Читать книгу Wiley Practitioner's Guide to GAAS 2020 - Joanne M. Flood - Страница 224

AU-C 315 describes risks as existing at one of two levels: the financial statement level or the relevant assertion level. This distinction is important because the nature of the auditor’s response differs depending on whether the risk is at the financial statement level or the assertion level.

Financial-statement-level risks. The risk of material misstatement at the financial statement level has a pervasive effect on the financial statements and affects many assertions. (AU-C 315.A122) The control environment is an example of a financial-statement-level risk. In some instances, it may not be possible to relate financial-statement-level risks to a specific assertion. (AU-C 315.A123–.A124) These risks should be related to assertion-specific responses. Financial-statement-level risks may require the auditor to develop an overall response, such as assigning more experienced team members.

Assertion-level risks. Assertion-level risks pertain to a single assertion or related group of assertions. Assertion-level risks will require the auditor to design and perform specific further audit procedures such as tests of controls and/or substantive procedures that are directly responsive to the assessed risk. (AU-C 315.A126)

(AU-C 315.26)

The auditor’s understanding of the entity and its environment—which includes an evaluation of the design and implementation of internal control—is used to assess the risk of material misstatement. To assess the risk of material misstatement, the auditor should:

 Identify risks throughout the process of obtaining an understanding of the entity, its internal control, and its environment.

 Relate the identified risks to what can go wrong at the relevant assertion level.

 Consider whether the risks could result in a material misstatement to the financial statements.

 Consider the likelihood that the risks could result in a material misstatement of the financial statements.

(AU-C 315.27)

NOTE: This process for assessing risk is consistent with the process for assessing the risk of material misstatement due to fraud. Essentially it is an information gathering, assessment, and response process, in which the auditor gathers information about the entity, assimilates and synthesizes that information to make an assessment of risk, and then designs audit procedures that are responsive to that risk.

The assessment of the risk of material misstatement enables the auditor to design appropriate further audit procedures, which are clearly linked and responsive to the assessed risk.