《{企业风险管理}审计过程—风险评估过程ppt99页》由会员分享,可在线阅读,更多相关《{企业风险管理}审计过程—风险评估过程ppt99页(99页珍藏版)》请在金锄头文库上搜索。
1、第八章 审计过程风险评估过程,“After Equity Funding and the Cohen Commission, the professionrebuffed societys calls for heightened fraud detection responsibilities,but its different this time. We are in a new era where auditors need tobe more responsible for detecting fraud.” Paraphrased from comments by Greg Scat
2、es,Associate Chief Auditor,PCAOB Symposium, December 9, 2004.,第八章 目录,1、风险基础审计概述 2、签约风险管理 3、审计风险管理,风险基础审计概述,风险基础审计的意义 经营风险基础审计的基本特征 风险的本质 经营风险基础审计的基本流程,财务报表审计的目标和一般原则,第十三条 注册会计师按照审计准则的规定执行审计工作,能够对财务报表整体不存在重大错报获取合理保证。 第十四条 由于审计中存在的固有限制影响注册会计师发现重大错报的能力,注册会计师不能对财务报表整体不存在重大错报获取绝对保证。,合理保证的意义,原因:人的有限认知能力和审
3、计的固有局限性 意味:社会所要求水平的保证 等式:合理保证(%)=绝对保证(100%) 审计风险(%),风险基础审计方式,风险基础审计方式就是审计人将审计风险降至可接受的低水平,使得为审计意见提供合理基础的“合理水平”保持在高水平之上的审计方式。,Business risk-based auditing,基本思路:重大财务报表错报的根源在于被审计企业的经营风险 基本概念:审计是一个证据形成、基于判断的风险评估过程 Ernst & Young:“全球审计方法”(Global Audit Methodology:GAM)审计模式 KPMG:“经营评估过程”(Business Measurement
4、 Process:BMP),基本特征,多方位的风险概念 多元化的信息源 自上而下方式 注重分析经营风险的影响,Four critical components of risk, 企业风险(Enterprise risk) 影响企业实现其战略目标的不确定性。 财务报告风险(Financial reporting risk)与记录交易以及财务报表披露直接相关的风险。 签约风险(Engagement risk)与某个特定的客户签订审计业务约定而带来的风险。 审计风险(Audit risk) 审计人在实施审计时没能发现财务报表存在重大错报,结果发表了错误审计意见的风险。,证据构架工具,软件工具(sof
5、tware tools) 核对表(checklist) 模板(templet) 产业和经济统计等大型数据库 其他信息源,Top-down approach,合伙人或者项目经理参与以审计计划过程为中心的整个审计业务 对高层次控制的评价,比如,直接与经营者讨论企业的风险管理问题,例子,现实中的经营风险 对企业持续能力的影响,图表9-1 基本流程,修改审计计划,Risk-based approach to auditing,了解客户的风险管理过程 了解客户的经营业务及其面临的风险 根据所识别的风险估计账户余额和财务结果; 评估风险管理中内部控制的质量; 确定剩余风险,更新对账户余额的估计; 通过实施
6、必要的账户余额直接测试以管理账户余额错报风险。,COSO defines ERM as a,一个由一个单位的董事会、经营者和其他成员实施的,应用于战略制定并贯穿于整个企业、旨在识别可能影响该单位的潜在事项,管理风险使其控制在风险容量之内,并为单位目标的实现提供合理保证的过程 。,Understanding ERM Process -1,了解客户的风险评估过程 复核内部审计所使用的风险基础审计方法 与经营者讨论他们的风险管理方式,复核企业的报酬政策以观察其是否符合企业的风险政策 复核风险管理的文件等,Understanding ERM Process-2,If,The company has s
7、trong risk management processes ,the auditor may focus on testing controls and developing corroborative evidence on account balances.,If,The company does not have a comprehensive risk process, the auditor will assess engagement risk as high, set audit risk at a lower level, and increase direct testi
8、ng.,Key Business Processes,关键性业务 影响关键性业务的行业因素 经营者管理这些关键性业务的方式 关键性业务可能产生的经营效果和财务效果,Business Risk,因企业的内部因素和影响企业活动的不确定的外部因素对企业的发展和经营成果以及持续经营造成的危险。 基本相等地影响所有企业的宏观层次的风险。 只影响某个行业或某个企业的微观层次的风险。,Business Risk,前者如经济不景气、通货膨胀、高利率、战争、石油价格的高涨、政局不稳、技术革新、经济封锁等; 后者如原材料价格的上涨、周转资金不足、罢工、消费动向的变化、诉讼、政府管制、债务保证、或有损失、合同不履行
9、、子公司或联营企业的经营恶化、被投资企业收益下降、购货企业或者供货企业的破产等。,Sources of Information,智能代理(Intelligent agents) 知识管理系统(Knowledge management systems) 在线搜索(Online searches) 电子数据收集及检索系统(Electronic research- Electronic data gathering and retrieval system:EDGAR ) 经济统计(Economic statistics) 专业手册(Professional practice bulletins)
10、股票分析报告(Stock analysts reports)等,Sources of Information,审计人还可以通过与经营者和前任审计 人沟通、阅读前期审计工作底稿和客户的预 算、视察生产车间和业务部门、复核数据处 理中心、阅读重要的债务条款和董事会记 录、确认政府的相关法律以及客户的有关法 律责任获得关键性业务的信息。,Developing Expectations,The auditor should use information about the companys key processes and risks to develop expectations about i
11、ts account balances and performance These expectations are compared to recorded book values to identify misstatements,Sources of data commonly used,Financial information for prior periods Expected or planned results from budgets and forecasts Comparison of linked accounts (such as interest expense a
12、nd debt) Ratios of financial information (such as common-size financial statements) Company and industry trends Relevant non-financial information,These expectations should be,Developed independently of management Documented, along with a rationale for the expectations Communicated to all audit team
13、 members,Techniques commonly used,Trend analysis Comparative financial statements (horizontal analysis) Common-sized financial statements (vertical analysis) Ratio analysis,What are the purposes of preliminary analytical procedures?,- understanding the clients industry - assessing going concern issu
14、es - indicating possible misstatements - reducing detailed tests,Examples of key performance indicators,Backlog of work in progress Amount of return items Increased disputes regarding accounts receivable or accounts payable Surveys of customer satisfaction Employee absenteeism Decreased productivity
15、 Information processing errors Increased delays in important processes,Residual risk,The remaining risk after management has taken action to alter the risks likelihood or impact.,Linkage to direct tests of account balances,If the auditor concludes there is a high risk of material misstatement audito
16、r must Set materiality at an appropriate level Use procedures appropriate for the level risk to examine the account balance,The auditor is required to assess the appropriateness of the accounting methods used by management Guidelines to evaluate appropriateness include: Representational faithfulness - does the accounting reflect the economic substance of the transactions Consistency of appl
