Framework & Introduction to Risk Assessment


The auditor has to audit with professional scepticism, which refers to neither making the assumption that management are dishonest nor that they are always honest but rather to be aware that in certain cases financial statements can be misstated.

Risk assessment concerns the risk involved with the auditor not expressing the appropriate audit opinion. It is the duty of every auditor to identify and assess the risk of misstatements whether through error or fraud. The auditor has to understand the nature of the business and its environment in order to design and implement the appropriate measures to avoid any risk issues.

Risk assessment is important in auditing because it enables the identification of:

  • Any areas in the financial statement that include misstatements.
  • Allows auditor to plan procedures that address any risk.
  • Allows a more efficient, effective and focused auditing process
  • Minimises the risk of an inappropriate audit opinion

There are different stages to assessing the risk of misstatement namely:

  1. Inherent Risk – The auditor has to assess the main cause of misstatement.
  2. Control Risk – The auditor assesses the ability of an organisation’s control systems to prevent and detect a misstatement.
  3. Detection Risk – The risk that auditors procedures to reduce audit risk to an acceptable level, will not detect any potential misstatements.

A risk assessment involves implementing internal control systems that are relevant to an organisation designing audit procedures that are relevant in preparing the financial statements.

Auditing Process

According to ISA 200 Objective and General Principles Governing an Audit of Financial Statements, the auditors should always plan and then perform the audit to reduce audit risk to a reasonable low level.

In order to assess the auditing process the auditor has to consider:

  • Industry, regulatory and external factors – Including the financial reporting framework.
  • Nature of the business – For example, what are the key customers. Suppliers.
  • Objectives and strategies – For example, is the business expanding or launching a new product.
  • Measurement and review – For example, what are the budgets and forecasts.