Inherent risk is a measure of the auditor’s assessment of the likelihood that there are material misstatements in a segment before considering the effectiveness of internal control. Factors affecting assessment of inherent risk include: Nature of the client’s business : Industry practices Nan-routine transactions Makeup of the population Audit experience : Results of previous audits Initial vs.. Peat engagement Judgment required to correctly record transactions Culture : Related parties Factors related to fraudulent financial reporting Factors related to misappropriation of assets 2. What are the differences between ‘R, CRY, and DRY? Inherent risk refers to the likelihood of material misstatement of an assertion, assuming no related internal control. This risk differs by account and assertion. For example, cash is more susceptible to theft than assets such as fixed assets.
This risk is assessed using various analytical techniques, available information on the company and its industry, as well as by using overall auditing knowledge. Control risk is the likelihood that a material misstatement will not be prevented r detected on a timely basis by internal control. This risk is assessed using the results of tests of controls. Detection risk is the risk that an auditor’s procedures lead to an improper conclusion that no material misstatement exists in an assertion when in fact such a misstatement does exist.
The auditor’s substantive procedures are primarily relied upon to restrict detection risk. Inherent risk and control risk differ from detection risk in that they exist independently of the audit, whereas detection risk relates to the effectiveness of the auditor’s procedures and how well the auditor apply them. The level of detection risk that auditor can accept varies inversely with the level of inherent and control risk. The higher the inherent and control risk, the less detection risk that auditor can accept to keep the risk of material misstatement at an acceptably low level.
The less detection risk that auditor can accept, the more reliable of substantive procedures must be. 3. What are the five components of the COOS Internal control framework? Explain about COOS related to Control risk. Committee of Sponsoring Organization (COOS) is a joint initiative of five private sector organizations, established in US 985, dedicated to providing thought leadership to executive management and governance entities on critical aspects of organizational governance, business ethics, internal control, enterprise risk management, fraud, and financial reporting.
COOS has established a common internal control model against which companies and organizations may assess their control systems. Coco’s Internal Control-integrated Framework is the most widely accepted internal control framework in the U. S, describes five components of internal control that management designs and implements to provide reasonable assurance hat its control objectives will be met. Each component contains many controls, but auditors concentrate on those designed to prevent or detect material misstatements in the financial statements.
The 5 components of the COOS internal control framework includes: 1 . Control environment: The control environment consists of the actions, policies, and procedures that reflect the overall attitudes of top management, directors, and owners of an entity about internal control and its importance to the entity. 2. Risk assessment: Risk assessment is management’s identification and analysis of risks relevant to he preparation of financial statements in accordance with accounting standards 3.
Control activities: Control activities are the policies and procedures that help ensure that necessary actions are taken to address risks to the achievement of the entity’s objectives 4. Information and communication: The purpose of an accounting information and communication system is to initiate, record, process, and report the entity’s transactions and to maintain accountability for the related assets. 5. Monitoring: Monitoring activities deal with management’s ongoing and periodic assessment f the quality of internal control performance to determine whether controls are operating as intended and modified when needed.
Explain about COOS related to Control risk : Control Risk is the risk that a material error in an account will not be prevented or detected on a timely basis by the client’s internal control structure. Assessing control risk is the process of evaluating the effectiveness of an entity’s internal control structure in preventing or detecting material misstatements in the financial statements. An auditor will assess control risk at maximum level if the auditor finds that the internal control system is not effective and will not be able to detect or prevent or correct any misstatement or error in the account balance.
Coco’s Internal Control-Integrated Framework describes five components that necessary for effectively designed and implemented internal control. With an effective internal control system will help a company/ audit entity to: Effectiveness and efficiency of operations; Reliability of financial reporting; Compliance with applicable laws and regulations. Therefore, it helps to decrease Control risk of audit entity.