What is an Audit Risk Assessment? (with pictures)

Mary McMahon
Mary McMahon
Individuals receiving less than $100,000 per year have a very low chance of getting audited.
Individuals receiving less than $100,000 per year have a very low chance of getting audited.

Audit risk assessment is a stage in the audit planning process. During the assessment, an auditor determines the likelihood of audit risk, defined as the possibility of recording an inappropriate opinion on an audit as a result of a misstatement in the financial documents examined. Audit risk assessment is part of the series of controls which are used to manage the integrity of an audit, and to determine when and how audits should be conducted, and by whom.

During an audit, a company can identify financial issues such as funds where they shouldn't be, abnormal numbers, signs of fraud or theft, and so forth.
During an audit, a company can identify financial issues such as funds where they shouldn't be, abnormal numbers, signs of fraud or theft, and so forth.

While many people fear audits from tax authorities, they are actually a valuable tool when used internally. During an audit, a company can identify financial issues such as funds where they shouldn't be, abnormal numbers, signs of fraud or theft, and so forth. Auditing is used to control costs, to ensure that accounting is accurate, and to hold employees accountable for their activities. It can be performed across an entire company, or in specific departments.

Auditing is used to hold employees accountable for their activities.
Auditing is used to hold employees accountable for their activities.

Audit risk consists of several components. The first is the likelihood that a material misstatement will be made in financial documents. The second is the risk that the misstatement will not be caught by internal controls, and the third is that the misstatement will not be caught by an auditor. These components are examined during an audit risk assessment to come up with a numerical score which can be used to make decisions about the auditing process.

Audit risk assessment is part of the series of controls which are used to manage the integrity of an audit.
Audit risk assessment is part of the series of controls which are used to manage the integrity of an audit.

If the audit risk is high, it may indicate that audits should be performed more frequently, to increase the chance that errors and misstatements will be caught. A high audit risk may also suggest that it may be time to change some of the factors to lower the risk. For example, an auditor could recommend changes to internal controls which would lower the risk by increasing the chances of catching a misstatement internally.

Risk-based auditing is an approach to audit management which is informed by an audit risk assessment. It's important to remember that the assessment is not an audit; the audit still needs to be completed, keeping the findings of the assessment in mind.

In addition to being valuable for internal accounting, regular audits can also be useful from a customer relations standpoint. People tend to trust businesses which perform regular audits more, as auditing demonstrates a commitment to ethical standards. In some regions, internal auditing and transparency in the auditing process may be legally required of companies which wish to be traded publicly.

Mary McMahon
Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors.

Mary McMahon
Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors.

You might also Like

Readers Also Love

Discussion Comments

BabaB

Just imagine what it would be like if healthcare clinics and hospitals didn't have an audit system. Our health records would be an open book especially when records were send over the internet.

New laws required healthcare to make big changes. They have to provide a system where a patient's health stays confidential, especially when it is being transferred on the internet. All patients and health workers need a unique I.D.

These changes are great. No one wants their health records exposed.

I'm sure that healthcare places have really complete and thorough audits.

Clairdelune

I'm all for extensive audits within companies, from outside the company, and government tax audits. If these audits worked like they should, there would be a lot less fraud and misconduct in U.S. companies.

My dad worked for a local community bank. These local banks usually were a part of the community, were ethical, and were respected by the community. I remember my dad saying, "The auditors are coming tomorrow. I think we're all set."

If the company is a public company, they for sure should do complete audits. Even if they aren't public companies, but they deal with the public; they should be required to do audits.

Post your comments
Login:
Forgot password?
Register:
    • Individuals receiving less than $100,000 per year have a very low chance of getting audited.
      Individuals receiving less than $100,000 per year have a very low chance of getting audited.
    • During an audit, a company can identify financial issues such as funds where they shouldn't be, abnormal numbers, signs of fraud or theft, and so forth.
      During an audit, a company can identify financial issues such as funds where they shouldn't be, abnormal numbers, signs of fraud or theft, and so forth.
    • Auditing is used to hold employees accountable for their activities.
      Auditing is used to hold employees accountable for their activities.
    • Audit risk assessment is part of the series of controls which are used to manage the integrity of an audit.
      Audit risk assessment is part of the series of controls which are used to manage the integrity of an audit.