[section separator="true"]
[section-item 9]
[row]
[column 12]
[toc-this]
Definition
Inherent risk is the risk, related to the nature of the activities, operations and management structures that deviations will occur which, if not prevented or detected and corrected by the internal control arrangements, will result in the entity's objectives in terms of reliability and legality/regularity not being achieved.
Instructions
Inherent risk is estimated by the auditor, based on his/her understanding of the entity and its environment.
The auditor should make a preliminary assessment of inherent risk at the overall level (e.g. as regards the policy area or entity as a whole) in order to identify risk areas specific to the audit that must be taken into account when planning and carrying out audit procedures. The auditor should assess inherent risk to be High or Not High. In areas where inherent risk is high, assurance is needed that control risk is being managed adequately.
Significant risks
The auditor should determine which of the inherent risks identified are, in his/her judgement, risks that require special audit consideration - significant risks. For such risks, the auditor should obtain an understanding of the relevant internal controls. If appropriate controls do not exist for significant risks, this may indicate a material weakness in the entity's internal control.
Areas of significant risk can include transactions that:
Resources
[link title="List%20of%20inherent%20risk%20factors" link="%2Faware%2FDocuments%2FInherent-risk-factors-list.docx" icon="file-word-o" /]
[/toc-this]
[/column]
[/row]
[/section-item]
[section-item 3]
[row]
[column 12][/column]
[/row]
[row]
[column 12]
[toc fixed="true" selectors="h2%2Ch3" class="basic-toc" /]
[/column]
[/row]
[/section-item]
[/section]