Audit Risk and Business Risk
We saw in earlier studies that audit risk is often categorized as the product of inherent risk, control risk and detection risk.
Auditors should consider business risk in three ways:
(i) By enquiring into and assessing business risk, thereby gaining an excellent knowledge of the business. This is a basic requirement in all audit engagements.
(ii) By helping their clients to recognize, assess and respond to risk – by welcoming it, ignoring it, managing it, eliminating it, developing a recovery plan, insuring against it etc. This can be a lucrative source of fees. They may also help to eliminate or mange risk, which reduces audit risk in the future.
(iii) By seeing the connection between audit risk and business risk and the risk of misstatement in the financial statements, which focuses the audit or risks likely to lead to possible misstatement.