Inherent risk

Inherent risk

Inherent risk

Inherent risk is estimated by the auditor, based on his/her understanding of the entity and its environment.
Compliance audit Financial audit
Planning
Ref: 14.130

Definition

Inherent risk is the risk, related to the nature of the activities, operations and management structures that deviations will occur which, if not prevented or detected and corrected by the internal control arrangements, will result in the entity's objectives in terms of reliability and legality/regularity not being achieved.

Instructions

Inherent risk is estimated by the auditor, based on his/her understanding of the entity and its environment. The auditor should make a preliminary assessment of inherent risk at the overall level (e.g. as regards the policy area or entity as a whole) in order to identify risk areas specific to the audit that must be taken into account when planning and carrying out audit procedures. The auditor should assess inherent risk to be High or Not High. In areas where inherent risk is high, assurance is needed that control risk is being managed adequately.

Significant risks

The auditor should determine which of the inherent risks identified are, in his/her judgement, risks that require special audit consideration - significant risks. For such risks, the auditor should obtain an understanding of the relevant internal controls. If appropriate controls do not exist for significant risks, this may indicate a material weakness in the entity's internal control. Areas of significant risk can include transactions that:
  • are complex (for example involving complex calculations or accounting principles),
  • are unusual, non-routine, or outside the normal course of business (less likely to be subject to controls),
  • involving third parties;
  • involving greater manual intervention for data collection and processing;
  • are subject to a high degree of subjectivity in their measurement (requiring estimates and assumptions, or the exercise of judgement by auditee management – e.g. accruals and provisions);
  • have the potential for fraud.

Resources

List of inherent risk factors
Last Modified: 25/03/2021 15:49   Tags: