Lesson 11 of 23
Inherent risk accounts for one-third of the audit risk, yet it has the least evidence available, meaning that it requires more professional judgement. This article discusses the major factors that an auditor should consider when assessing inherent risk as they prepare their audit plan.
Inherent risk, control risk and detection risk account for audit risk. There is very little documentation and information about inherent risk. This means the auditor has to rely on their professional judgement to assess inherent risk. What are the factors an auditor should consider while assessing inherent risk?
The business environment is an important factor in assessing inherent risk. The higher the competition, the higher the inherent risk. Technology businesses that constantly need to improve to stay relevant and compete with entrants in the marketplace are one such example.
The data management system in a firm is another factor in assessing inherent risk. A poorly managed and maintained Information Technology System increases inherent risk. Such sloppy and poorly maintained systems point to inattentive management that does not consider a well-managed IT system a requirement for conducting business.
The integrity of the management should be assessed by the auditor. If the management has poor integrity, it can lead to doubtful accounting practices. This can later lead to lawsuits against the auditor for not overseeing and reporting such accounting discrepancies. So a company that has management with poor integrity will have high inherent risk.
Client motivations determine policy selection and accounting application. Earnings-based bonus plans, financially calculated lending covenants, the decision to sell or go public, and tax minimization schemes can lead to management bias and thereby increase inherent risk.
Historical accounting issues are those that have occurred in previous years, may recur and indicate a systemic problem and therefore a source of inherent risk. Auditors can look at previous audits. The pattern from year to year is usually consistent unless the client is vigilant and keen to make the necessary changes.
New clients have a higher inherent risk as the auditor is not yet familiar with the business details and previous documentation.
When related parties enter into a business transaction or arrangement then the inherent risk is higher. This is because we do not know if the arrangement is being done at fair market value.
Non-routine transactions have greater inherent risks too. Clients often poorly document and report such transactions if they do at all.
Inherent risk also increases due to highly judgemental accounting estimates. Warranty provisions, allowances, and contingencies for lawsuits all increase inherent risk.
Liquid assets are more prone to being misappropriated. If a company has more assets in cash or inventory, the inherent risk increases.
The factors that increase inherent risk change based on the account, audit objective and the accounting cycle each time. Some of the factors affect all business cycles, while others may impact a few. Inherent risk is not static. It can be assessed during the planning stage but needs to be reassessed if any new information comes to light during any other stage of the audit.