X
xyzer
I'm getting slightly different definitions and explanations of the
audit risk model in my studies of the CPA exam audit section.
Tell me which of these understandings is wrong if you can, or simply
explain it clearly, if you can:
First the equation:
Audit Risk / (Inherent Risk * Control Risk) = Detection Risk
Ok, here's the way I initially understood things:
Detection risk can be thought of as being an output of the other three
variables. An auditor comes in and assesses control and inherent risk.
It also sets a level of audit risk (the nominator) that it wants to
assume. This is generally done on a system by system or account by
account basis.
If the denominator is relatively high, i.e., if inherent risk and/or
control risk is relatively high, making the denominator relatively
high, then for any given audit risk value, detection risk will
mathematically be relatively LOWER.
HOWEVER, when detection risk (and audit risk for a given IR and CR) is
relatively low, this means we must do relatively more substantive
testing to get the risk of a material misstatement (if one exists) not
being caught to that relatively low level.
So, when one has a relatively high detection risk, if one wants to
lessen that detection risk to a given level, one can do more
substantive testing. This lowering of detection risk also lowers audit
risk, for a given CR and IR. One must do relatively more testing to
lower a relatively higher detection risk to a given level than one must
do to lower a relatively lower level to a given level.
Am I understanding this correctly?
audit risk model in my studies of the CPA exam audit section.
Tell me which of these understandings is wrong if you can, or simply
explain it clearly, if you can:
First the equation:
Audit Risk / (Inherent Risk * Control Risk) = Detection Risk
Ok, here's the way I initially understood things:
Detection risk can be thought of as being an output of the other three
variables. An auditor comes in and assesses control and inherent risk.
It also sets a level of audit risk (the nominator) that it wants to
assume. This is generally done on a system by system or account by
account basis.
If the denominator is relatively high, i.e., if inherent risk and/or
control risk is relatively high, making the denominator relatively
high, then for any given audit risk value, detection risk will
mathematically be relatively LOWER.
HOWEVER, when detection risk (and audit risk for a given IR and CR) is
relatively low, this means we must do relatively more substantive
testing to get the risk of a material misstatement (if one exists) not
being caught to that relatively low level.
So, when one has a relatively high detection risk, if one wants to
lessen that detection risk to a given level, one can do more
substantive testing. This lowering of detection risk also lowers audit
risk, for a given CR and IR. One must do relatively more testing to
lower a relatively higher detection risk to a given level than one must
do to lower a relatively lower level to a given level.
Am I understanding this correctly?