Audit risk is the risk of an organization specializing in the provision of audit services, which consists in the possibility of poor-quality audit or its inefficiency. Thus, the audit firm takes into account the degree of entrepreneurial risk when working with clients. An example of this is the likelihood of non-detection of errors in the financial statements of an entity.
In addition, the audit risk can be considered from the other side: the potential for detecting flaws or distortions in the accounting documentation, which actually does not exist. But in any case, the risk implies an erroneous judgment of the auditor in relation to a particular client.
Audit risk can be divided into three main types:
- On-farm.
- Control.
- Procedural.
The first type of risk is also called clean. It reveals the likelihood of an unfavorable situation, that is, the occurrence of errors or omissions in a certain balance sheet item, even before they are directly identified by internal control bodies. In this regard, the specialist performing the audit should pay attention to such factors as the experience and qualifications of the personnel of the accounting department, the honesty and clarity of completing the tasks of the personnel management, the relationship of senior officials with lower ones and the degree of pressure over the latter. In addition, it is worth considering the characteristics of the industry in which the client firm operates.
Audit audit risk is the likelihood that the clientβs accounting and reporting methodology is not able to detect errors in a timely manner and correct them promptly. That is why the auditor needs to rationally evaluate the introduced accounting system and characterize the degree of its reliability. Based on the data of such valuation activities, the specialist will understand what area he should pay close attention to.
The procedural audit risk or the risk of non-detection implies the possibility for the auditor to apply methods and techniques that, in a given situation, have been ineffective and are not able to identify existing errors. This in the future can lead not only to undermine the reputation of the audit organization, but also to significant financial losses of the economic entity. Each specialist should sensibly assess the level of poor-quality performance of his work and make every effort to reduce this indicator. For example, he can increase the number of audit samples or devote more time to the audit procedure than planned.
In the course of their work, each specialist performing an audit should remember the fundamental difference between such concepts as materiality and audit risk. Significance is understood as the presence of circumstances that may, to one degree or another, affect the result of the audit, and, consequently, the conclusion issued to the business entity. Before starting work with a specific client, the specialist, at the planning stage, sets the level of materiality, that is, the permissible limit of the distortion value.
Audit risk can be assessed by one of two proposed methods:
- Quantitative.
- Estimated.
The first method suggests the use of certain models for calculating risk in value or coefficient equivalent.
The assessment method is also called intuitive, it is based on the personal experience of the auditor, who, having studied the reporting as a whole or individual balance sheet items, makes a conclusion about the degree of risk. The evaluation criterion is the division into the unlikely, probable and high risk of the project. This method is actively used by audit firms in our country.
It is important to note that none of the above methods of reducing the level of risk can lead to its zero value. The proportion of the likelihood of an adverse situation and making mistakes is always present. And the auditor's task is to minimize the estimated risk level.