The purpose of the risk assessment standards is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and relevant assertion levels. The standards help firms gain an understanding of the entity and its environment, including the entity’s internal control, thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement. Nevertheless, the risk assessment can be challenging for auditors and partners alike and for a surprising reason: inefficient methodology.

I’ve encountered some practitioners who are uncertain of the value of the time needed to perform a risk assessment. They appreciate the theory of the standards, but may not know how to leverage risk assessments given the firm’s existing methodology. Firms have an excellent opportunity to improve audit quality by identifying significant risks and tailoring the audit plan to respond to those risks. Gleaning the core information out of a risk assessment and performing more efficient and effective audits just takes four simple steps:

1. Understand Your Client and the Client’s Environment
2. Understand Internal Control
3. Hold a Brainstorming Meeting
4. Summarize the Audit Risk Assessment

For more details, check out in the detailed whitepaper: The Risk Assessment Auditing Standards: How to Efficiently and Effectively Comply on Smaller and Less Complex Audit Engagements.

Charles E. Landes, CPA, Vice President of Professional Standards and Services, American Institute of CPAs. 

Related articles

• Why Financial Statement Preparation is Proposed to Be a Nonattest Service (aicpa.org)
• 3 Things You Need to Know About Clarified Standards (aicpa.org)