1. How are risks and controls related? Why is it important to assess risks before evaluating the quality of an organization’s controls? Discuss the auditor’s risk assessment procedures and the measures that should be taken, particularly with regard to the company’s activities and the internal control systems.
2. The risk model from the chapter can be restated as follows:
AR = IR × CR × DR
Where:
AR = audit risk
IR = inherent risk
CR = control risk
DR = detection risk
Using the audit risk model, compute the detection risk for the following values of audit risk,
inherent risk and control risk. Then answer the questions below.
Types of risks Case 1 Case2 Case 3
Audit risk 5% 10% 1%
Inherent risk 25% 30% 50%
Control risk 50% 50% 15%
(a) Which of the above cases shows the highest (lowest) detection risk? What is the significance of these results in terms of evidence gathering by the auditor?
(b) Describe the factors affecting the interpretation of these results.
(c) Consider the results obtained for the cases 1 and 3. In your opinion, which of these two cases would require more audit effort?