5001 Introduction
Sep-2022

CAS Objective

The objective of the auditor is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement (CAS 315.11).

CAS Guidance

Risks of material misstatement are identified and assessed by the auditor in order to determine the nature, timing and extent of further audit procedures necessary to obtain sufficient appropriate audit evidence. This evidence enables the auditor to express an opinion on the financial statements at an acceptably low level of audit risk (CAS 315.A184).

Information gathered by performing risk assessment procedures is used as audit evidence to provide the basis for the identification and assessment of the risks of material misstatement. For example, the audit evidence obtained when evaluating the design of identified controls and determining whether those controls have been implemented in the control activities component, is used as audit evidence to support the risk assessment. Such evidence also provides a basis for the auditor to design overall responses to address the assessed risks of material misstatement at the financial statement level, as well as designing and performing further audit procedures whose nature, timing and extent are responsive to the assessed risks of material misstatement at the assertion level, in accordance with CAS 330 (CAS 315.A185).

Definitions

CAS Requirement

For purposes of the CASs, the following terms have the meanings attributed below (CAS 315.12):

a. Assertions— Representations, explicit or otherwise, with respect to the recognition, measurement, presentation and disclosure of information in the financial statements which are inherent in management representing that the financial statements are prepared in accordance with the applicable financial reporting framework. Assertions are used by the auditor to consider the different types of potential misstatements that may occur when identifying, assessing and responding to the risks of material misstatement.

b. Business risk—A risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect an entity's ability to achieve its objectives and execute its strategies, or from the setting of inappropriate objectives and strategies.

f. Inherent risk factors—Characteristics of events or conditions that affect susceptibility to misstatement, whether due to fraud or error, of an assertion about a class of transactions, account balance or disclosure, before consideration of controls. Such factors may be qualitative or quantitative, and include complexity, subjectivity, change, uncertainty or susceptibility to misstatement due to management bias or other fraud risk factors insofar as they affect inherent risk.

h. Relevant assertions—An assertion about a class of transactions, account balance or disclosure is relevant when it has an identified risk of material misstatement. The determination of whether an assertion is a relevant assertion is made before consideration of any related controls (i.e., the inherent risk).

j. Risk assessment procedures—The audit procedures designed and performed to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels.

k. Significant class of transactions, account balance or disclosure—A class of transactions, account balance or disclosure for which there is one or more relevant assertions.

l. Significant risk—An identified assessed risk of material misstatement:

i. For which the assessment of inherent risk is close to the upper end of the spectrum of inherent risk due to the degree to which inherent risk factors affect the combination of the likelihood of a misstatement occurring and the magnitude of the potential misstatement should that misstatement occur; or

ii. That is to be treated as a significant risk in accordance with the requirements of other CASs.

For purposes of the CASs, the following terms have the meanings attributed below (CAS 240.12):

a. Fraud – An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage.

b. Fraud risk factors – Events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud.

5000 series of topics

OAG Guidance

This section of OAG Audit explains:

  • The risk assessment procedures and related activities we are required to perform (OAG Audit 5011).

  • Develop initial expectations about risks of material misstatement (OAG Audit 5012) including the use of risk assessment analytical review procedures (OAG Audit 5012.2).

  • The procedures we perform to obtain an understanding of the entity and its environment (OAG Audit 5021), including scalability (OAG Audit 5029).

The requirements relating to understanding and evaluating internal control (OAG Audit 5031).

  • The identification of risks at the financial statement and FSLI assertion level risks (OAG Audit 5041).
  • Financial statement assertions and their role in the audit (OAG Audit 5042).
  • The process of assessing identified risks, including determining the two levels of inherent risk (OAG Audit 5043.2 and OAG Audit 5043.3).

Fraud risk is explained in OAG Audit 5500.