Please look at the attachment for reference of case study. Look up on google the
ID: 2333369 • Letter: P
Question
Please look at the attachment for reference of case study. Look up on google the appendix section for the Cloud 9 case study BOOK: Auditing a practical approach. Please elaborate on the attachment given; the attachment is the inherent risk of cloud 9. However, I need you to elaborate and paraphrase in your own words on the 3 Identification of inherent risk in cloud 9 Auditing. (300 words for each inherent risk).
a. Justify the risk assessment by stating whether the inherent risk is high/low/ medium due to? State How likely the risk can occur and why?
b. Explain the consequence of materiality. You don't need extra information to justify your opinion. Just elaborate more.
1. Growth of revenues given industry outlook and management incentive Consumer discretionary spending is low and expected to grow by only 2% for the year. Management receive bonuses based on revenue targets, which was set at 3%. General economic conditions will also impact retail businesses with their recoverability of debt and the valuation of This inherent risk is "High" and impacts the Sales - Occurrence, Accounts Receivable - valuation 2. Level of competition This inherent risk is "Medium" and impacts the Accounts Receivable- Existence and Valuation, Inventory - 2. Merchandise cycle and fashion trends Based on the stability of the athletic footwear market, this inherent risk 1S "Low" as the fashion trends are not as exaggerated as with other footwearExplanation / Answer
Cloud 9 is designed to provide students with the opportunity to work through various audit procedures that are performed during the planning and interim phases of a statutory audit. The case study is based on typical client scenarios that are regularly observed in the profession. The aim of this case study is to expose students to the practice of auditing and the tasks they would typically perform in their first year of auditing practice.
Cloud 9 is derived from an audit case learning resource used as part of the Ernst & Young graduate development program. Cloud 9 will provide your students - with a practical context of auditing and an appreciation of the level of quality, activity and knowledge Ernst & Young apply to the audit process and the vital role of auditing in practice and business.
Previously examined risk questions have carried a mark allocation of 10 marks. However, a significant majority of candidates have not passed this part of the question. Common mistakes made include:
Audit risk definitions
Audit risk is defined as ‘the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated. Audit risk is a function of the risks of material misstatement and detection risk’. Hence, audit risk is made up of two components – risks of material misstatement and detection risk.
Risk of material misstatement is defined as ‘the risk that the financial statements are materially misstated prior to audit. This consists of two components... inherent risk ... control risk.’
Inherent risk is ‘the susceptibility of an assertion about a class of transaction, account balance or disclosure to a misstatement that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls.’
Control risk is ‘the risk that a misstatement that could occur in an assertion about a class of transaction, account balance or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control.’
Detection risk is defined as ‘the risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements.’
Audit risk questions require candidates to identify risks of material misstatements, which include inherent and control risks as well as detection risks.
Audit risk model
In all three sessions a number of candidates have wasted valuable time by describing the audit risk model along with definitions of audit risk, inherent risk, control and detection risk. Unless the question requirement specifically asks for the ‘components of audit risk’ or ‘a description of the audit risk model’, candidates should not provide definitions of audit risk, inherent risk, control risk or detection risk as no marks are available.
Audit risk versus business risk
The main area where candidates continue to lose marks is that they do not actually understand what audit risk relates to. Hence, they frequently provide answers that consider the risks the business would face or ‘business risks’, which are outside the scope of the syllabus. There are no marks available for business risks.
Business risks are defined as ‘a risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect an entity’s ability to achieve its objectives and execute its strategies, or from the setting of inappropriate objectives and strategies’.
Risks must be related to the risk arising in the audit of the financial statements and should include the financial statement assertion impacted. Therefore, audit risks should be related back to relevant assertions.
ISA 315, Identifying and Assessing the Risks of Material Misstatement Through Understanding the Entity and Its Environment identifies the following assertions:
In addition, a risk can relate to a practical problem the audit team may face, such as attendance at inventory counts where the company has multiple sites holding simultaneous inventory counts, or if the company has had significant changes in their finance department and so the risk of fraud and error has increased.
The common mistake is for candidates to identify a relevant issue from the scenario and then consider the risk to the company rather than to the auditor, linking into the related assertion.
Therefore, using Question 3b from the June 2011 exam: ‘The travel agents are given a 90-day credit period to pay Donald Co; however, due to difficult trading conditions, a number of the receivables are struggling to pay.’ The audit risk related to this point is that if receivables are struggling to pay, then they may be overstated and, hence, valuation of receivables is the relevant risk.
The business faces the risk of slow cash flows and so there is a business risk related to the liquidity of Donald Co. While going concern is an audit risk, the above point from the scenario is not sufficient on its own to indicate going concern risk.
In addition, Question 1a from the June 2010 exam told candidates: ‘Purchase orders for overseas paint are made six months in advance and goods can be in transit for up to two months.’ The explanation of the audit risk would be to ascertain that the cut-off of inventory is appropriate at the year end. However, many candidates explained that the company may encounter problems with stock-outs of goods, which is focused more on operational business risk rather than on the risks to the financial statements.
Other examples of audit risks include:
Responses to audit risks
Having identified the audit risk candidates are often required to identify the relevant response to these risks. A common mistake made by candidates is to provide a response that management would adopt rather than the auditor.
From Question 3b June 2011, in relation to the risk of valuation of receivables, as Donald Co had a number of receivables who were struggling to pay, many candidates suggested that management needed to chase these outstanding customers. This is not a response that the auditor would adopt, as they would be focused on testing valuation through after date cash receipts or reviewing the aged receivables ledger.
Auditor’s responses should focus on how the team will obtain evidence to reduce the risks identified to an acceptable level. Their objective is confirming whether the financial statement assertions have been adhered to, and whether the financial statements are true and fair.
Responses are not as detailed as audit procedures; instead they relate to the approach the auditor will adopt to confirm whether the transactions or balances are materially misstated. Therefore, in relation to the risk of going concern, the response is to focus on performing additional going concern procedures, such as reviews of cash flow forecasts.
Also, auditor responses should not be too vague such as ‘increase substantive testing’ without making it clear how, or in what area, this would be addressed.
In addition, candidates’ must ensure that they do not provide impractical responses. A common example of this is to request directly from the company’s bank as to whether the bank will provide a loan or renew a bank overdraft. The bank is not going to provide this type of information to the auditor, especially if they have not yet informed the company, and therefore this response will not generate any marks.
Limited range of risks identified
In order to score well in risk questions it is advisable to aim to identify a breadth of points from the question scenario. If the question asks for a specific number of audit risks, such as five, then it is not sufficient to identify just one or two risks. In addition, a common mistake is to identify a risk such as going concern and then give this answer over and over again. In Question 3b of the June 2011 exam, there was only a maximum of one mark available for the description of going concern risk.
Each scenario will have a variety of audit risks and candidates should, as part of their planning, aim to identify as many as possible. They should then decide which of the identified risks they will explain/describe in their answer. If the question asks for five risks, candidates should aim to identify six or seven points during their initial reading of the question. Candidates should then review their list and pick the five risks and responses that they feel they can expand on the most when writing up their answer.
Conclusion
Audit risk is, and will continue to be, an important element of the Paper F8 syllabus. Candidates must understand the syllabus outcomes, understand what the question requirements involve and practise risk questions prior to the exam.