GENSANTOS FOUNDATION COLLEGE, INC.

Bulaong Extension, General Santos City 9500

BSA/BSAT/BSMA Department
AUDITING THEORY (AT) E.J. SEBUA, CPA

[AT-4] AUDIT RISK AND MATERIALITY

(Source: ISA 200, ISA 320 & MiCPAR Review Materials)
Materiality and Audit risk are considered throughout the audit, in particular, when:
a) Identifying and assessing the risks of material misstatements; (ISA 315)
b) Determining the nature, timing, and extent of further audit procedures; and (ISA 330)
c) Evaluating the effects of uncorrected misstatements, if any, on the financial statements and in
forming the opinion in the auditor’s report. (ISA 450 & ISA 700)

AUDIT RISK
AUDIT RISK

Risk that error will occur. Risk that error will occur and not be
detected by the auditor.

Inherent risk Control risk Detection risk

Sampling risk Non- Sampling risk

Sampling Risk in Sampling Risk in

Test of Controls Substantive Test

Audit risk – is the risk that the auditor expresses an inappropriate opinion when the financial statements
are materially misstated. Audit risk is a function of the risks of material misstatement and detection
risk.

Note: Audit risk is a technical term related to the process of auditing; it does not refer to the
auditor’s business risks such a loss from litigation, adverse publicity, or other events arising in
connection with the audit of financial statements.

Risk of material misstatement – is the risk that the financial statements are materially misstated prior
to audit.

 Risk of material misstatement consists of two components, described as follows at the assertion
level:
i) Inherent risk – is the susceptibility of an assertion about a class of transaction, account
balance or disclosure to a misstatement that could be material, either individually or
when aggregated with other misstatements, before consideration of any related
controls.

ii) Control risk – is the risk that a misstatement that could occur in an assertion about a
class of transaction, account balance, or disclosure and that could be material, either
individually or when aggregated with other misstatements, will not be prevented, or
detected, or corrected, on a timely basis by the entity’s internal control.
o Control risk is a function of the effectiveness of the design, implementation, and
maintenance of internal control by management to address identified risks that
threaten the achievement of the entity’s objectives relevant to preparation of
the entity’s financial statements.
o However, internal control, no matter how well designed and operated, can only
reduce, but not eliminate, risks of material misstatements in the financial
statements, because of the inherent limitations of internal control.

Page 1 of 6
Auditing Theory [AT-4] Audit Risk and Materiality

 The auditor needs to consider risks of material misstatement at (1) the overall financial
statement level and at the (2) assertion level for classes of transactions, account balances, and
disclosures.

o Risks of material misstatement at the overall financial statement level refer to risks of
material misstatement that relate pervasively to the financial statements as a whole and
potentially affect many assertions.
o Risks of material misstatement at the assertion level are assessed in order to determine
the nature, timing, and extent of further audit procedures necessary to obtain sufficient
appropriate audit evidence for those accounts or transactions.

o ISA 315 “Identifying and Assessing the Risks of Material Misstatement through
Understanding the Entity and its Environment” establishes requirements and provides
guidance on identifying and assessing the risks of material misstatements at the
financial statement and assertion levels.

Detection risk – is the risk that the procedures performed by the auditor to reduce audit risk to an
acceptably low level will not detect a misstatement that exists and that could be material, either
individually or when aggregated with other misstatements.

 Inherent risk and control risk differ from detection risk in that the former exist independently of
the audit as they are functions of the entity and its environment. The auditor has little control
over these risks. Detection risk, on the other hand, can be controlled by the auditor through the
scope of the audit procedures performed.

 For a given level of audit risk, the acceptable level of detection risk bears an inverse relationship
to the assessed risks of material misstatement at the assertion level.

 Detection risk relates to the nature, timing, and extent of the auditor’s procedures that are
determined by the auditor to reduce audit risk to an acceptably low level. It is therefore a
function of the effectiveness of an audit procedure and of its application by the auditor.

 Detection risk results from two uncertainties/risks that are a function of the effectiveness of
audit procedures and of its application by the auditor:
1) Sampling risk – relates to the fact that many instances, the auditor does not examine
100 percent of the account balance or class of transactions. Because the auditor
examines only a subset of the population, as sample drawn may not represent the
population and the auditor may thus draw a wrong conclusion on the fairness of the
account balance.

2) Non-sampling risk – can occur because:

 The auditor selected an inappropriate procedure
 Misapplied an appropriate audit procedure
 Failed to detect a misstatement when applying an appropriate audit procedure,
or
 Misinterpreted the audit results.

Non-sampling risk can be reduced to a negligible level through:

 Adequate planning,
 Proper assignment of audit staff,
 Supervision and review of the audit work performed,
 The application of professional skepticism, and
 Conduct of a firm’s audit practice in accordance with appropriate quality control
standards.

 ISA 300 “Planning an Audit of Financial Statements” and ISA 330 “The Auditor’s Responses to
Assessed Risks” establish requirements and provide guidance on planning an audit of financial
statements and the auditor’s responses to assessed risks. Detection risk, however, can only be

Page 2 of 6
Auditing Theory [AT-4] Audit Risk and Materiality

reduced, not eliminated, because of the inherent limitations of an audit. Accordingly, some
detection risk will always exist.

The Audit Risk Model (AR = IR x CR x DR)

The assessment of risks is a matter of professional judgment, rather than a matter capable of precise
measurement.
 The determination of audit risk and the use of the audit risk model involve considerable
judgment on the part of the auditor.
 Auditing standards do not provide specific guidance on what is an acceptable level of audit risk.
 The audit risk model assists the auditor in determining the scope of auditing procedures for a
particular account balance or transactions.

 Applying the audit risk model

1) Set a planned level of audit risk
 The auditor sets audit risk for each account balance or class of transactions such
that at the end of the audit, an opinion can be issued on the FS at an acceptable
level of audit risk.

2) Assess inherent risk and control risk

 To assess the two components of risk of material misstatement, the auditor
assesses the entity’s business risk and the risk of material misstatement to
inherent risk and control risk.
 A high assessment for these components indicate there is a high risk that a
material misstatement occurred and was not prevented or detected by the
internal control system.

3) Solve the audit risk equation for the appropriate level of detection risk.
 The auditor determines the appropriate level of detection risk by solving the
audit risk model as follows:
Audit risk
Detection risk =
Inherent risk x Control risk

 The auditor uses the level of detection risk to design the audit procedures that
will reduce audit risk to an acceptable level.
 A low assessment for detection risk implies that the auditor will conduct a more
detailed investigation of this account than if the assessment of detection risk is
high.
 Detection risk has an inverse relationship to inherent risk and control risk. For
example, if an entity’s inherent risk and control risk are judged to be high, the
auditor sets a lower level of detection risk in order to meet the planned level of
audit risk.
 Note that no matter how low the assessed level of inherent risk and control risk,
it is not appropriate to totally eliminate performing substantive procedures
because of the imprecision that may occur in assessing inherent risk and control
risk.

MATERIALITY
The concept of materiality is applied by the auditor both in planning and performing the audit,
and in evaluating the effect of identified misstatements on the audit and of uncorrected
misstatements, if any, on the financial statements and in forming the opinion in the auditor’s
report. (ISA 320, A1)

In planning the audit, the auditor makes judgments about the size of misstatements that will be
considered material. These judgments provide a basis for:
a) Determining the nature, timing and extent of risk assessment procedures;
b) Identifying and assessing the risks of material misstatements; and

Page 3 of 6
Auditing Theory [AT-4] Audit Risk and Materiality

c) Determining the nature, timing and extent of further audit procedures.

The auditor’s consideration of materiality is a matter of professional judgment and is assessed in

terms of the potential effect of a misstatement on decisions made by reasonable users relying
on the financial statements. Materiality is defined by the IASB as:

“Omissions or misstatements of items are material if they could individually or collectively

influence the economic decisions of users taken on the basis of the financial statements.
Materiality depends on the size and the nature of the omission or misstatement judged in the
surrounding circumstances. The size or nature of the item, or a combination of both, could be the
determining factor.”

The phrase “the financial statements present fairly in all material respects” in the auditor’s
standard audit report communicates the notion of materiality to the users of the auditor’s
report.

Requirements of ISA 320

1. When establishing the overall audit strategy, the auditor shall determine materiality for the
financial statements as a whole.
Determining materiality involves the exercise of professional judgment. A percentage is
often applied to a chosen benchmark as a starting point in determining materiality for
the financial statements as a whole.

Factors that may affect the identification of an appropriate benchmark include the
following:
 The elements of financial statements;
 Whether there are items on which the attention of the users of the particular
entity’s financial statements tends to be focused (for example, for the purpose
of evaluating financial performance users may tend to focus on profit, revenue,
or net assets);
 The nature of the entity, where the entity is in its life cycle, and the industry and
economic environment in which the entity operates;
 The entity’s ownership structure and the way it is financed.
 The relative volatility of the benchmark.

Examples of benchmarks that may be appropriate, depending on the circumstances of

the entity, include:
 Categories of reported income such as profit before tax,
 Total revenue,
 Gross profit and total expenses,
 Total equity or net asset value.

Profit before tax from continuing operations is often used for profit-oriented
entities.

When profit before tax from continuing operations is volatile, other benchmarks
may be more appropriate, such as gross profit or total revenues.

2. If applicable, the auditor shall also determine the materiality level or levels to be applied to
particular classes of transactions, account balances or disclosures.
 Applicable if, in the specific circumstances of the entity, there is one or more particular
classes of transactions, account balances, or disclosures for which misstatements of
lesser amounts than materiality for the financial statements as a whole could reasonably
be expected to influence the economic decisions of users taken on the basis of financial
statements.
 Factors that may indicate the existence of one or more particular classes of transactions,
account balances or disclosures for which misstatements of lesser amounts than
materiality for the financial statements taken as a whole could reasonably be expected

Page 4 of 6
Auditing Theory [AT-4] Audit Risk and Materiality

to influence the economic decisions of users taken on the basis of the financial
statements including the following:
o Whether law, regulation, or the applicable financial reporting framework affect
user’s expectations regarding the measurement or disclosure of certain items
(for example, related party transactions, and the remuneration of management
and those charged with governance).
o The key disclosures in relation to the industry in which the entity operates (for
example, research and development costs for a pharmaceutical company).
o Whether attention is focused on a particular aspect of the entity’s business that
is separately disclosed in the financial statements (for example, a newly
acquired business).

3. The auditor shall determine performance materiality for purposes of assessing the risks of
material misstatements and determining the nature, timing, and extent of further audit
procedures.
 Planning the audit solely to detect individually material misstatements overlooks the
fact that the aggregate of individually immaterial misstatements may cause the financial
statements to be materially misstated, and leaves no margin for possible undetected
misstatements.
 Performance materiality means the amount or amounts set by the auditor at less than
materiality for the financial statements as a whole to reduce to an acceptably low level
the probability that the aggregate of uncorrected and undetected misstatements
exceeds materiality for the financial statements taken as a whole.
 If applicable, performance materiality also refers to the amount or amounts set by the
auditor at less than the materiality level or levels for particular classes of transactions,
account balances or disclosures.

4. Revision as the Audit Progresses. The auditor shall revise materiality for the financial
statements as a whole (and, if applicable, the materiality level or levels for particular classes of
transactions, account balances or disclosures) in the event of becoming aware of information
during the audit that would have caused the auditor to have determined a different amount(s)
initially.
 Materiality may need to be revised as a result of a change in circumstances that
occurred during the audit (for example, a decision to dispose of a major part of the
entity’s business), new information, or a change in the auditor’s understanding of the
entity and its operations as a result of performing further audit procedures.

5. Documentation. The auditor shall include in the audit documentation the following amounts
and the factors considered in their determination:
a) Materiality for the financial statements as a whole;
b) If applicable, the materiality level or levels for particular classes of transactions, account
balances or disclosures;
c) Performance materiality; and
d) Any revisions of (a) – (c) as the audit progresses.

Practical Steps in applying Materiality

Step 1: Establish a preliminary judgment about materiality
The preliminary judgment about materiality is the maximum amount by which the auditor
believes the financial statements could be misstated and still not affect the decisions of reasonable
users.
In establishing materiality for an audit, the auditor should consider both quantitative and
qualitative aspects of the engagement.

The resulting materiality amount can then be adjusted for any qualitative factors that may be
relevant to the engagement. The auditor would generally use a percentage at the lower end of the
range if any of the following factors are present:

Page 5 of 6
Auditing Theory [AT-4] Audit Risk and Materiality

 First-year engagement  Material misstatements in prior years

 Known material weaknesses in controls  Potential for fraud or illegal acts
 Significant management turnover  Small amounts may violate covenants in a loan agreement
 Unusually high market pressures  Small amounts may affect trends in earnings
 Higher than normal fraud risk  Small amounts may cause the entity to miss forecasted
revenue or earnings.
 Higher than normal risk of bankruptcy in
the near term

Step 2: Determine the tolerable misstatement

Tolerable misstatement is the amount of planning materiality that is allocated to an account or
class of transactions.

The auditor’s purpose in allocating a portion of the preliminary judgment about materiality is to
plan the scope of audit procedures for the individual account balance or class of transactions.
As with overall materiality, there are qualitative factors that must be considered in determining
tolerable misstatements. Examples are:
 The size and complexity of the account
 The importance of changes in the account to key performance indicators.
 Debt covenants
 Meeting published forecasts or estimates

In conjunction with qualitative factors, common computational benchmarks used in practice to

determine tolerable misstatements are 2% to 15% of the account (but never greater than
materiality) or 50% to 75% of preliminary or planning materiality. This results in an allocation of
combined tolerable misstatements that is greater than materiality.

Step 3: Estimate likely misstatement and compare totals to the preliminary judgment about
materiality
Step 3 is completed near the end of the audit, when the auditor evaluates all the evidence that
has been gathered.

Based on the results of the audit procedures conducted, the auditor aggregates misstatements
from each account or class of transactions. The aggregate amount includes known and likely
misstatements. Likely misstatements are typically projections based on the sample data
collected.

The auditor compares the aggregated uncorrected misstatements to the preliminary judgment
about materiality:
 When the uncorrected misstatement is less than the planned judgment about
materiality, the auditor can conclude that the financial statements are fairly presented.
 When the uncorrected misstatement is greater than the planned judgment about
materiality, the auditor should request that the client adjust the financial statements. If
the client refuses to adjust the financial statements, the auditor should issue a qualified
or adverse opinion.
--------------------------------------------- ---------------------------------
--------
*END OF AT-4 MATERIAL*

Page 6 of 6