk TIA clinic at Heatherwood Hospital.
In INTERNATIONAL JOURNAL OF STROKE (Vol. 12, pp. 57-57). 1 Olivers Yard, 55
City Road, London Ec1y 1sp, England: Sage Publications Ltd.
Cohen, J., Krishnamoorthy, G. and Wright, A., 2017. Enterprise risk management and
the financial reporting process: The experiences of audit committee members, CFOs,
and external auditors. Contemporary Accounting Research, 34(2), pp.1178-1209.
Hayes, R., Wallage, P. and Gortemaker, H., 2014. Principles of auditing: an introduction
to international standards on auditing. Pearson Higher Ed.
William Jr, M., Glover, S. and Prawitt, D., 2016. Auditing and assurance services: A
systematic approach. McGraw-Hill Education.